offrgroup.com Open in urlscan Pro
68.66.226.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2...
Effective URL:
https://offrgroup.com/
Submission: On February 07 via manual (February 7th 2023, 10:40:58 pm UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 15 domains to perform 139 HTTP transactions. The main IP is 68.66.226.82, located in United States and belongs to A2HOSTING, US. The main domain is offrgroup.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 31st 2022. Valid for: 3 months.

This is the only time offrgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.54.158.190 52.54.158.190	14618 (AMAZON-AES) (AMAZON-AES)
1	34.206.184.58 34.206.184.58	14618 (AMAZON-AES) (AMAZON-AES)
9	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1 51	68.66.226.82 68.66.226.82	55293 (A2HOSTING) (A2HOSTING)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	35.242.224.42 35.242.224.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.148.45.72 185.148.45.72	55293 (A2HOSTING) (A2HOSTING)
8	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:63::9	() ()
139	17

1 52.54.158.190 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-158-190.compute-1.amazonaws.com

t.yesware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.184.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-184-58.compute-1.amazonaws.com

t.yesware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 68.66.226.82 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: az1-lr6.supercp.com

www.offrgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
offrgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.242.224.42 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.224.242.35.bc.googleusercontent.com

www.ekko-wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.148.45.72 (United States)

ASN55293 (A2HOSTING, US)
PTR: 185.148.45.72.static.a2webhosting.com

tripleskinny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:63::9 (None, )

ASN- ()

rr4---sn-4g5e6nsr.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	offrgroup.com 1 redirects www.offrgroup.com offrgroup.com	705 KB
24	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3169	2 MB
14	googlevideo.com rr4---sn-4g5e6nsr.googlevideo.com	1 MB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 jnn-pa.googleapis.com — Cisco Umbrella Rank: 189	63 KB
9	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 314	20 KB
7	gstatic.com fonts.gstatic.com	107 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1468 ka-f.fontawesome.com — Cisco Umbrella Rank: 2791	206 KB
3	ekko-wp.com www.ekko-wp.com	62 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 229	5 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	29 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	64 KB
2	yesware.com 1 redirects t.yesware.com — Cisco Umbrella Rank: 26442	54 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	119 KB
1	tripleskinny.com tripleskinny.com	313 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 208	508 B
139	15

	Domain	Requested by
50	offrgroup.com	t.yesware.com offrgroup.com
24	www.youtube-nocookie.com	offrgroup.com www.youtube-nocookie.com
14	rr4---sn-4g5e6nsr.googlevideo.com	www.youtube-nocookie.com
9	js-agent.newrelic.com	t.yesware.com
8	jnn-pa.googleapis.com	www.youtube-nocookie.com
7	fonts.gstatic.com	fonts.googleapis.com www.youtube-nocookie.com
6	ka-f.fontawesome.com	kit.fontawesome.com offrgroup.com
3	www.ekko-wp.com	offrgroup.com
2	yt3.ggpht.com	www.youtube-nocookie.com
2	www.google.com	www.youtube-nocookie.com
2	www.youtube.com	offrgroup.com www.youtube.com
2	fonts.googleapis.com	offrgroup.com
2	t.yesware.com	1 redirects
1	i.ytimg.com	www.youtube-nocookie.com
1	tripleskinny.com	offrgroup.com
1	kit.fontawesome.com	offrgroup.com
1	bam.nr-data.net	js-agent.newrelic.com
1	www.offrgroup.com	1 redirects
139	18

This site contains links to these domains. Also see Links.

Domain
tripleskinny.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.yesware.com Amazon	`2022-10-23` - `2023-11-21`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
offrgroup.com cPanel, Inc. Certification Authority	`2022-12-31` - `2023-03-31`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.ekko-wp.com R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh
tripleskinny.com cPanel, Inc. Certification Authority	`2022-12-08` - `2023-03-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-01-31` - `2023-04-11`	2 months	crt.sh

This page contains 5 frames:

Primary Page: https://offrgroup.com/
Frame ID: 71F3DB8524D8C8F52499A28DCEE8E215
Requests: 82 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
Frame ID: D71828C5F5C55A2F4774BF1BC5458A7B
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
Frame ID: ADE205EF6E137D08F7FDE767A5CB3954
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
Frame ID: 0BB8CE0177C5281AC65375A05F2E5417
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
Frame ID: 59063D6972B294B3707B9A2117D7EC6C
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offr – Exceptional talent sourcing strategies

