www.vat19.com Open in urlscan Pro
2606:4700:10::ac43:72d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vat19.com/category/Office
Submission: On October 04 via manual (October 4th 2021, 9:49:19 pm UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 19 domains to perform 108 HTTP transactions. The main IP is 2606:4700:10::ac43:72d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vat19.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2021. Valid for: a year.

This is the only time www.vat19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:10:... 2606:4700:10::ac43:72d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	143.204.98.128 143.204.98.128	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
108	28

24 2606:4700:10::ac43:72d (United States)

ASN13335 (CLOUDFLARENET, US)

www.vat19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.vat19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-128.fra50.r.cloudfront.net

hello.zonos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

forms.aweber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	google.com 1 redirects apis.google.com accounts.google.com adservice.google.com www.google.com play.google.com Failed	395 KB
24	vat19.com www.vat19.com images.vat19.com	471 KB
9	gstatic.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com	51 KB
7	youtube.com www.youtube.com	128 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	googlesyndication.com a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	16 KB
5	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	139 KB
4	zonos.com hello.zonos.com	43 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	121 KB
3	aweber.com forms.aweber.com	10 KB
3	bing.com bat.bing.com	10 KB
2	google.de adservice.google.de www.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	47 KB
2	cloudflare.com cdnjs.cloudflare.com	8 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googletagservices.com www.googletagservices.com	26 KB
108	19

	Domain	Requested by
16	images.vat19.com	www.vat19.com
12	apis.google.com	www.vat19.com apis.google.com accounts.google.com www.youtube.com www.google.com
10	www.google.com	1 redirects apis.google.com www.vat19.com www.google.com
8	www.vat19.com	www.vat19.com ajax.googleapis.com
7	www.youtube.com	apis.google.com www.youtube.com
6	ssl.gstatic.com	accounts.google.com www.vat19.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	hello.zonos.com	www.vat19.com hello.zonos.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.vat19.com
3	forms.aweber.com	www.vat19.com forms.aweber.com
3	bat.bing.com	www.vat19.com bat.bing.com
3	ajax.googleapis.com	www.vat19.com
2	fonts.gstatic.com	fonts.googleapis.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.vat19.com
2	tpc.googlesyndication.com	www.vat19.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	www.googleadservices.com www.vat19.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.vat19.com connect.facebook.net
2	cdnjs.cloudflare.com	www.vat19.com
2	www.googletagmanager.com	www.vat19.com www.googletagmanager.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	www.google.de	www.vat19.com
1	www.googleadservices.com	www.googletagmanager.com
1	a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	accounts.google.com	apis.google.com
1	static.cloudflareinsights.com	www.vat19.com
1	www.googletagservices.com	www.vat19.com
0	play.google.com Failed	www.google.com
108	31

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-15` - `2021-10-13`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
zonos.com Amazon	`2021-09-07` - `2022-10-06`	a year	crt.sh
*.aweber.com GeoTrust RSA CA 2018	`2021-01-29` - `2022-03-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.vat19.com/category/Office
Frame ID: C6122A080275A0AAC7AF7E0F2BA77440
Requests: 86 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 4F67BF5C450A9B4BF9C1363FDE905B21
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 0428547BE03A7808E6A101A72D98ED24
Requests: 4 HTTP requests in this frame

Frame: https://a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 64CB9B739F350547A8CE7FAFC444B367
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 913A6807FA7758F5967EEBF892353C73
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: A72D7EEB4DD6E5B5B1A56014F78B3851
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Aweber (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

\.aweber\.com/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

108
Requests

97 %
HTTPS

85 %
IPv6

19
Domains

31
Subdomains

28
IPs

2
Countries

1686 kB
Transfer

4380 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CiED22nZbYbnYCsPv3wPMkJX4BobD_Pxj1qi4meUN4c2i5M0aEAEg8NXmH2CVuoCCmAegAa_s898CyAEBqQJs9lyJqn6zPuACAKgDAcgDCqoE-gFP0NYVup3Tl8AoDKLIoUGS7pbEyGLF_tdy00p_4Tz9c4BW-hJLtO85QhtszonbKyxs5Q3LbjLXHGAZwDkJTE0b2A90mqTyMZ62aHTFtc_1pxIDsgCB6DW6-BUnJs_lv88QC3H_f1JGMEvji5CdY0nxryZgEY9aYE5HcZCZ1wMJGY_A1QR1VWZVVx27zbR8m7AvE1Yt-QFLNdNrW9davAoymMgCRyFYLD144iJyGUNmSDnWhurCqAG78eCOZKfdBtpqgWdePeumCnhjOdzpZ1WDEUfeWGXOPmGsC13pbYa0UmAXtqS28XRZQoNtfj070pJ-ra0Lr4D5EdGawATSpqnv-wLgBAGAB7mTjKABqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB2xCZ_2M3i2DlwqgAoBmAsByAsBuAwB2BMM0BUBmBYBgBcB&ae=1&num=1&sig=AOD64_0gJ0PjbzGi9EGmxQ_uE5_Y0V2smA&client=ca-pub-7636038504806449&nb=1&adurl=https://enence.com/articles/make-language-barriers-disappear%3Flyl%3D1%26pmt%3Dkl%26l%3Dde%26c%3Deur%26vndr%3Denegie%26cmpid%3D5ee0c0907d26ee0001ccafdb%26sub1%3D%7Blpurl%7D%26sub2%3D%26sub3%3D%26sub4%3D101970498386%26sub5%3D519835965821%26sub6%3D10262830294%26sub7%3Dc%26sub8%3Dnone%26sub9%3Dd%26sub10%3Dwww.vat19.com%26ref_id%3DEAIaIQobChMIua2qkt6x8wIVw_d3Ch1MSAVvEAEYASAAEgLVH_D_BwE%26subid3%3D10262830294%26gclid%3DEAIaIQobChMIua2qkt6x8wIVw_d3Ch1MSAVvEAEYASAAEgLVH_D_BwE
Title: enence.com

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CiED22nZbYbnYCsPv3wPMkJX4BobD_Pxj1qi4meUN4c2i5M0aEAEg8NXmH2CVuoCCmAegAa_s898CyAEBqQJs9lyJqn6zPuACAKgDAcgDCqoE-gFP0NYVup3Tl8AoDKLIoUGS7pbEyGLF_tdy00p_4Tz9c4BW-hJLtO85QhtszonbKyxs5Q3LbjLXHGAZwDkJTE0b2A90mqTyMZ62aHTFtc_1pxIDsgCB6DW6-BUnJs_lv88QC3H_f1JGMEvji5CdY0nxryZgEY9aYE5HcZCZ1wMJGY_A1QR1VWZVVx27zbR8m7AvE1Yt-QFLNdNrW9davAoymMgCRyFYLD144iJyGUNmSDnWhurCqAG78eCOZKfdBtpqgWdePeumCnhjOdzpZ1WDEUfeWGXOPmGsC13pbYa0UmAXtqS28XRZQoNtfj070pJ-ra0Lr4D5EdGawATSpqnv-wLgBAGAB7mTjKABqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB2xCZ_2M3i2DlwqgAoBmAsByAsBuAwB2BMM0BUBmBYBgBcB&ae=1&num=1&sig=AOD64_0gJ0PjbzGi9EGmxQ_uE5_Y0V2smA&client=ca-pub-7636038504806449&nb=0&adurl=https://enence.com/articles/make-language-barriers-disappear%3Flyl%3D1%26pmt%3Dkl%26l%3Dde%26c%3Deur%26vndr%3Denegie%26cmpid%3D5ee0c0907d26ee0001ccafdb%26sub1%3D%7Blpurl%7D%26sub2%3D%26sub3%3D%26sub4%3D101970498386%26sub5%3D519835965821%26sub6%3D10262830294%26sub7%3Dc%26sub8%3Dnone%26sub9%3Dd%26sub10%3Dwww.vat19.com%26ref_id%3DEAIaIQobChMIua2qkt6x8wIVw_d3Ch1MSAVvEAEYASAAEgLVH_D_BwE%26subid3%3D10262830294%26gclid%3DEAIaIQobChMIua2qkt6x8wIVw_d3Ch1MSAVvEAEYASAAEgLVH_D_BwE
Title: Tragbarer Sofortübersetzer

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CiED22nZbYbnYCsPv3wPMkJX4BobD_Pxj1qi4meUN4c2i5M0aEAEg8NXmH2CVuoCCmAegAa_s898CyAEBqQJs9lyJqn6zPuACAKgDAcgDCqoE-gFP0NYVup3Tl8AoDKLIoUGS7pbEyGLF_tdy00p_4Tz9c4BW-hJLtO85QhtszonbKyxs5Q3LbjLXHGAZwDkJTE0b2A90mqTyMZ62aHTFtc_1pxIDsgCB6DW6-BUnJs_lv88QC3H_f1JGMEvji5CdY0nxryZgEY9aYE5HcZCZ1wMJGY_A1QR1VWZVVx27zbR8m7AvE1Yt-QFLNdNrW9davAoymMgCRyFYLD144iJyGUNmSDnWhurCqAG78eCOZKfdBtpqgWdePeumCnhjOdzpZ1WDEUfeWGXOPmGsC13pbYa0UmAXtqS28XRZQoNtfj070pJ-ra0Lr4D5EdGawATSpqnv-wLgBAGAB7mTjKABqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB2xCZ_2M3i2DlwqgAoBmAsByAsBuAwB2BMM0BUBmBYBgBcB&ae=1&num=1&sig=AOD64_0gJ0PjbzGi9EGmxQ_uE5_Y0V2smA&client=ca-pub-7636038504806449&nb=8&adurl=https://enence.com/articles/make-language-barriers-disappear%3Flyl%3D1%26pmt%3Dkl%26l%3Dde%26c%3Deur%26vndr%3Denegie%26cmpid%3D5ee0c0907d26ee0001ccafdb%26sub1%3D%7Blpurl%7D%26sub2%3D%26sub3%3D%26sub4%3D101970498386%26sub5%3D519835965821%26sub6%3D10262830294%26sub7%3Dc%26sub8%3Dnone%26sub9%3Dd%26sub10%3Dwww.vat19.com%26ref_id%3DEAIaIQobChMIua2qkt6x8wIVw_d3Ch1MSAVvEAEYASAAEgLVH_D_BwE%26subid3%3D10262830294%26gclid%3DEAIaIQobChMIua2qkt6x8wIVw_d3Ch1MSAVvEAEYASAAEgLVH_D_BwE
Title: Mehr

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAAXbW1tbW3RydWUsWzIxXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxbWyJIb25nS29uZyBBZFRpZ2VyIE1lZGlhIENvLiwgTGltaXRlZCIsIkhLIiwxLG51bGwsMV1dXSxbbnVsbCwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DaUVEMjJuWmJZYm5ZQ3NQdjN3UE1rSlg0Qm9iRF9QeGoxcWk0bWVVTjRjMmk1TTBhRUFFZzhOWG1IMkNWdW9DQ21BZWdBYV9zODk4Q3lBRUJxUUpzOWx5SnFuNnpQdUFDQUtnREFjZ0RDcW9FLWdGUDBOWVZ1cDNUbDhBb0RLTElvVUdTN3BiRXlHTEZfdGR5MDBwXzRUejljNEJXLWhKTHRPODVRaHRzem9uYkt5eHM1UTNMYmpMWEhHQVp3RGtKVEUwYjJBOTBtcVR5TVo2MmFIVEZ0Y18xcHhJRHNnQ0I2RFc2LUJVbkpzX2x2ODhRQzNIX2YxSkdNRXZqaTVDZFkwbnhyeVpnRVk5YVlFNUhjWkNaMXdNSkdZX0ExUVIxVldaVlZ4Mjd6YlI4bTdBdkUxWXQtUUZMTmROclc5ZGF2QW95bU1nQ1J5RllMRDE0NGlKeUdVTm1TRG5XaHVyQ3FBRzc4ZUNPWktmZEJ0cHFnV2RlUGV1bUNuaGpPZHpwWjFXREVVZmVXR1hPUG1Hc0MxM3BiWWEwVW1BWHRxUzI4WFJaUW9OdGZqMDcwcEotcmEwTHI0RDVFZEdhd0FUU3BxbnYtd0xnQkFHQUI3bVRqS0FCcUFmdzJSdW9CX0xaRzZnSGpzNGJxQWVUMkJ1b0I3b0dxQWZ1bHJFQ3FBZlZ5UnVvQjZhLUc2Z0g4OUVicUFlVzJCdW9CNnFic1FLb0I5LWZzUUxZQndIU0NBa0lpT0dBRUJBQkdCMnhDWl8yTTNpMkRsd3FnQW9CbUFzQnlBc0J1QXdCMkJNTTBCVUJtQllCZ0JjQlx1MDAyNnNpZ2g9b2VsaXNOVVV1eW9cdTAwMjZjaWQ9Q0FRU1BnQ05JckxNTXpFQndYdkkxY21xSUFyVlpJNF9Dd2phMnVRS25JZ0xmU0h4Rlh4enB1ZGZ2cG5haUtlQVRXemthXzdpUXRxaDRjVGpsbVhtT1dZVCIsW251bGwsbnVsbCxudWxsLCJodHRwczovL2Rpc3BsYXlhZHMtZm9ybWF0cy5nb29nbGV1c2VyY29udGVudC5jb20vYWRzL3ByZXZpZXcvY29udGVudC5qcz9jbGllbnQ9d3RhXHUwMDI2b2JmdXNjYXRlZEN1c3RvbWVySWQ9NzM5MzgxNzU2OVx1MDAyNmNyZWF0aXZlSWQ9NTE5ODM1OTY1ODIxXHUwMDI2dmVyc2lvbklkPTBcdTAwMjZhZEdyb3VwQ3JlYXRpdmVJZD00NzM4NDE5MzEzNTBcdTAwMjZodG1sUGFyZW50SWQ9cHJldi0wXHUwMDI2aGVpZ2h0PTkwXHUwMDI2d2lkdGg9NzI4XHUwMDI2c2lnPUFDaVZCX3diZEl2YlJ6Sk54UTRMTUhqSkwtZkd0R2c5UGciXSxudWxsLG51bGwsMSwia01nbHhCcVF3dDBJMXFpNG1lVU5FTmE1MlowbUdPblBxYUFCSWdwbGJtVnVZMlV1WTI5dE1nZ0lCUk1ZenEwV0ZFSVhZMkV0Y0hWaUxUYzJNell3TXpnMU1EUTRNRFkwTkRsSUJWZ0JjQUdvQVFFIiwiMTAyNjI4MzAyOTQiXV1dLFsxLDEsMSwxXV0zRAucHP3ud90ThITflwLJBR48RBRgBz8J_g9rLIM_1sPcPi2RB60y6oRIRI1Y8J-4BAt3w9x6EkfWxHHUuBtVAZyrE3WuHknO_t1F6CROjhSIcuaNdbphP7p-VzJU5ToA_mRCG00ZSfIP4Mv-T33alDVRBV1xhdZztFH7B__omLI3lVQx4dBORzn4bcRO1P2PLRAldcYi9CKNOoiAhQPtOdvkh_L9pvUI-38t5vuRCo0FnDjR1ePVzLNaqBEDPazRM9QBidYoljWcIW5-MNACJfoLKYMH4absvTfLYJZqqptn3FOs-H9nJVF-qgn0q9WUU6-8nw9nVGFJs7xJLM-d,qcYFTd9GuYbQn4Zz7nIwbA&source=display

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

108 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Office Show response
www.vat19.com/category/ 87 KB
14 KB 604ms
571ms Document
text/html 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13de60045d4e46f9d5f7a568f5e6dff77214808217fc6a2abda5caabb186d7fa

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

:method: GET
:authority: www.vat19.com
:scheme: https
:path: /category/Office
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 04 Oct 2021 21:49:12 GMT
content-type: text/html;charset=UTF-8
set-cookie: AWSALB=bVPGCfi5L+BxhxtCFKjcuhG9ZjtYN3hYcjl6faJ1FBqdGYY4gC5PTAm+Oxp4UdnFyd5MLJBvYY1aP3cBoilYY+gYjQGgi8DwcSXUmHfQIlvPvxsE02btXN0ELPJt; Expires=Mon, 11 Oct 2021 21:49:12 GMT; Path=/ AWSALBCORS=bVPGCfi5L+BxhxtCFKjcuhG9ZjtYN3hYcjl6faJ1FBqdGYY4gC5PTAm+Oxp4UdnFyd5MLJBvYY1aP3cBoilYY+gYjQGgi8DwcSXUmHfQIlvPvxsE02btXN0ELPJt; Expires=Mon, 11 Oct 2021 21:49:12 GMT; Path=/; SameSite=None; Secure cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188;Path=/;Expires=Sun, 24-Oct-2021 23:27:16 UTC;HTTPOnly cftoken=0;Path=/;Expires=Sun, 24-Oct-2021 23:27:16 UTC;HTTPOnly CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D;Path=/;Expires=Wed, 03-Nov-2021 21:49:12 UTC;HTTPOnly
cache-control: private
vary: User-Agent
x-aspnet-version: 4.0.30319
x-content-type-options: Nosniff
x-frame-options: Deny
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69919e668cf605b3-FRA
content-encoding: gzip

GET
H2 200 glyphicons-halflings-regular.woff
www.vat19.com/resources/assets/css/fonts/ 23 KB
23 KB 548ms
547ms Font
font/x-woff 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/resources/assets/css/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

sec-fetch-mode: cors
origin: https://www.vat19.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: AWSALB=bVPGCfi5L+BxhxtCFKjcuhG9ZjtYN3hYcjl6faJ1FBqdGYY4gC5PTAm+Oxp4UdnFyd5MLJBvYY1aP3cBoilYY+gYjQGgi8DwcSXUmHfQIlvPvxsE02btXN0ELPJt; AWSALBCORS=bVPGCfi5L+BxhxtCFKjcuhG9ZjtYN3hYcjl6faJ1FBqdGYY4gC5PTAm+Oxp4UdnFyd5MLJBvYY1aP3cBoilYY+gYjQGgi8DwcSXUmHfQIlvPvxsE02btXN0ELPJt; cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188; cftoken=0; CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D
:path: /resources/assets/css/fonts/glyphicons-halflings-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.vat19.com
referer: https://www.vat19.com/category/Office
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vat19.com/category/Office
Origin: https://www.vat19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Thu, 11 Apr 2019 01:44:37 GMT
server: cloudflare
etag: W/"fe84f11e8f0d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: Deny
content-type: font/x-woff
set-cookie: AWSALB=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/ AWSALBCORS=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/; SameSite=None; Secure
cf-ray: 69919e6a3ac805b3-FRA
vary: User-Agent, Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-232234-1

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42cc82a686de1b1009d6181c41f8ec9f3b0223d602151acf1a92ed376abf3ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39216
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Oct 2021 21:49:12 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 75ms
34ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=renderBadge

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

589c98d4ee10435fae2920138fa7b5e4079e659c65ff1602acc2891a3bd60b5f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lzj/AoA4rnZQxgLmymLv9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "8a0b0f8937d235156844fc532887071b"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-lzj/AoA4rnZQxgLmymLv9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Mon, 04 Oct 2021 21:49:13 GMT

GET
H2 200 desktop.css
www.vat19.com/includes/css/ 122 KB
37 KB 522ms
521ms Stylesheet
text/css 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/css/desktop.css?ver=44471.72004054398

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1abebc9e740246bb7c887b36929a0b5912497c1726311b085e6423e949a3159d