Page URL History Show full URLs

http://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13... HTTP 301
https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13... Page URL
https://www.offrgroup.com/ HTTP 301
https://offrgroup.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

139
Requests

96 %
HTTPS

59 %
IPv6

15
Domains

18
Subdomains

17
IPs

2
Countries

4848 kB
Transfer

11655 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://tripleskinny.com/offr/pages/our-team/
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/offrgroup/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com HTTP 301
https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com Page URL
https://www.offrgroup.com/ HTTP 301
https://offrgroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com HTTP 301
https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com

139 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

www.offrgroup.com Show response
t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/
Redirect Chain

http://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com

53 KB
54 KB

477ms
238ms

Document
text/html

34.206.184.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.184.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-184-58.compute-1.amazonaws.com

Software

Resource Hash

821d05c93a24781cd8ee8ea038a3ab929f8992c4a48f735d3c772fe18f3abc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 54732
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 22:40:53 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 47a9aa7c-0404-4922-9177-27925366bb7d
x-robots-tag: noindex
x-runtime: 0.006735
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Tue, 07 Feb 2023 22:40:53 GMT
Location: https://t.yesware.com:443/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Server: awselb/2.0

GET
H2 200 692.215647de-1223.js
js-agent.newrelic.com/ 2 KB
2 KB 76ms
20ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/692.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: I.n_PBR7fU5g2cmlAwgMlzr4Oik5bP_f
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: JWQRWPTWFQTBVE63
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1087
x-amz-id-2: TFxJY3g2BNvW0+h3snSqRJ78VqyviLqrYjsgDJfga3RpaFjmwAAEntq0mKIg/RdWvFFaggo6uWc=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.945458,VS0,VE0
etag: "2a9c8457fef96067bf92a4ec54fb10b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6687

GET
H2 200 779.215647de-1223.js
js-agent.newrelic.com/ 8 KB
4 KB 83ms
27ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/779.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: d0hMUd3mWD9ItciiSIXCSy8OWToOTtsf
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: PJQVE2SANNV0CKB7
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3516
x-amz-id-2: hEapgtqQyNMW5lxoLEUAGZ5YQwX3OOSDRs+S/p1wy5ZURGBDpqS+8PXzdDsoXiaPBO1QrCfmfpg=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.945976,VS0,VE0
etag: "1f9dc6167676d6db728e844d20a97ad5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6681

GET
H2 200 823.215647de-1223.js
js-agent.newrelic.com/ 3 KB
2 KB 78ms
23ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/823.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: W2tA0gkaWp6JlPnYeFhc2plzNBl_myPN
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: JWQY2YFAVQP3V4KV
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1365
x-amz-id-2: wgIjfzxQvFKrwT6t3cNQbsXGER1qt6NYKLgJn9wCmyWHg/n78NsBzC63exSAdsvnu0WKYo3tYK0=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.945645,VS0,VE0
etag: "ce7762cf4b6665f79c15503dbccd6c68"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 264900

GET
H2 200 785.215647de-1223.js
js-agent.newrelic.com/ 5 KB
2 KB 79ms
24ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/785.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 24gfKeCbKAAA6djjTUpWk6gRfGGq6MlZ
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: JWQSXS3XRYHAWNT1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2103
x-amz-id-2: mznAU7fdQzGKE5yOd7gdc8UbJAYFJKMjFoXL8t+kNaCVqrrLRGUeF9zPkx2FnGjk0K74DD8fLaM=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.945643,VS0,VE0
etag: "85340359c90104ea511047eb2b57ebb5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7186

GET
H2 200 325.215647de-1223.js
js-agent.newrelic.com/ 1 KB
767 B 87ms
31ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/325.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: TZXfN40R6cv9QsF3fTfxRxppzwQ_LugL
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: JWQRACDTXEQ6CHSR
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 560
x-amz-id-2: QqQ/hEYT9d3WSlxe8kiulGVy83u/+USYX+4qRxlPjhyGBjgMKtfQa8Wpd7nR8x79V8vFmGs5Bxw=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.945978,VS0,VE0
etag: "8bfb1318203f2143642fa7f2620e90b9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7217