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

:path: /includes/css/desktop.css?ver=44471.72004054398
pragma: no-cache
cookie: AWSALB=bVPGCfi5L+BxhxtCFKjcuhG9ZjtYN3hYcjl6faJ1FBqdGYY4gC5PTAm+Oxp4UdnFyd5MLJBvYY1aP3cBoilYY+gYjQGgi8DwcSXUmHfQIlvPvxsE02btXN0ELPJt; AWSALBCORS=bVPGCfi5L+BxhxtCFKjcuhG9ZjtYN3hYcjl6faJ1FBqdGYY4gC5PTAm+Oxp4UdnFyd5MLJBvYY1aP3cBoilYY+gYjQGgi8DwcSXUmHfQIlvPvxsE02btXN0ELPJt; cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188; cftoken=0; CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vat19.com
referer: https://www.vat19.com/category/Office
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/category/Office
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Mon, 20 Sep 2021 02:00:25 GMT
server: cloudflare
etag: "8082df46c3add71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: Deny
content-type: text/css
set-cookie: AWSALB=eQ7bSZC50TRCws2cPiVeGH3cOvs7FA3ZwHMupB8lok9MQoJfd/H9i5Pbj2F1z+Rkn58Hp7eaxsVm8nazDLepz+YREmUC0mh1tJ3xJ+PxmQUd4BI3VCYmic4zWGIH; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/ AWSALBCORS=eQ7bSZC50TRCws2cPiVeGH3cOvs7FA3ZwHMupB8lok9MQoJfd/H9i5Pbj2F1z+Rkn58Hp7eaxsVm8nazDLepz+YREmUC0mh1tJ3xJ+PxmQUd4BI3VCYmic4zWGIH; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
cf-ray: 69919e6a3acd05b3-FRA
vary: Accept-Encoding,User-Agent
content-length: 36975

GET
H2 200 jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/ 26 KB
27 KB 32ms
8ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/jquery-ui.min.css

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bf036c5cf44011f5d8e6838f864f5d66b787d59f74e1fcb5f68afe777252555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 12:02:52 GMT
x-content-type-options: nosniff
age: 121580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27102
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Mon, 03 Oct 2022 12:02:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 73 KB
26 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d645cc3d33b3137a7b585a016bb472fc1c26ec91f6d37d53b6d7cd8b3c0d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1006 / 453 of 1000 / last-modified: 1633345678"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25719
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Oct 2021 21:49:13 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 31ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 957754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 948
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHV7ixlpq7NE1Sacpdhg0a523%2Fzz9RgNMzQqzJEcouJI1TKLuBNViDnqf4JLBi5QmpYWIkTYa7I6ivzjuUl%2FjJlL7%2ByPezOSBfKDZ9seWOd08t%2BcPpwdrFf%2FcOnesEVB5CDs1EKlpkwI4uRgRcv%2Bk9oj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69919e6a5fd20609-FRA
expires: Sat, 24 Sep 2022 21:49:12 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 31ms
29ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 441305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1%2F26VxmHCE6hti2h0RuHkIBmV8vFXz32dp3jWlcI5wKIvMGe60J3%2Bp%2BiNGjq7Lv8UGTCHvrKPaTRd5HsyRtcmKWbN5A0nyhC50cllVORcF6DwZEPUgv3%2F2hJaWRDWZv2kNa0g5EUihV%2FNyHjrIqk1wj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69919e6dbc580609-FRA
expires: Sat, 24 Sep 2022 21:49:13 GMT

GET
H2 200 vat19-logo-tag.png
images.vat19.com/branding/ 13 KB
14 KB 58ms
24ms Image
image/png 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/branding/vat19-logo-tag.png
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe27e4e87ba11f6d9cc9ec52d3fc60218581748ef1a41d0c9a7eca2321f7ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 14229041
x-cache: Hit from cloudfront
content-length: 13713
last-modified: Wed, 24 Sep 2014 18:56:54 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33188/mtime:1411509474/atime:1411514251/md5:9a71c0494b7e24fdca5d3ca1658be953/ctime:1411509474
etag: "9a71c0494b7e24fdca5d3ca1658be953"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 69919e6defef05b3-FRA
x-amz-cf-id: RIksK-71I_n5KGf_3qKBnbB726lybjGPBSevLL9IX-gZcyN-fACNsw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 49ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: WhoHgfb/brSPSTL3okphOlxoR8Wf6wkH5cXxOoRar/qI4vAUzG3QLxEizZ5qXfetIrxzn9jk1b5BORtyYcVEWw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 04 Oct 2021 21:49:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 99ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref: Ref A: DD3A6241C8AF4F0692AE35A4C4321D01 Ref B: FRAEDGE1410 Ref C: 2021-10-04T21:49:13Z
etag: "080879d5b3d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9985

GET
H2 200 pumpkin-spice-cotton-candy.jpg
images.vat19.com/covers/large/ 17 KB
17 KB 60ms
27ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/pumpkin-spice-cotton-candy.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5907d7f9b5cc0c49c3ffc9ed61a64f9aac3deb4fc598307dff50bdb9c9aaf0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 177153
x-cache: Miss from cloudfront
x-edge-origin-shield-skipped: 0
content-length: 17206
last-modified: Sat, 02 Oct 2021 20:19:10 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1633205947/ctime:1633205946/gid:0/gname:wheel/md5:6e3d7e9b67fe4cb79cb084276b245ebe/mode:33188/mtime:1633205946/uid:501/uname:jamiesalvatori
etag: "6e3d7e9b67fe4cb79cb084276b245ebe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 69919e6deff205b3-FRA
x-amz-cf-id: kjkwa6a2mrbMO6d9mRi_-sYrR29YjM-hJlECrhfq3WaEACdHVMmTaQ==
cf-bgj: h2pri

GET
H2 200 mighty-carver.jpg
images.vat19.com/covers/large/ 30 KB
31 KB 65ms
32ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/mighty-carver.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03bc2eea568c3f0be8f3f9668d416de90b9dade23e324322ff98650acf7ad690

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 177153
x-cache: Miss from cloudfront
x-edge-origin-shield-skipped: 0
content-length: 31168
last-modified: Sat, 02 Oct 2021 20:10:22 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1633205410/ctime:1633205409/gid:0/gname:wheel/md5:1e7fc1f05ea518108e9e1bd4b2c8aec9/mode:33188/mtime:1633205409/uid:501/uname:jamiesalvatori
etag: "1e7fc1f05ea518108e9e1bd4b2c8aec9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 69919e6deff005b3-FRA
x-amz-cf-id: PKKIKh-2iI7NExx7La7DZSwQGmOj3XjY350VFU-K49DZd_nG103x4A==
cf-bgj: h2pri

GET
H2 200 gag-gift-puzzles.jpg
images.vat19.com/covers/large/ 26 KB
26 KB 62ms
29ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/gag-gift-puzzles.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f42f8b499e2ac688bd130c88729af91f3431298e6337353c8b8e25bf632b5386

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 192032
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 26617
last-modified: Sat, 02 Oct 2021 14:57:48 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1633186664/ctime:1633186663/gid:0/gname:wheel/md5:a406c91390080940c22901dee1de14e3/mode:33188/mtime:1633186663/uid:501/uname:jamiesalvatori
etag: "a406c91390080940c22901dee1de14e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
cf-ray: 69919e6deff105b3-FRA
x-amz-cf-id: bvVm8kpEgegEX2DKyyqvLO-l9MVmp3cYvWOeu1q0eSEeT-ybrAKA4Q==
cf-bgj: h2pri

GET
H2 200 plant-life-support.jpg
images.vat19.com/covers/large/ 19 KB
19 KB 23ms
22ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/large/plant-life-support.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d944591e213eb61c4c6cf2b910178677e6d278366721e03e5a6603bb74c5062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 835325
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 19431
last-modified: Sat, 25 Sep 2021 03:38:58 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1632541135/ctime:1632541133/gid:0/gname:wheel/md5:11b297884213846900a797585940e6ee/mode:33188/mtime:1632541133/uid:501/uname:jamiesalvatori
etag: "11b297884213846900a797585940e6ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 69919e6deff405b3-FRA
x-amz-cf-id: p-BGcAd8uQZskBC-FXsPzNZjZ1UW8PgnwnKXUMnc_Tc_gm48bMP3eg==
cf-bgj: h2pri

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 93ms
46ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gkrgDsZ794xsVWJwy7fjcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-gkrgDsZ794xsVWJwy7fjcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Mon, 04 Oct 2021 21:49:13 GMT

GET
H2 200 payment-options-2021.jpg
images.vat19.com/branding/ 7 KB
7 KB 22ms
20ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/branding/payment-options-2021.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7e2783e7a3c4f80ab5079dd75ad63fe3289cc6bf49c55a5c20fbb177e8d3b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 ee2b06ec36961da809e0377705d74e05.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 3851
x-cache: Hit from cloudfront
content-length: 6667
last-modified: Fri, 01 Jan 2021 14:48:42 GMT
server: cloudflare
etag: "c7747cefa3ca89b6424a7660ebbad35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
cf-ray: 69919e6deff505b3-FRA
x-amz-cf-id: 8y4ULbXDw9JNYkQcYJHepcbxzD54ZqOK9kkd3Wl9JcmOKDLadAb3dw==
cf-bgj: h2pri

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 11:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 04 Oct 2022 11:28:01 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/ 223 KB
60 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 01:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61441
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 02 Oct 2022 01:23:17 GMT

GET
H2 200 runtime.js Show response
www.vat19.com/includes/js/ 6 KB
2 KB 383ms
379ms Script
application/javascript 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/js/runtime.js?var=44471.72004054398

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3144a9e82a3cf97b3a279b7a6435fb7fd14b44fda86f730cbcb48b8a39662ac

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

:path: /includes/js/runtime.js?var=44471.72004054398
pragma: no-cache
cookie: cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188; cftoken=0; CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D; AWSALB=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk; AWSALBCORS=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vat19.com
referer: https://www.vat19.com/category/Office
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/category/Office
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Mon, 30 Sep 2019 04:16:07 GMT
server: cloudflare
etag: "805dcc84577d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: Deny
content-type: application/javascript
set-cookie: AWSALB=geI8wfKlqnxgeLEjoWG+I+80f05YARNPH70xPgHCZh/wZc0ahg22UWDO1NO+EV/EYGNVEAmyU1c0F2fsxflYW9JchzTlBAph18CzlS6nCAzZrGvIuPktxdKf3iXd; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/ AWSALBCORS=geI8wfKlqnxgeLEjoWG+I+80f05YARNPH70xPgHCZh/wZc0ahg22UWDO1NO+EV/EYGNVEAmyU1c0F2fsxflYW9JchzTlBAph18CzlS6nCAzZrGvIuPktxdKf3iXd; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
cf-ray: 69919e6dbf9105b3-FRA
vary: Accept-Encoding,User-Agent
content-length: 1678

GET
H2 200 vendor.js Show response
www.vat19.com/includes/js/ 2 KB
1 KB 418ms
415ms Script
application/javascript 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/js/vendor.js?var=44471.72004054398

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2646648be0b548a20b39bf19ba3112b51f1ca40556e1b27b4b6507e60602ea09

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

:path: /includes/js/vendor.js?var=44471.72004054398
pragma: no-cache
cookie: cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188; cftoken=0; CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D; AWSALB=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk; AWSALBCORS=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vat19.com
referer: https://www.vat19.com/category/Office
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/category/Office
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Mon, 30 Sep 2019 04:16:07 GMT
server: cloudflare
etag: W/"93b46dc84577d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: Deny
content-type: application/javascript
set-cookie: AWSALB=7Lmt8Uv1WHvJe1PRJ0u51F4TZHnUaqj1HBe3USeLLgFlBHj3dw0oGgDLc7RAjVjuvGgisyytC1CcXZtKO7JW+cjTjgt6NGqPvlrcrN1wU+Qyc8jr4zVBHb011Gkw; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/ AWSALBCORS=7Lmt8Uv1WHvJe1PRJ0u51F4TZHnUaqj1HBe3USeLLgFlBHj3dw0oGgDLc7RAjVjuvGgisyytC1CcXZtKO7JW+cjTjgt6NGqPvlrcrN1wU+Qyc8jr4zVBHb011Gkw; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/; SameSite=None; Secure
cf-ray: 69919e6dbf9405b3-FRA
vary: User-Agent, Accept-Encoding

GET
H2 200 desktop.js Show response
www.vat19.com/includes/js/ 370 KB
123 KB 509ms
507ms Script
application/javascript 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/js/desktop.js?var=44471.72004054398

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b1718540d6c402af7352ec8479a5ed7b67a0798d7391dba96a9c21ec19ad72

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

:path: /includes/js/desktop.js?var=44471.72004054398
pragma: no-cache
cookie: cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188; cftoken=0; CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D; AWSALB=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk; AWSALBCORS=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vat19.com
referer: https://www.vat19.com/category/Office
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/category/Office
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Fri, 17 Sep 2021 03:18:29 GMT
server: cloudflare
etag: "80f083af72abd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: Deny
content-type: application/javascript
set-cookie: AWSALB=gyBxMZuqA/1U7kzDatfLaNfZYZVuL56NHT10zda7WqfMCoWBmEfl3NYIswMOCKyKt0ndUZCRLmlF6ZoTtkmri8D8WYy34XWa45MVGzSgfg7tVFyk2VNTkON+bjO8; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/ AWSALBCORS=gyBxMZuqA/1U7kzDatfLaNfZYZVuL56NHT10zda7WqfMCoWBmEfl3NYIswMOCKyKt0ndUZCRLmlF6ZoTtkmri8D8WYy34XWa45MVGzSgfg7tVFyk2VNTkON+bjO8; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
cf-ray: 69919e6dbf9605b3-FRA
vary: Accept-Encoding,User-Agent
content-length: 125657

GET
H2 200 hello.js Show response
hello.zonos.com/ 95 KB
33 KB 73ms
13ms Script
application/javascript 143.204.98.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/hello.js?siteKey=1XD8502DGYE4G
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-128.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e4889f3ed01aef83b485adfb93ceec52b64379bc64005a4b0db320c45d59fe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:46:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Jun 2021 16:43:10 GMT
server: AmazonS3
age: 161
etag: W/"c47ae69e4f28be69cc5d9daabf36bcde"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control: max-age=300
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RsIa_2AvncwX5gPu_x4stLWMdvNNAlgwQ98ochLKTs_li2kSo6Azsg==

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 90ms
52ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69919e6e4e2c1f2d-FRA

GET
H2 200 glyphicons-halflings-regular.woff
www.vat19.com/includes/fonts/ 23 KB
23 KB 470ms
470ms Font
font/x-woff 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/includes/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/includes/css/desktop.css?ver=44471.72004054398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

sec-fetch-mode: cors
origin: https://www.vat19.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188; cftoken=0; CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D; AWSALB=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk; AWSALBCORS=I/9ZVSDzLRn3wt1LVRB7PfEBGi2a1T6lKaovD2RAyrrn/gTlTtJCOMBHY0WcBN5FaZb5vLYl+BlII2CouI7Q6BH+jtSoa8Ohzz8jj+jLVr3f54xg+OmzlHRHBknk
:path: /includes/fonts/glyphicons-halflings-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.vat19.com
referer: https://www.vat19.com/includes/css/desktop.css?ver=44471.72004054398
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vat19.com/includes/css/desktop.css?ver=44471.72004054398
Origin: https://www.vat19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: BYPASS
last-modified: Sat, 02 Mar 2019 23:00:25 GMT
server: cloudflare
etag: W/"1a97feb84bd1d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: Deny
content-type: font/x-woff
set-cookie: AWSALB=PMHXYz00WXJONBVZbAdXbWwp4edQx0Srv2U8RQbFm9eqVP+WA+Up8/e8xy8Yp8R1iMpZf4Y6a88CZIuX00QH10DFWyzOSfNeFufB6za6M9rtYAGu7RTpzUT/5cn2; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/ AWSALBCORS=PMHXYz00WXJONBVZbAdXbWwp4edQx0Srv2U8RQbFm9eqVP+WA+Up8/e8xy8Yp8R1iMpZf4Y6a88CZIuX00QH10DFWyzOSfNeFufB6za6M9rtYAGu7RTpzUT/5cn2; Expires=Mon, 11 Oct 2021 21:49:13 GMT; Path=/; SameSite=None; Secure
cf-ray: 69919e6dbf9c05b3-FRA
vary: User-Agent, Accept-Encoding

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 social-media-links-2021-b.gif
images.vat19.com/css/ 5 KB
6 KB 20ms
19ms Image
image/gif 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/css/social-media-links-2021-b.gif
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/includes/css/desktop.css?ver=44471.72004054398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b8be8c25719394710df817ab48974da459912c0dc98bc177285d584751ac3e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 9408619
x-cache: Hit from cloudfront
content-length: 5357
last-modified: Sat, 30 Jan 2021 00:15:05 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1611965694/ctime:1611965693/gid:20/gname:staff/md5:67f4555755029e469a27173f3e6c2016/mode:33188/mtime:1611965693/uid:502/uname:jamiesalvatori
etag: "67f4555755029e469a27173f3e6c2016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 69919e6e082d05b3-FRA
x-amz-cf-id: YbkNiJJ3c580eHhMbCFRR4o343hGheAfK_dnUPNV7bTbyHqzGENfYA==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.47

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: 2t+jXditHQyOoi027zkvxSNz8P0pXYveKf/1bB9nnomGEc87D55hJ/W/vD2knZXLgmhyJMcGxW61/FuB8j9JuA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 04 Oct 2021 21:49:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET 1740066219549239
connect.facebook.net/signals/config/ 0
0

GET
H2 204 5222252.js Show response
bat.bing.com/p/action/ 0
109 B 206ms
205ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5222252.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Oct 2021 21:49:12 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 69E7940589144347B32C5E7241E9FD49 Ref B: FRAEDGE1410 Ref C: 2021-10-04T21:49:13Z
x-cache: CONFIG_NOCACHE

GET
H2 200 country Show response
hello.zonos.com/api/ 2 KB
1 KB 37ms
14ms XHR
application/json 143.204.98.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/api/country?siteKey=1XD8502DGYE4G
Requested by: Host: hello.zonos.com
URL: https://hello.zonos.com/hello.js?siteKey=1XD8502DGYE4G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-128.fra50.r.cloudfront.net
Software: /
Resource Hash: fe815e84a92814bbcc127b2a42ca1f0db4a25de3cbc0241fe65248eb35e490a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:41:06 GMT
content-encoding: gzip
age: 487
x-amzn-requestid: 40b67353-aa0e-4132-87e2-638e9f829e5b
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1200
x-amzn-trace-id: Root=1-615b74f2-4057e838053d7b910d71cb38;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-apigw-id: Gs818EyqIAMF3PA=
x-amz-cf-id: SvyheOSatl9jkWMQ-cpZIazYm_HHYLi_wnzYvVkqewOKJtH1YCqENA==
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)

GET
H2 200 1773698566.js Show response
forms.aweber.com/form/66/ 18 KB
5 KB 39ms
9ms Script
application/x-javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.aweber.com/form/66/1773698566.js
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 283a8eadbdecc3d7e75093d0ce062d7f460cca792bbdacab6081c3dbe62ad979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:13 GMT
via: 1.1 varnish
referrer-policy: no-referrer-when-downgrade
age: 2503
p3p: policyref="http://www.aweber.com/w3c/p3p.xml", CP="NOI DSP COR NID IND"
x-served-by: cache-fra19145-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
content-encoding: gzip
accept-ranges: bytes
x-timer: S1633384154.991548,VS0,VE0
content-length: 4794
x-cache-hits: 1

GET
H2 200 pubads_impl_2021092201.js Show response
securepubads.g.doubleclick.net/gpt/ 336 KB
118 KB 48ms
23ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120420
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 08:37:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Oct 2021 21:49:14 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 productsForAutoSuggest Show response
www.vat19.com/index.cfm/ajax/ 50 KB
19 KB 547ms
547ms XHR
application/json 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vat19.com/index.cfm/ajax/productsForAutoSuggest

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c5d5d2e24e91868c2b8090c0bdc6d7857016291ca0ca6bf086fb0ab8e76bcdb