GET
H2 200 112.215647de-1223.js
js-agent.newrelic.com/ 7 KB
3 KB 85ms
30ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/112.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 9bSPwe8fMEYRcVSv2EMBWMHRAeUObfWk
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: JWQRZ3ZD52X10955
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2800
x-amz-id-2: VZu7D2hG7yRFdu3eS8/uVM78r92GFHWBf2FDCLWS5c4dds2PSAv5sSaeEqoYHupkMw+mHEJtM1g=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.945974,VS0,VE0
etag: "b225b095bddb200dcb67ba7625a14e0b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5565

GET
H2 200 960.215647de-1223.js
js-agent.newrelic.com/ 5 KB
2 KB 22ms
20ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/960.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: iCdpSHjuiF_zf7kNvVpWKcwVkVeojeJa
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: DVN1YQWRMA65D7TM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2233
x-amz-id-2: mwRToOIEMzV06tuAwYWB52xJhWsUo6vvvchrgW6PUz2Hvn13646ediOqFVasTdLxq1+qU8Nzw/8=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.982764,VS0,VE0
etag: "57e420fb6a7c52d0c27d5548fef4de16"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5371

GET
H2 200 307.215647de-1223.js
js-agent.newrelic.com/ 9 KB
4 KB 25ms
23ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/307.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: ED2qEQGkNHGjLDyC2ELlsbsj8AXnsN9k
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: 49B1S9QJ86K966HT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3648
x-amz-id-2: cz4cUKpGOuGIjfAt8mgSfepa/Oh2csSqqKRWbI3uVMugXfsGADNnM/7i4wBJu73x5yNwA4LgktM=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.983337,VS0,VE0
etag: "cca13aa273adc25aced599968bea0601"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5587

GET
H2 200 817.215647de-1223.js
js-agent.newrelic.com/ 2 KB
1 KB 24ms
22ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/817.215647de-1223.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: fbj3lJUaysglBYTWHHCwffYncZ19MQ50
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 22:40:53 GMT
x-amz-request-id: JWQQ6GXDYYN0RWVS
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1044
x-amz-id-2: hBgn24Y0ZUirvijBvdYy2tvnfpHp19SV7wcXoO55VgHUrZzdZwpYh/q+/rKwuuW+B5CXt0Xuai0=
x-served-by: cache-hhn-etou8220058-HHN
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
server: AmazonS3
x-timer: S1675809654.982982,VS0,VE0
etag: "a5dc24e5a104adfcf70621ff7fb620ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5562

GET
H2

200

Primary Request / Show response
offrgroup.com/
Redirect Chain

https://www.offrgroup.com/
https://offrgroup.com/

136 KB
25 KB

403ms
402ms

Document
text/html

68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/

Requested by

Host: t.yesware.com
URL: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

00af185cf180016dcb42eafedd0417ba53a8d49ab2683a92eed5f22ad8f71946

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 22:40:54 GMT
link: <https://offrgroup.com/wp-json/>; rel="https://api.w.org/" <https://offrgroup.com/wp-json/wp/v2/pages/7466>; rel="alternate"; type="application/json" <https://offrgroup.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 22:40:54 GMT
location: https://offrgroup.com/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 1a5da492d2
bam.nr-data.net/1/ 49 B
508 B 293ms
229ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1a5da492d2?a=2164051&v=1223.PROD&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=1014&ck=0&s=2b76083ca36fe23f&ref=https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com&ap=7&be=892&fe=14&dc=12&af=err,xhr,stn&perf=%7B%22timing%22:%7B%22of%22:1675809652974,%22n%22:0,%22f%22:297,%22dn%22:297,%22dne%22:298,%22c%22:298,%22s%22:410,%22ce%22:536,%22rq%22:536,%22rp%22:774,%22rpe%22:887,%22dl%22:784,%22di%22:904,%22ds%22:904,%22de%22:905,%22dc%22:905,%22l%22:905,%22le%22:908%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/692.215647de-1223.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t.yesware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220079-HHN
date: Tue, 07 Feb 2023 22:40:54 GMT
via: 1.1 varnish
x-timer: S1675809654.170390,VS0,VE102
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
x-cache: MISS
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
accept-ranges: bytes
Content-Length: 49
x-cache-hits: 0