Security Headers

Name	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: cfid=b7281340-12ac-40e3-8c70-9ff6c33c3188; cftoken=0; CARTSESSIONID=59A91948-1D3B-46DB-B4275884E951F00D; AWSALB=gyBxMZuqA/1U7kzDatfLaNfZYZVuL56NHT10zda7WqfMCoWBmEfl3NYIswMOCKyKt0ndUZCRLmlF6ZoTtkmri8D8WYy34XWa45MVGzSgfg7tVFyk2VNTkON+bjO8; AWSALBCORS=gyBxMZuqA/1U7kzDatfLaNfZYZVuL56NHT10zda7WqfMCoWBmEfl3NYIswMOCKyKt0ndUZCRLmlF6ZoTtkmri8D8WYy34XWa45MVGzSgfg7tVFyk2VNTkON+bjO8
:path: /index.cfm/ajax/productsForAutoSuggest
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.vat19.com
referer: https://www.vat19.com/category/Office
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.vat19.com/category/Office
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: Nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: Deny
content-type: application/json;charset=utf-8
cache-control: private
set-cookie: AWSALB=kDDbEUt3hvhyupb4EPcjOxy/zMvNLgQvSTDT/jepENqvGRsWEsDw9tc7B4vVwBytxUFNJDwOCOU6jrZZ1rvXwggIHeMlYbYxXAZJbg74wTs9S2OTrxzUeYWgxigX; Expires=Mon, 11 Oct 2021 21:49:14 GMT; Path=/ AWSALBCORS=kDDbEUt3hvhyupb4EPcjOxy/zMvNLgQvSTDT/jepENqvGRsWEsDw9tc7B4vVwBytxUFNJDwOCOU6jrZZ1rvXwggIHeMlYbYxXAZJbg74wTs9S2OTrxzUeYWgxigX; Expires=Mon, 11 Oct 2021 21:49:14 GMT; Path=/; SameSite=None; Secure
cf-ray: 69919e726e9705b3-FRA
vary: User-Agent

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 123 KB
43 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c454787c0accdace277d4e5ab3bcd8dc36e24bfbc1bd230ac862acd6e723251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 01:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43429
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 01:00:18 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 119 KB
41 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderBadge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d227f434c837561ebe77c064f6ae65323fbccbc7cb20a90b9f44ac9b4156a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41524
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Tue, 04 Oct 2022 18:13:48 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 4F67 2 KB
2 KB 62ms
37ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderBadge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a6be21de781d05f60a66e2ee79b3f5dc261351ae486bba870da4f0ca0365ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vat19.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 04 Oct 2021 21:49:14 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Ijj7eOgb2ws; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Tue, 08-Jan-2019 21:49:14 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+640; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 0
bat.bing.com/action/ 0
173 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5222252&Ver=2&mid=bf4f8b06-8ce5-47d8-82c0-d9c1d416e644&sid=ea4fb6d0255c11eca19e57344900bf66&vid=ea4fd330255c11ec8856796ce77596b5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vat19.com%3A%20Office&p=https%3A%2F%2Fwww.vat19.com%2Fcategory%2FOffice&r=&lt=1938&evt=pageLoad&msclkid=N&sv=1&rn=786024
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Oct 2021 21:49:13 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 35FB1E4FCAED41F2B8C49ADCE469A5F3 Ref B: FRAEDGE1410 Ref C: 2021-10-04T21:49:14Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 giant-stress-ball.jpg
images.vat19.com/covers/medium/ 13 KB
14 KB 23ms
22ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/giant-stress-ball.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5b5b493f7785be25710247be64c567a8fd5e89e52b85747da43fb91ab4ac61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 14222442
x-cache: Hit from cloudfront
content-length: 13799
last-modified: Fri, 20 Oct 2017 19:33:48 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33188/mtime:1508528014/atime:1508528027/md5:5a56d049d1b6602d35f37df2329878f7/ctime:1508528014
etag: "5a56d049d1b6602d35f37df2329878f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 69919e728eda05b3-FRA
x-amz-cf-id: snakvN5q0IDh4Z_4ZbKf38VtnGUzl8QP3Bmbz8HMraItYimOgUEItg==
cf-bgj: h2pri

GET
H2 200 feather-pen-set.jpg
images.vat19.com/covers/medium/ 14 KB
14 KB 29ms
28ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/feather-pen-set.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ed0c4826e9164ca8ac6039530165ab680091f7c79cec6c713472f4dfa0825a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 950478
x-cache: Hit from cloudfront
content-length: 14334
last-modified: Tue, 13 Sep 2011 16:22:07 GMT
server: cloudflare
etag: "d0024140247776fa940a597bc9882a1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2052000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 69919e728edc05b3-FRA
x-amz-cf-id: fE3UxU0zxKjBXLEGiBxKDv8-J_XZq5-JDSWtscuwm6cmhqMXaiwRmw==
cf-bgj: h2pri

GET
H2 200 stress-buster-desktop-punching-bag.jpg
images.vat19.com/covers/medium/ 11 KB
12 KB 19ms
18ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/stress-buster-desktop-punching-bag.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3500a31527e28dc6b1c0c29f0a8301212d84216b4cf6b0f8e8acb36dcd3b8643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: UTF-8
cf-cache-status: HIT
age: 952553
x-cache: Hit from cloudfront
content-length: 11631
last-modified: Fri, 21 Feb 2014 15:17:32 GMT
server: cloudflare
etag: "6455fd609677c52aed4492cd48d43e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
cf-ray: 69919e728edd05b3-FRA
x-amz-cf-id: WM7C5GEoCXqHMhIHOOfRiVamEqX87uAJQ5XUjzKaiZXuJO6kIW5Isg==
cf-bgj: h2pri

GET
H2 200 metal-pen-beta.jpg
images.vat19.com/covers/medium/ 8 KB
9 KB 17ms
17ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/metal-pen-beta.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210b979dc04bced7a0b52a99652558e30c43e6d40d2ce30e0296b7a35613d798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1866339
x-cache: Hit from cloudfront
content-length: 8546
last-modified: Tue, 13 Sep 2011 16:22:39 GMT
server: cloudflare
etag: "a2466cd393180d7466654749266b010e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2052000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 69919e728ee005b3-FRA
x-amz-cf-id: fARCl3-ZfN9GrpIIPRykqhKWNmUiwLckeLttETEcroD8CsU-C100sQ==
cf-bgj: h2pri

GET
H2 200 usb-plasma-ball.jpg
images.vat19.com/covers/medium/ 9 KB
9 KB 38ms
38ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/usb-plasma-ball.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79bc6e39be16638ba615f8a96a29cbea0c1b30ff74ea3dc835916fd4d5cbc19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 144112
x-cache: Hit from cloudfront
content-length: 9400
last-modified: Tue, 13 Sep 2011 16:23:34 GMT
server: cloudflare
etag: "461c09743a5ec3b9ab695e3bec4b8e9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-amz-meta-s3fox-modifiedtime: 1193404683000
x-amz-meta-s3fox-filesize: 9400
cache-control: max-age=2052000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
cf-ray: 69919e728ee105b3-FRA
x-amz-cf-id: J_GLnCqyeJtTSh1nfg5YIxpjmN3G9HBEORc4pJXgDJ2EESotbWZeJQ==
cf-bgj: h2pri

GET
H2 200 otter-tape-dispenser.jpg
images.vat19.com/covers/medium/ 19 KB
20 KB 24ms
24ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/otter-tape-dispenser.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475974696e45eafa372e9ad11a9027f5f54c77d8c00223766c111bb92b9fbade

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 905541
x-cache: Hit from cloudfront
content-length: 19649
last-modified: Mon, 14 Dec 2015 21:01:07 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33188/mtime:1450126856/atime:1450126866/md5:a3b8cac52efd1b778c8faa7e6d0802bc/ctime:1450126856
etag: "a3b8cac52efd1b778c8faa7e6d0802bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 69919e728ee205b3-FRA
x-amz-cf-id: 2G6mZxxy9Num-mGoHEORGRLnXe3A3fDuJ5gLX81UnvOnUsh-ib2Y_Q==
cf-bgj: h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6488
date: Mon, 04 Oct 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 04 Oct 2021 22:01:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1072689069&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

840657d93671ed5069e9bd78e7cb9ff32315bbea422097c77f39558423bbaf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39229
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Oct 2021 21:49:14 GMT

GET
H2 200 translation Show response
hello.zonos.com/api/ 20 KB
5 KB 14ms
14ms XHR
application/json 143.204.98.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/api/translation?c=DE&siteKey=1XD8502DGYE4G
Requested by: Host: hello.zonos.com
URL: https://hello.zonos.com/hello.js?siteKey=1XD8502DGYE4G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-128.fra50.r.cloudfront.net
Software: /
Resource Hash: bdbfad4fe2d45b8b1b6140a1c7721d96961a5acbee02c4ec4aef9c0dab1ea8b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:41:07 GMT
content-encoding: gzip
age: 487
x-amzn-requestid: c344fe2f-ad04-43df-86f9-026cb94b1711
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1200
x-amzn-trace-id: Root=1-615b74f3-23e71c003be62e7e1db9843c;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-apigw-id: Gs82AHOKIAMFZtw=
x-amz-cf-id: 7nWSBtnz38Aj2yIIANROJGUr03APZzW_DsXGk1hfp-R7NL3dt891tg==
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)

GET
H2 200 DE.png
hello.zonos.com/images/flags/ 3 KB
4 KB 14ms
13ms Image
image/png 143.204.98.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hello.zonos.com/images/flags/DE.png
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-128.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 039c1003dfbea8c384ba2b341364c79644c0de83376c779696f4c8c963a45016

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 00:14:20 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Mon, 28 Oct 2019 15:31:11 GMT
server: AmazonS3
age: 423295
etag: "c4661ba58a2e9a500135f7144c4c606e"
x-edge-origin-shield-skipped: 0
content-type: image/png
cache-control: max-age=604800
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-length: 3271
x-amz-cf-id: 57fJ180JmUa6C3pTVFCvOrJbuenqzJ5f-BlUI3kCqSxfv6zhOcFkRA==

GET
H2 200 styled_popovers_and_lightboxes.js Show response
forms.aweber.com/form/ 23 KB
5 KB 7ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.aweber.com/form/styled_popovers_and_lightboxes.js
Requested by: Host: forms.aweber.com
URL: https://forms.aweber.com/form/66/1773698566.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6ff6a16ac137d5016e3a414445fda981c92655b839d57d8881d65f2d4c62a102

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 varnish
age: 3521
x-cache: HIT
p3p: policyref="http://www.aweber.com/w3c/p3p.xml", CP="NOI DSP COR NID IND"
content-encoding: gzip
content-length: 4933
x-served-by: cache-fra19145-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 10 Aug 2021 15:10:47 GMT
x-timer: S1633384154.055558,VS0,VE0
etag: "5b18-5c935e81583b9-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 displays.htm
forms.aweber.com/form/ 43 B
141 B 271ms
271ms Image
image/gif 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forms.aweber.com/form/displays.htm?id=jOzszGycHKxsbA==
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: No-Cache
date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 varnish
referrer-policy: no-referrer-when-downgrade
x-timer: S1633384154.055745,VS0,VE265
x-served-by: cache-fra19145-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://www.aweber.com/w3c/p3p.xml", CP="NOI DSP COR NID IND"
cache-control: No-Cache
accept-ranges: bytes
content-type: image/gif
content-length: 43
x-cache-hits: 0

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 0428 566 B
878 B 44ms
20ms Document
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51948b7ac8e8e25e83f2a7f1bb2b2fe5b12f736ae0d41fd33edf4e36bbd7b3bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e8lWkA3xEScbOObEB9jvdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vat19.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=AnCzCKFCztb91tRrlfu2UwsKBKv7D73d3iyJ_xpk6LzVxdTzx71JCi1g5CQh2KTjCFw9eh0yj0SO8j37Bbu7oYK0kDzRC63ShgigR8VXP6GebWBo1twGXJP7DkgSxtdLXZuVu1zBfXf7kmHbp-We5-6aeH1mycLz5JPzKbtEMlY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 04 Oct 2021 21:49:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-e8lWkA3xEScbOObEB9jvdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=ratingbadge/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 584 B
474 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=ratingbadge/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0f906859c89fbe0e6671f5114ec0ee05c4230c2e1ffad7ed3c4e5a3214fbd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 380
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sun, 02 Oct 2022 14:56:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 42ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vat19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 42ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vat19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
19 KB 445ms
445ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2280282652613665&correlator=3950803579219903&output=ldjh&impl=fifs&vrg=2021092201&ptt=17&sc=1&sfv=1-0-38&ecs=20211004&iu_parts=184899792%2Cvat19bottomleaderboard%2Cvat19categorybar&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C160x600&cookie_enabled=1&bc=31&abxe=1&lmt=1633384154&dt=1633384154136&dlt=1633384152658&idt=1461&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C328&adys=6170%2C1233&adks=3853484998%2C1326068277&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.vat19.com%2Fcategory%2FOffice&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1945%7C224x1585&msz=728x-1%7C160x-1&ga_vid=789336242.1633384154&ga_sid=1633384154&ga_hid=69171013&ga_fc=false&fws=0%2C4&ohw=0%2C1024&btvi=1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cd7c241f0912aa70298f139c3c715d7786afda739d55f1a6719ac0d1c5636e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19012
x-xss-protection: 0
google-lineitem-id: -1,216231752
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,101442231392
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vat19.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 64CB 6 KB
4 KB 54ms
15ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vat19.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 04 Oct 2021 21:49:14 GMT
expires: Tue, 04 Oct 2022 21:49:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 47ms
23ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072689069&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9bedfd1d0c99bb5e2963a5079716c3f6a6faa003da79795ef89edfab425769ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14410
x-xss-protection: 0
server: cafe
etag: 14408451014437220469
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 21:49:14 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 15ms
14ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=69171013&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vat19.com%2Fcategory%2FOffice&ul=en-us&de=UTF-8&dt=Vat19.com%3A%20Office&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1675062754&gjid=1593119272&cid=789336242.1633384154&tid=UA-232234-1&_gid=703215198.1633384154&_r=1&gtm=2oua40&z=282917104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vat19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 21:49:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vat19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 4F67 38 KB
6 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 11:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 28 Sep 2022 11:27:19 GMT

GET
H2 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 4F67 252 KB
72 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=vat19com&layout=default&count=default&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 22:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 02 Oct 2022 22:34:44 GMT

GET
H2 200 badge Show response
www.google.com/shopping/customerreviews/ Frame 913A 22 KB
8 KB 251ms
229ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b379e865d5c309c67c557160cb629d3a608e9034ff2b13720f02940f16622f35

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport script-src 'report-sample' 'nonce-lWK5Xs/0v1BXBf5acSlRBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-lWK5Xs/0v1BXBf5acSlRBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vat19.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=AnCzCKFCztb91tRrlfu2UwsKBKv7D73d3iyJ_xpk6LzVxdTzx71JCi1g5CQh2KTjCFw9eh0yj0SO8j37Bbu7oYK0kDzRC63ShgigR8VXP6GebWBo1twGXJP7DkgSxtdLXZuVu1zBfXf7kmHbp-We5-6aeH1mycLz5JPzKbtEMlY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires: Mon, 04 Oct 2021 21:49:14 GMT
date: Mon, 04 Oct 2021 21:49:14 GMT
cache-control: private, max-age=900
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport script-src 'report-sample' 'nonce-lWK5Xs/0v1BXBf5acSlRBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-lWK5Xs/0v1BXBf5acSlRBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2607672972-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 0428 10 KB
5 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2607672972-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.vat19.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 18:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4308
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 16:12:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Mon, 03 Oct 2022 18:25:17 GMT

GET
H2 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 0428 13 KB
5 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ekPGT0j1GYlbbfXxdaVHLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "9c5a8574bdf283ce8259de0154ce003e"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ekPGT0j1GYlbbfXxdaVHLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Mon, 04 Oct 2021 21:49:14 GMT

GET
H2 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 4F67 156 B
275 B 7ms
7ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 14:29:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 112760
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
expires: Mon, 03 Oct 2022 14:29:54 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 4F67 125 KB
41 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9f422e93eb1cfdf948223882c12a8ba87ab2191ceffaf8689f0bd2b87d3cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41750
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:19:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072689069/ 2 KB
2 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072689069/?random=1633384154212&cv=9&fst=1633384154212&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&ig=1&data=event%3Dpage_view%3Becomm_pagetype%3Dcategory%3Becomm_prodid%3D&frm=0&url=https%3A%2F%2Fwww.vat19.com%2Fcategory%2FOffice&tiba=Vat19.com%3A%20Office&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46bede85eaf7ccf2d49f45d42cd64238a7f9fe792b7640e700be0d048a1dd8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 0428 50 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18128
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sat, 01 Oct 2022 13:30:04 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072689069/ 42 B
569 B 25ms
25ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072689069/?random=1633384154212&cv=9&fst=1633381200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dcategory%3Becomm_prodid%3D&frm=0&url=https%3A%2F%2Fwww.vat19.com%2Fcategory%2FOffice&tiba=Vat19.com%3A%20Office&async=1&fmt=3&is_vtc=1&random=2764577451&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 21:49:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072689069/ 42 B
569 B 44ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072689069/?random=1633384154212&cv=9&fst=1633381200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dcategory%3Becomm_prodid%3D&frm=0&url=https%3A%2F%2Fwww.vat19.com%2Fcategory%2FOffice&tiba=Vat19.com%3A%20Office&async=1&fmt=3&is_vtc=1&random=2764577451&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 21:49:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes_style_bubble/exm=auth,ratingbadge,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 28 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes_style_bubble/exm=auth,ratingbadge,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff15134ad9b477b100ab895c2885932b22f818b5dbdbcba21e5cb3d34ec8f880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 12:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9533
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Mon, 03 Oct 2022 12:20:55 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame A72D 604 B
515 B 42ms
42ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbf6dd4c82f1447e99e8b2b5ff586fd1854092e4d09ba88f74e9f6f30007e70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vat19.com/
accept-encoding: gzip, deflate, br
cookie: YSC=Ijj7eOgb2ws
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 04 Oct 2021 21:49:14 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Tue, 08-Jan-2019 21:49:14 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+405; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
305 B 309ms
8ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 289860
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 01 Oct 2022 13:18:14 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
130 B 310ms
10ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 446745
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Sep 2022 17:43:29 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
406 B 309ms
10ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 20:45:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 90227
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Mon, 03 Oct 2022 20:45:27 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
204 B 308ms
9ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:17:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 581483
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Wed, 28 Sep 2022 04:17:51 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
215 B 307ms
9ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 13:46:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 288138
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 01 Oct 2022 13:46:56 GMT

GET
H2 200 jumbo-paper-clips.jpg
images.vat19.com/covers/medium/ 14 KB
14 KB 32ms
31ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/jumbo-paper-clips.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecb8e8f9f822d109bf1ae0c061a521b0bf9e04d028d7a365ca8f39e5a9d091d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 a0315f0b67e5f02ccce009ce0a219e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1571505
x-cache: Hit from cloudfront
content-length: 14416
last-modified: Tue, 13 Sep 2011 16:22:31 GMT
server: cloudflare
etag: "52d2d40b8e5e2d80cc15d88f4a15a9bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2052000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
cf-ray: 69919e74799105b3-FRA
x-amz-cf-id: qq0TsQNp2bZVhjvj1Iiir5CYEOhTMC8rcEqnkosJTeQranocFATPqg==
cf-bgj: h2pri

GET
H2 200 polar-pen-silver-3.jpg
images.vat19.com/covers/medium/ 7 KB
7 KB 28ms
28ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/polar-pen-silver-3.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1854a0f459fd903d1cf42f9b7b2e1a39b03a616d6a6ea1d649ef02fb78d6bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1872812
x-cache: Hit from cloudfront
content-length: 6873
last-modified: Sat, 03 Dec 2016 00:50:55 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jamiemsalvatori/gid:20/mode:33188/mtime:1480726232/atime:1480726234/md5:f4c0af0c345a23d4582499b57647fc68/ctime:1480726232
etag: "f4c0af0c345a23d4582499b57647fc68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 69919e74799305b3-FRA
x-amz-cf-id: VyM4hbuW2C_Y5404jh2_JI5vOKiKCAxSNxCdEcGHwTiLwiOFsn2GYg==
cf-bgj: h2pri