POST 1a5da492d2
bam.nr-data.net/events/1/ 0
0

POST 1a5da492d2
bam.nr-data.net/jserrors/1/ 0
0

GET
H2 200 wp-emoji-release.min.js Show response
offrgroup.com/wp-includes/js/ 18 KB
5 KB 168ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:51:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4619
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 style.min.css
offrgroup.com/wp-includes/css/dist/block-library/ 93 KB
11 KB 171ms
170ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:51:16 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 11616
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 classic-themes.min.css
offrgroup.com/wp-includes/css/ 217 B
273 B 173ms
173ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:51:13 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 217
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 styles.css
offrgroup.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
907 B 175ms
174ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 848
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 bootstrap.min.css
offrgroup.com/wp-content/themes/ekko/core/assets/css/ 124 KB
17 KB 177ms
176ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/themes/ekko/core/assets/css/bootstrap.min.css?ver=3.7

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

39a89bb88f8d9433287a42c3bdc0119763743b29344f9b897ad587aaa1522c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 17131
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 style.css
offrgroup.com/wp-content/themes/ekko/ 235 KB
37 KB 334ms
333ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/themes/ekko/style.css?ver=3.7

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

4c4e876d0ea913c3481773e608474fb59591cc3de6a79e1137fc06592710ddf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:43 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 37737
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 kd_vc_front.css
offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/ 228 KB
33 KB 337ms
336ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/kd_vc_front.css?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

f099377650df2a2a49c597de255a3d4fa86605bd34f01bfc9ff51fa27e9906fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 33702
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 font-awesome.min.css
offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/ 56 KB
12 KB 338ms
337ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/font-awesome.min.css?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

317171b744a882bbb435813a822be96442aba4281464edf72fb28c142e9d00a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:41 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 11947
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 ekko-font.css
offrgroup.com/wp-content/themes/ekko/core/assets/css/ 7 KB
2 KB 338ms
337ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/themes/ekko/core/assets/css/ekko-font.css?ver=3.7

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

afe7e1b89e41b41fb0d129846b0fd9b65b2b57891ffd0502d7ab777502defffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1807
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 field_social_profiles_frontend.css
offrgroup.com/wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/ 192 B
248 B 338ms
337ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/redux-framework/redux-core/inc/extensions/social_profiles/social_profiles/css/field_social_profiles_frontend.css?ver=4.3.17

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

d5ecd1f39b078601a06dff9e9f62474551db346e6791f89e7ea4c4df32bf02d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:50:23 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 192
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 js_composer.min.css
offrgroup.com/wp-content/plugins/js_composer/assets/css/ 452 KB
40 KB 339ms
338ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:31 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 40525
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
893 B 80ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,300&display=swap&ver=1672851969

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb2b8ba2bac274f804fc715f68bd0ff65adc8753a88bdeda5f6f65ad993a80c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 22:40:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 22:40:55 GMT

GET
H2 200 jquery.min.js Show response
offrgroup.com/wp-includes/js/jquery/ 88 KB
30 KB 334ms
334ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:51:23 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 30324
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
offrgroup.com/wp-includes/js/jquery/ 11 KB
4 KB 333ms
332ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:51:23 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3995
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 jquery.easing.min.js Show response
offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/ 2 KB
771 B 333ms
332ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/jquery.easing.min.js?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

e706878ec3ba589f7eb929dabd911830ac07f0f8d8d54841bc19cab6f45354ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 735
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 owl.carousel.min.js Show response
offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/ 42 KB
10 KB 333ms
332ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/owl.carousel.min.js?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:47 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 10649
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 jquery.appear.js Show response
offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/ 1 KB
585 B 334ms
333ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/jquery.appear.js?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

e9af993b0f6240709bec8a60f3b41a8308cecb7489fe6d7f79617f1986f54541

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 549
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 kd_addon_script.js Show response
offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/ 12 KB
3 KB 334ms
333ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/kd_addon_script.js?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

d295a9f98443697624ca2d90094ff1039d90bab521c5d8c40f7cf0bbe205e31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2867
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 jquery.easytabs.min.js Show response
offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/ 12 KB
3 KB 334ms
334ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/js/jquery.easytabs.min.js?ver=6.1.1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

0449e67ab35c3dd86312646b54ef9bf9470bcb80a37373ad7bb395bf91d930d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:44 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3229
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 Sticky.png
offrgroup.com/wp-content/uploads/2022/12/ 55 KB
56 KB 167ms
167ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/uploads/2022/12/Sticky.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

315c40d749a75d1f9fad280488b1bfc7cebba59431640b6682356da13b7116f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:50:53 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 56830
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 Offr-White-2.png
offrgroup.com/wp-content/uploads/2022/12/ 15 KB
15 KB 167ms
167ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/uploads/2022/12/Offr-White-2.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

f7f7ae8fffaaf1a75e47094600aa9db7b393a6e96cc06c24f0ed3784fff86fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:50:53 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 15540
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 dummy.png
offrgroup.com/wp-content/plugins/revslider/public/assets/assets/ 68 B
124 B 167ms
167ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/plugins/revslider/public/assets/assets/dummy.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:50:30 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 68
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 82ms
35ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3bbfd5809ca9c520b3565dad1b49bebe6da051f31d29db91c24711ccd98dfdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 07 Feb 2023 22:40:55 GMT

GET
H2 200 testimonial1.jpg
www.ekko-wp.com/wp-content/uploads/sites/3/2018/10/ 1 KB
2 KB 100ms
19ms Image
image/jpeg 35.242.224.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ekko-wp.com/wp-content/uploads/sites/3/2018/10/testimonial1.jpg
Requested by: Host: offrgroup.com
URL: https://offrgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.242.224.42 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.224.242.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 943db31d0306817cf5ee7ef3532ebe44dc541136ed84ee805549d671d3688187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 07 Feb 2023 22:40:55 GMT
expires: Fri, 02 Feb 2024 08:40:33 GMT
last-modified: Sun, 21 Apr 2019 08:12:52 GMT
server: nginx
etag: "5cbc2604-571"
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1393
x-cdn-c: static
x-sg-cdn: 1

GET
H2 200 testimonial2.jpg
www.ekko-wp.com/wp-content/uploads/sites/3/2018/10/ 1 KB
2 KB 102ms
20ms Image
image/jpeg 35.242.224.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ekko-wp.com/wp-content/uploads/sites/3/2018/10/testimonial2.jpg
Requested by: Host: offrgroup.com
URL: https://offrgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.242.224.42 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.224.242.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e293ee5238870d40981cf474d983a8bb84e9981b1438db27b096b220423e6c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 07 Feb 2023 22:40:55 GMT
expires: Fri, 02 Feb 2024 08:40:33 GMT
last-modified: Sun, 21 Apr 2019 08:12:51 GMT
server: nginx
etag: "5cbc2603-592"
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1426
x-cdn-c: static
x-sg-cdn: 1

GET
H2 200 css
fonts.googleapis.com/ 11 KB
808 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400%7CMontserrat:700%2C800%2C300%2C400%2C500&display=swap

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bde03ba131cd8a2600424474fd916add546a5b4025e6853021d1b1173a2e9936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 22:40:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 22:40:55 GMT

GET
H2 200 lightbox.min.css
offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/ 2 KB
732 B 170ms
166ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

6fc0c282b3bbbbfe9a5ab6666573c5c0fd459f1e324449747a1e0d4e67ff76d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 673
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 owl.min.css
offrgroup.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/assets/ 5 KB
1 KB 170ms
167ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/assets/owl.min.css?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

a47ff037b0a646f620f8cd07d37740485317af5d6f6732dcf85c8ee124c21d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1025
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 animate.min.css
offrgroup.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/ 16 KB
2 KB 171ms
168ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

3be6d6194e274dcf0f20f4bf43fb5c9c3ebbcbf46a6e625d17d104ffe3da525a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2248
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 rs6.css
offrgroup.com/wp-content/plugins/revslider/public/assets/css/ 57 KB
12 KB 171ms
168ms Stylesheet
text/css 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.4

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

95f59f9a4a19697496edc01bb55011ea4056f90625cc816a7f18256f056a6258

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 11947
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 index.js Show response
offrgroup.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 172ms
169ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2817
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 index.js Show response
offrgroup.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 173ms
170ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3706
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 rbtools.min.js Show response
offrgroup.com/wp-content/plugins/revslider/public/assets/js/ 161 KB
59 KB 168ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.4

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 59937
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 rs6.min.js Show response
offrgroup.com/wp-content/plugins/revslider/public/assets/js/ 397 KB
99 KB 167ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.4

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

1544b2ce742950f3428a134f1f3043cf841ba73639f19f04ded8c9e0e5d893c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 101513
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 SmoothScroll.js Show response
offrgroup.com/wp-content/themes/ekko/core/assets/js/ 23 KB
7 KB 168ms
168ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/themes/ekko/core/assets/js/SmoothScroll.js?ver=3.7