GET
H2 200 7-year-pen-6.jpg
images.vat19.com/covers/medium/ 9 KB
9 KB 30ms
30ms Image
image/jpeg 2606:4700:10::ac43:72d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.vat19.com/covers/medium/7-year-pen-6.jpg
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:72d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ce797d5c8a94c370f000e2056dee75dd0f79b80453de148148a0b25e7c9ecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
via: 1.1 91a32e5723953e749bbbcb02b608eb88.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 14215977
x-cache: Hit from cloudfront
content-length: 9012
last-modified: Thu, 18 Jun 2020 03:43:02 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1592451781/ctime:1592451779/gid:0/gname:wheel/md5:fbb8a0077a89b6e1d3dbf91deae48ff9/mode:33188/mtime:1592451779/uid:501/uname:jamiesalvatori
etag: "fbb8a0077a89b6e1d3dbf91deae48ff9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
cf-ray: 69919e74799405b3-FRA
x-amz-cf-id: 9Qtp7R-TdOipTsiEeeo2hr9K9xH9gReiJ7WipsSOmAX286ZO8rcTvg==
cf-bgj: h2pri

GET
H2 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame A72D 9 KB
3 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 11:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 28 Sep 2022 11:27:20 GMT

GET
H2 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame A72D 149 KB
44 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCDRbNGFusqlXX4a5vwi9ouQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 05:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 02 Oct 2022 05:18:11 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame A72D 125 KB
41 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9f422e93eb1cfdf948223882c12a8ba87ab2191ceffaf8689f0bd2b87d3cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41750
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:19:43 GMT

POST
H2 204 cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame 913A 0
439 B 131ms
130ms Other
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iEmy50rCBboG2YAgFcPo9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-iEmy50rCBboG2YAgFcPo9A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 21:49:14 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-iEmy50rCBboG2YAgFcPo9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-iEmy50rCBboG2YAgFcPo9A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/am=AoA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=A... Frame 913A 146 KB
52 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/am=AoA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkRAVLHENG2kFMAShMLpAx2jzBnYeg/m=_b,_tp

Requested by

Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=1582361&position=BOTTOM_RIGHT&hl=en_US&origin=https%3A%2F%2Fwww.vat19.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8323798e0a5dfb3e43d2c7fa95284f6c799fa12b0e013e580215b2a5d54bba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52145
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 02:04:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires: Tue, 04 Oct 2022 15:41:43 GMT

GET
H2 200 no_rating.png
www.gstatic.com/verifiedreviews/en/ Frame 913A 2 KB
2 KB 32ms
8ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/verifiedreviews/en/no_rating.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 15:00:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 24532
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1551
x-xss-protection: 0
expires: Tue, 04 Oct 2022 15:00:22 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jl... Frame 913A 36 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jlNwtJ7zRA.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkRI9aszyxZ-dHnwi55Gce4Th_mnjQ/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/am=AoA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkRAVLHENG2kFMAShMLpAx2jzBnYeg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e2100dd924552b00e685ad8a045754a704a0ca3250bacd897bf29a77ab4829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 15:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13492
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 02:08:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires: Tue, 04 Oct 2022 15:42:16 GMT

GET
H2 200 m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jl... Frame 913A 60 KB
21 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jlNwtJ7zRA.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkRI9aszyxZ-dHnwi55Gce4Th_mnjQ/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/am=AoA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkRAVLHENG2kFMAShMLpAx2jzBnYeg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96882c18c51e619fcac4dd2eab9a99efcfc7da72d75bb578a79124fc66ed4c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 15:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21104
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 02:08:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires: Tue, 04 Oct 2022 15:42:16 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 913A 12 KB
5 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jlNwtJ7zRA.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkRI9aszyxZ-dHnwi55Gce4Th_mnjQ/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd6fc870cdb3257ef57d431bec0c36302f6ebf108508b90516aee9678f8be6be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-skjnKTIU7el1xdxvdPEWdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "2166c10732b0739d47bb7146e4459365"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-skjnKTIU7el1xdxvdPEWdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Mon, 04 Oct 2021 21:49:14 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 913A 125 KB
41 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9f422e93eb1cfdf948223882c12a8ba87ab2191ceffaf8689f0bd2b87d3cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41750
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 29 Sep 2022 16:19:43 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jl... Frame 913A 28 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jlNwtJ7zRA.L.B1.O/am=AoA/d=1/exm=IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,_b,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkRI9aszyxZ-dHnwi55Gce4Th_mnjQ/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/am=AoA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkRAVLHENG2kFMAShMLpAx2jzBnYeg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c05372f52ed693053c18bcec3ca1f9df7312d05b1a7a4689cb5b1d42775c78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 16:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11653
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 02:08:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires: Tue, 04 Oct 2022 16:11:23 GMT

GET
H2 200 m=lwddkf,EFQ78c Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jl... Frame 913A 5 KB
2 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.8jlNwtJ7zRA.L.B1.O/am=AoA/d=1/exm=FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkRI9aszyxZ-dHnwi55Gce4Th_mnjQ/m=lwddkf,EFQ78c

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.sHeYishCP1U.es5.O/am=AoA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkRAVLHENG2kFMAShMLpAx2jzBnYeg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c552155471a2b3af8c50e851ff4bd60aa12e2511607e132e8edfff6736c4c3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 15:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2128
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 02:08:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires: Tue, 04 Oct 2022 15:42:16 GMT

POST log
play.google.com/ Frame 913A 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109102127000/ 189 KB
54 KB 106ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 387932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55506
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c42e3b94efe0099e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 10:03:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 13 KB
5 KB 90ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4995
x-xss-protection: 0
server: sffe
date: Mon, 04 Oct 2021 18:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc03df60ee69192f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Oct 2022 18:10:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 89 KB
28 KB 137ms
69ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 121185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28507
x-xss-protection: 0
server: sffe
date: Sun, 03 Oct 2021 12:09:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "283b6526337df106"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 03 Oct 2022 12:09:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 4 KB
3 KB 88ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 387932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1638
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b3f838efba7b15f2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 10:03:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 40 KB
13 KB 93ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 202227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
server: sffe
date: Sat, 02 Oct 2021 13:38:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2e8049efde94274d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Oct 2022 13:38:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 20:06:31 GMT
server: ESF
date: Mon, 04 Oct 2021 21:49:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 04 Oct 2021 21:49:14 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
3 KB 32ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 07:34:13 GMT
x-content-type-options: nosniff
server: cafe
age: 51301
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Tue, 05 Oct 2021 07:34:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
777 B 31ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 20:55:41 GMT
x-content-type-options: nosniff
server: cafe
age: 3213
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Oct 2021 20:55:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgHEJdhNFph29p5IgayjA8v8bn1GYx2zjXjt6PtAbBpGjV-VfH3Zl-QoKHhaomL-YtTDgf5WOpIvsT-tVAYeGS1ICnuA
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 45ms
45ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbEKw2nZbYbnYCsPv3wPMkJX4BobD_Pxj1qi4meUN4c2i5M0aEAEg8NXmH2CVuoCCmAegAa_s898CyAEBqQJs9lyJqn6zPuACAKgDAcgDCqoE9wFP0NYVup3Tl8AoDKLIoUGS7pbEyGLF_tdy00p_4Tz9c4BW-hJLtO85QhtszonbKyxs5Q3LbjLXHGAZwDkJTE0b2A90mqTyMZ62aHTFtc_1pxIDsgCB6DW6-BUnJs_lv88QC3H_f1JGMEvji5CdY0nxryZgEY9aYE5HcZCZ1wMJGY_A1QR1VWZVVx27zbR8m7AvE1Yt-QFLNdNrW9davAoymMgCRyFYLD144iJyGUNmSDnWhurCqAG78eCOZKfdBtpqgWdePeumCnhjOdzpZ1WDEQXcefdGzM-kwfOgrFj0lJYYq64y-FpByFbbdve3UIFStWbXacA_wATSpqnv-wLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHuZOMoAGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEObNDNIICQiI4YAQEAEYHYAKAcgLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi03NjM2MDM4NTA0ODA2NDQ5GNjrGw&sigh=nuYl5mRbb2w
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 884178344afee0b5d75fce82e892012d165b19bc16378a0109ce37a0037ae9d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 56ms
31ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80c4aa1c1c05de71e726ed30db2ca5e1aacf8ff021dba7855dfca503df116c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8519
x-xss-protection: 0

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
21 KB 60ms
26ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vat19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 582057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:08:17 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
21 KB 83ms
51ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vat19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 565509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 08:44:05 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
16ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.vat19.com
URL: https://www.vat19.com/category/Office
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date: Mon, 04 Oct 2021 21:49:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
518 B 68ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrNU2_RwB3JBtfIMT4SUVsgOPWImyyOGNXVj58GRFIL-6a_OnaGm8LSjdRXdLMl4UUps-RScDBbpz9BKlf41tCIJOiV8GjCu8ke0NJdZQDV04dlAxECQ&sai=AMfl-YQku9OfGhLXoafXU7nfaQ_goaF7kLorA5BEK7L9mc4-HLdaqJPWflJOfUTfa6zU_FNNmPQzS0iD1qcfYI6EDItB5-eor_n-MPRhnHz0lzcHp8WXasRTXAfEanj6x-A&sig=Cg0ArKJSzJ-QIcpLrDuVEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=45&tls=1045&g=100&h=100&tt=1045&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3853484998

Requested by

Host: www.vat19.com
URL: https://www.vat19.com/category/Office

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.vat19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 21:49:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1740066219549239?v=2.9.47&r=stable