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

4dce1f7130cae19886f5306a8277b041508966c6d5144bad2b9ff62344e74969

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 6636
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 scripts.js Show response
offrgroup.com/wp-content/themes/ekko/core/assets/js/ 59 KB
14 KB 167ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/themes/ekko/core/assets/js/scripts.js?ver=3.7

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

e339ee4847050a6f899dbe7d679420e68ac48c185ef0aaeaea3d0af2c5d1df85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:50:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13986
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 a29229187e.js Show response
kit.fontawesome.com/ 11 KB
4 KB 124ms
41ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/a29229187e.js?ver=1675809654

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33bb1f5016c4bc7e1d4f5e3b2bddba0b96c35de388138358d5defb3bc4cc3650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 795fa14cbb0e39ca-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0GsAM3abGcUFSAFtQyi

GET
H2 200 js_composer_front.min.js Show response
offrgroup.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
5 KB 168ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5359
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 lightbox.min.js Show response
offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/js/ 11 KB
3 KB 167ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/js/lightbox.min.js?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

648b221bb308db3693f045cedd34f0abf84aaf25fbd401f6b7fc5d1279f24afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2862
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 owl.carousel.min.js Show response
offrgroup.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/ 47 KB
11 KB 167ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/owl.carousel.min.js?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

49939458d312237b993a4de46c64e8c672d044826fa6d52e2d92c7cb1e3b2e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 11443
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 imagesloaded.pkgd.min.js Show response
offrgroup.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/ 7 KB
2 KB 168ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

9da675ace2c7592a16af2c9bf3b015bb78d09d29320d4234e79dc7cdfaaa6d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2352
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 underscore.min.js Show response
offrgroup.com/wp-includes/js/ 18 KB
7 KB 168ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:51:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7179
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 vc-waypoints.min.js Show response
offrgroup.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/ 9 KB
3 KB 167ms
167ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2675
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 vc_grid.min.js Show response
offrgroup.com/wp-content/plugins/js_composer/assets/js/dist/ 26 KB
5 KB 169ms
169ms Script
application/javascript 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?ver=6.10.0

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

f3d21bb07e1bf29734d1f4a17574b239d7b2e4de6c8490e502fca1c4aeb555df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sat, 31 Dec 2022 00:49:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4626
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,300&display=swap&ver=1672851969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:31:17 GMT
x-content-type-options: nosniff
age: 392978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 09:31:17 GMT

GET
H2 200 ekko-font.woff
offrgroup.com/wp-content/themes/ekko/core/assets/fonts/ 28 KB
28 KB 167ms
167ms Font
font/woff 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/themes/ekko/core/assets/fonts/ekko-font.woff

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/themes/ekko/core/assets/css/ekko-font.css?ver=3.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

207993b30364d0f292d540615e81c3bd139fc1ff37bfaa9b31c0b9aba06f13f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://offrgroup.com/wp-content/themes/ekko/core/assets/css/ekko-font.css?ver=3.7
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:50:37 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: font/woff
accept-ranges: bytes
content-length: 28860

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/ 184 KB
62 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c10e8ee50e4bf9b31339e9806ede6d08cfffeb40165e0c49553482fe710066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63074
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Feb 2024 22:34:02 GMT

GET
H2 200 consulting3.jpg
www.ekko-wp.com/wp-content/uploads/sites/3/2019/04/ 58 KB
58 KB 41ms
40ms Image
image/jpeg 35.242.224.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ekko-wp.com/wp-content/uploads/sites/3/2019/04/consulting3.jpg?id=
Requested by: Host: offrgroup.com
URL: https://offrgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.242.224.42 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.224.242.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d31ab855331440e38b23b8aab10864a603c6051b62803bf98c0e7d0e78415141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 07 Feb 2023 22:40:55 GMT
expires: Wed, 07 Feb 2024 22:39:38 GMT
last-modified: Sun, 21 Apr 2019 08:06:31 GMT
server: nginx
etag: "5cbc2487-e7b8"
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 59320
x-cdn-c: static
x-sg-cdn: 1

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,300&display=swap&ver=1672851969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:09:49 GMT
x-content-type-options: nosniff
age: 84666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:09:49 GMT

GET
H2 200 fa-regular-400.woff2
offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/fonts/ 13 KB
13 KB 167ms
167ms Font
font/woff2 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/fonts/fa-regular-400.woff2

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/font-awesome.min.css?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/font-awesome.min.css?ver=6.1.1
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:49:41 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 13600