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vat19.com/	1970-01-19 22:11:58	Name: cfid Value: b7281340-12ac-40e3-8c70-9ff6c33c3188
www.vat19.com/	1970-01-19 22:11:58	Name: cftoken Value: 0
www.vat19.com/	1970-01-19 22:26:16	Name: CARTSESSIONID Value: 59A91948-1D3B-46DB-B4275884E951F00D
.google.com/	1970-01-20 02:06:35	Name: NID Value: 511=AnCzCKFCztb91tRrlfu2UwsKBKv7D73d3iyJ_xpk6LzVxdTzx71JCi1g5CQh2KTjCFw9eh0yj0SO8j37Bbu7oYK0kDzRC63ShgigR8VXP6GebWBo1twGXJP7DkgSxtdLXZuVu1zBfXf7kmHbp-We5-6aeH1mycLz5JPzKbtEMlY
.bing.com/	1970-01-20 07:04:40	Name: MUID Value: 22EB51527D1B656E1D2B41947C706433
.vat19.com/	1970-01-19 21:44:30	Name: _uetsid Value: ea4fb6d0255c11eca19e57344900bf66
.vat19.com/	1970-01-20 07:04:40	Name: _uetvid Value: ea4fd330255c11ec8856796ce77596b5
.vat19.com/	1970-01-20 06:28:40	Name: zCountry Value: DE
.vat19.com/	1970-01-20 06:28:40	Name: zHello Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Ijj7eOgb2ws
.www.vat19.com/	1970-01-19 21:53:08	Name: awpopup_1773698566 Value: 1
.vat19.com/	1970-01-20 15:14:16	Name: _ga Value: GA1.2.789336242.1633384154
.vat19.com/	1970-01-19 21:44:30	Name: _gid Value: GA1.2.703215198.1633384154
.vat19.com/	1970-01-19 21:43:04	Name: _gat_gtag_UA_232234_1 Value: 1
www.vat19.com/	1970-01-19 21:53:08	Name: AWSALB Value: kDDbEUt3hvhyupb4EPcjOxy/zMvNLgQvSTDT/jepENqvGRsWEsDw9tc7B4vVwBytxUFNJDwOCOU6jrZZ1rvXwggIHeMlYbYxXAZJbg74wTs9S2OTrxzUeYWgxigX
www.vat19.com/	1970-01-19 21:53:08	Name: AWSALBCORS Value: kDDbEUt3hvhyupb4EPcjOxy/zMvNLgQvSTDT/jepENqvGRsWEsDw9tc7B4vVwBytxUFNJDwOCOU6jrZZ1rvXwggIHeMlYbYxXAZJbg74wTs9S2OTrxzUeYWgxigX
.vat19.com/	1970-01-20 07:04:40	Name: __gads Value: ID=5fe333631a538935-228c5b33e7ca00bd:T=1633384154:S=ALNI_Mbzc-QEX7BlBYt-RXaZ-6D0onhypw
.doubleclick.net/	1970-01-20 07:04:40	Name: IDE Value: AHWqTUlFdOHEabnzc0cMv8tJSlgKFaNyTR-tk6B_cn3NBdUsHv64_xtXSyaTEXAMRZk
.doubleclick.net/	1970-01-19 21:43:07	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	Nosniff
X-Frame-Options	Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a70f8751ec2ed4080bc39805e779d9f2.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
bat.bing.com
cdn.ampproject.org
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.aweber.com
googleads.g.doubleclick.net
hello.zonos.com
images.vat19.com
pagead2.googlesyndication.com
play.google.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.vat19.com
www.youtube.com
connect.facebook.net
play.google.com
tpc.googlesyndication.com
142.250.181.226
142.250.185.194
143.204.98.128
151.101.130.137
2606:4700:10::ac43:72d
2606:4700::6810:125e
2606:4700::6810:5f41
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:803::2001
2a00:1450:4001:803::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200d
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a03:2880:f01c:8012:face:b00c:0:3
039c1003dfbea8c384ba2b341364c79644c0de83376c779696f4c8c963a45016
03bc2eea568c3f0be8f3f9668d416de90b9dade23e324322ff98650acf7ad690
04e2100dd924552b00e685ad8a045754a704a0ca3250bacd897bf29a77ab4829
0ecb8e8f9f822d109bf1ae0c061a521b0bf9e04d028d7a365ca8f39e5a9d091d
13de60045d4e46f9d5f7a568f5e6dff77214808217fc6a2abda5caabb186d7fa
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1abebc9e740246bb7c887b36929a0b5912497c1726311b085e6423e949a3159d
1e4889f3ed01aef83b485adfb93ceec52b64379bc64005a4b0db320c45d59fe1
210b979dc04bced7a0b52a99652558e30c43e6d40d2ce30e0296b7a35613d798
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
24d227f434c837561ebe77c064f6ae65323fbccbc7cb20a90b9f44ac9b4156a0
25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31
2646648be0b548a20b39bf19ba3112b51f1ca40556e1b27b4b6507e60602ea09
283a8eadbdecc3d7e75093d0ce062d7f460cca792bbdacab6081c3dbe62ad979
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3500a31527e28dc6b1c0c29f0a8301212d84216b4cf6b0f8e8acb36dcd3b8643
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3b8be8c25719394710df817ab48974da459912c0dc98bc177285d584751ac3e2
3bf036c5cf44011f5d8e6838f864f5d66b787d59f74e1fcb5f68afe777252555
3d944591e213eb61c4c6cf2b910178677e6d278366721e03e5a6603bb74c5062
42cc82a686de1b1009d6181c41f8ec9f3b0223d602151acf1a92ed376abf3ebd
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45fe27e4e87ba11f6d9cc9ec52d3fc60218581748ef1a41d0c9a7eca2321f7ff
46bede85eaf7ccf2d49f45d42cd64238a7f9fe792b7640e700be0d048a1dd8be
475974696e45eafa372e9ad11a9027f5f54c77d8c00223766c111bb92b9fbade
47b1718540d6c402af7352ec8479a5ed7b67a0798d7391dba96a9c21ec19ad72
4a6be21de781d05f60a66e2ee79b3f5dc261351ae486bba870da4f0ca0365ad9
51948b7ac8e8e25e83f2a7f1bb2b2fe5b12f736ae0d41fd33edf4e36bbd7b3bf
589c98d4ee10435fae2920138fa7b5e4079e659c65ff1602acc2891a3bd60b5f
5c5d5d2e24e91868c2b8090c0bdc6d7857016291ca0ca6bf086fb0ab8e76bcdb
5d7e2783e7a3c4f80ab5079dd75ad63fe3289cc6bf49c55a5c20fbb177e8d3b0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c454787c0accdace277d4e5ab3bcd8dc36e24bfbc1bd230ac862acd6e723251
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6ff6a16ac137d5016e3a414445fda981c92655b839d57d8881d65f2d4c62a102
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80c4aa1c1c05de71e726ed30db2ca5e1aacf8ff021dba7855dfca503df116c18
840657d93671ed5069e9bd78e7cb9ff32315bbea422097c77f39558423bbaf7b
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
884178344afee0b5d75fce82e892012d165b19bc16378a0109ce37a0037ae9d4
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
8c05372f52ed693053c18bcec3ca1f9df7312d05b1a7a4689cb5b1d42775c78b
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
96882c18c51e619fcac4dd2eab9a99efcfc7da72d75bb578a79124fc66ed4c66
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb
9bedfd1d0c99bb5e2963a5079716c3f6a6faa003da79795ef89edfab425769ca
9d1854a0f459fd903d1cf42f9b7b2e1a39b03a616d6a6ea1d649ef02fb78d6bb
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b379e865d5c309c67c557160cb629d3a608e9034ff2b13720f02940f16622f35
b79bc6e39be16638ba615f8a96a29cbea0c1b30ff74ea3dc835916fd4d5cbc19
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd9f422e93eb1cfdf948223882c12a8ba87ab2191ceffaf8689f0bd2b87d3cba
bdbfad4fe2d45b8b1b6140a1c7721d96961a5acbee02c4ec4aef9c0dab1ea8b8
c0f906859c89fbe0e6671f5114ec0ee05c4230c2e1ffad7ed3c4e5a3214fbd15
c3144a9e82a3cf97b3a279b7a6435fb7fd14b44fda86f730cbcb48b8a39662ac
c552155471a2b3af8c50e851ff4bd60aa12e2511607e132e8edfff6736c4c3ee
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5907d7f9b5cc0c49c3ffc9ed61a64f9aac3deb4fc598307dff50bdb9c9aaf0a
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cd6fc870cdb3257ef57d431bec0c36302f6ebf108508b90516aee9678f8be6be
cd7c241f0912aa70298f139c3c715d7786afda739d55f1a6719ac0d1c5636e59
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d8323798e0a5dfb3e43d2c7fa95284f6c799fa12b0e013e580215b2a5d54bba5
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec5b5b493f7785be25710247be64c567a8fd5e89e52b85747da43fb91ab4ac61
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ce797d5c8a94c370f000e2056dee75dd0f79b80453de148148a0b25e7c9ecf
f42f8b499e2ac688bd130c88729af91f3431298e6337353c8b8e25bf632b5386
f6d645cc3d33b3137a7b585a016bb472fc1c26ec91f6d37d53b6d7cd8b3c0d6e
f7ed0c4826e9164ca8ac6039530165ab680091f7c79cec6c713472f4dfa0825a
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
fbf6dd4c82f1447e99e8b2b5ff586fd1854092e4d09ba88f74e9f6f30007e70a
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8
fe815e84a92814bbcc127b2a42ca1f0db4a25de3cbc0241fe65248eb35e490a3
ff15134ad9b477b100ab895c2885932b22f818b5dbdbcba21e5cb3d34ec8f880
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.vat19.com Open in urlscan Pro 2606:4700:10::ac43:72d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

108 Requests

97 %HTTPS

85 %IPv6

19 Domains

31 Subdomains

28 IPs

2 Countries

1686 kBTransfer

4380 kBSize

19 Cookies

4 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vat19.com Open in urlscan Pro
2606:4700:10::ac43:72d Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

97 %
HTTPS

85 %
IPv6

19
Domains

31
Subdomains

28
IPs

2
Countries

1686 kB
Transfer

4380 kB
Size

19
Cookies

108 HTTP transactions
3 data transactions