GET
H2 200 fa-solid-900.woff2
offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/fonts/ 74 KB
74 KB 168ms
168ms Font
font/woff2 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/fonts/fa-solid-900.woff2

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/font-awesome.min.css?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://offrgroup.com/wp-content/plugins/keydesign-addon/assets/css/font-awesome.min.css?ver=6.1.1
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:49:44 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 76120

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%7CMontserrat:700%2C800%2C300%2C400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:02:49 GMT
x-content-type-options: nosniff
age: 463086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:02:49 GMT

GET
H2 200 logos.png
offrgroup.com/wp-content/uploads/2022/11/ 32 KB
32 KB 169ms
169ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/uploads/2022/11/logos.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

31892916142efe9ada976540d20064a98c7e135817f0199477a8968c6a750070

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:50:50 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32717
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 174857-150x150.png
offrgroup.com/wp-content/uploads/2023/01/ 3 KB
3 KB 168ms
168ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/uploads/2023/01/174857-150x150.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

b0b5c0f1800d6e2eb3e67f0210bcb4d1496c3cb39f5b79f888ef5495e5b4ac90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 04 Jan 2023 17:07:01 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2782
expires: Tue, 14 Feb 2023 22:40:55 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 100 KB
23 KB 80ms
31ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free.min.css?token=a29229187e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a29229187e.js?ver=1675809654
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"b7d524a460c5ceb6420db3aec0be8c92"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXtWBtkLKE%2BS0s9hNYNDta07q7MWWhIvo5iOqOTCmGBOPgBaaR6T3tHSzo1LEzulllLW2K%2BrHj58PR8K9u%2Bbf%2Bsp8pSiGdk7ohxIXxpjv6eH0TqenAf2%2FxeAgobLRu6%2BZbY3y44QPIc8TyAXAJ1mMDtZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 795fa14ed9e22c7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Yvjm-aqWamzBbzhvTkEKcDCuTxGGwScgAOJfRMFbaCBdHd_22gtxfg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 27 KB
5 KB 83ms
35ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-shims.min.css?token=a29229187e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a29229187e.js?ver=1675809654
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"3a57f9df341838cc106903c71730d13b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt3g3kT8YoJA03oAO7C48Vm8f1oOb7e3WZZFJz2WyBfv5djPbNE2TTFMbGsRyIA2tb3ITqNxMqziAZ4ar1PgEeF3T7IFJj0cYvi95uoX4bAAK0oymSBA10BYvMS4C0do13iMN%2BFP%2BUSd5D5OKj4WbuUWLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 795fa14ed9e62c7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: BZg6WUEd--oqmcxLqJIa-BjErimTKTqI7btxbQ8oZ6jyZre6Lk6xmQ==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 823 B
736 B 128ms
80ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v5-font-face.min.css?token=a29229187e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a29229187e.js?ver=1675809654
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
via: 1.1 e37f79ad8aac2f2f2e74a09fc473b7be.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HAM50-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"fdedb74e19e1bffdcab908079cabd49a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujy5DZJF%2BG56KdxRRO2FURx3VZ%2FUZwd5OQPJbuNx5ElFl7OUwfVAl0yBVv96nvM%2BU379BjKhsF%2FmdXW8atRl5SjOVW2%2Fkd7StHU7COqh%2B30Yen5KO%2FwFyg0F9MBJHOkfh8ZmbxLANn10UjM8gpyiX9NpqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 795fa14ed9e72c7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: IPPIjiKc8RBUR2mUr_8QkEf40TpG-IAEeKYOoGSGLb4Lx6buBM6OZQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.3.0/css/ 2 KB
1 KB 82ms
34ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-font-face.min.css?token=a29229187e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a29229187e.js?ver=1675809654
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 31 Jan 2023 18:17:21 GMT
server: cloudflare
etag: W/"00bb3d26f3fee308e5747eb9f5760b48"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITG3BsxhoJYQvF5d%2FhwPVEgyiulFVXNxDNiy8fHayUMqvFYJoRFHAWtNIgsdW2z595UobK%2B2q2Y%2B96qtv2IgvcaKR3hUVrz6h08y6R%2BlStoO%2FLfnZYEbF6s7aJKxlIE5gua0NYTq9SjTB81BfbYEacjlIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 795fa14ed9e52c7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: NNrpY0JaY7kkwMLZUgA_3CK_cefNVTZxSkWtD3IRbW5fjg3YaBl3qA==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.3.0/webfonts/ 146 KB
147 KB 36ms
35ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/webfonts/free-fa-solid-900.woff2
Requested by: Host: offrgroup.com
URL: https://offrgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a963d0d6baf5f8ad3a8d21c2bff2971d0819789204815a7082d8d4776dec4a80

Request headers

Referer: https://offrgroup.com/
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 149896
last-modified: Tue, 31 Jan 2023 18:29:16 GMT
server: cloudflare
etag: "c00cd95af40d3d74e114025555250f09"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVdTZen5saOBo%2F0ANESn8rQ4xcqwf2AE80rTN0uKBiFLz8DK1PFhlZaC7uYVA%2B8tKKLK0WRNkvPN2ySZmCDOmauH%2BbAoUQ6%2FlbbaQ2bf%2FG36Qn0EECbGK50yai2D64x1xCVeT0aYZPNWSqkDbFK71hFqdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 795fa14f7a832c7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 0fxLeSzb6QJTgRJc8phZm5BXJ2vTwXpiUL7qEHV-24vl3gkN9t7mAQ==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v6.3.0/webfonts/ 24 KB
25 KB 27ms
27ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.3.0/webfonts/free-fa-regular-400.woff2
Requested by: Host: offrgroup.com
URL: https://offrgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c58ea32c7093dae33f856c3b70c51d130277a900b1b93489f86567d9832c9b1

Request headers

Referer: https://offrgroup.com/
Origin: https://offrgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24828
last-modified: Tue, 31 Jan 2023 18:29:15 GMT
server: cloudflare
etag: "2b2509bc844e8f9d3d6bd502990a5477"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ovfo%2BZewQUcqc1oJrjRodsnxsM3mA%2B6sNRNd8AfOHe5otdiCmNCXgn9EqYMzHnhVxhtu1wjXDYExBLAl8nRnBAUS%2BkxQMh4HPUeW0%2Bh6qmX4kqvdU1ujO4ZKjpoRZY%2F0bu3FYUlGVcF7zB5K5P5s53SEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 795fa14f7a892c7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cDtkEnBWGxAFPRcEyDTMcxESemAqyyc_YiO5l1va73EiEfzhSwv1ww==

GET
H2 200 schema Show response
offrgroup.com/wp-json/contact-form-7/v1/contact-forms/5208/feedback/ 308 B
512 B 289ms
288ms Fetch
application/json 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-json/contact-form-7/v1/contact-forms/5208/feedback/schema

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

8fdf1cfd78e4abe7fd0a37250efe89dee5dd44c2f02a3a2793751b593a0b4eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, */*;q=0.1
Referer: https://offrgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: PHP/7.4.33
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://offrgroup.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 schema Show response
offrgroup.com/wp-json/contact-form-7/v1/contact-forms/5208/feedback/ 308 B
590 B 269ms
269ms Fetch
application/json 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://offrgroup.com/wp-json/contact-form-7/v1/contact-forms/5208/feedback/schema

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

8fdf1cfd78e4abe7fd0a37250efe89dee5dd44c2f02a3a2793751b593a0b4eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, */*;q=0.1
Referer: https://offrgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: PHP/7.4.33
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://offrgroup.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 prev.png
offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/ 1 KB
1 KB 168ms
167ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/prev.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1360
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 next.png
offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/ 1 KB
1 KB 168ms
168ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/next.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1350
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 loading.gif
offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/ 8 KB
8 KB 167ms
167ms Image
image/gif 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/loading.gif

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 8476
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
H2 200 close.png
offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/ 280 B
313 B 167ms
167ms Image
image/png 68.66.226.82
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/images/close.png

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.82 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-lr6.supercp.com

Software

LiteSpeed /

Resource Hash

5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/wp-content/plugins/js_composer/assets/lib/lightbox2/dist/css/lightbox.min.css?ver=6.10.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 00:49:37 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 280
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Tpyt4zAm9B0 Show response
www.youtube-nocookie.com/embed/ Frame D718 68 KB
28 KB 85ms
85ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d94f105affad20f5ee0ff3c3b2ca72ed0210b4ad553e960bc3dc6dd82e733b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offrgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 22:40:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s86whghp25y.jpg
tripleskinny.com/offr/wp-content/uploads/2022/11/ 313 KB
313 KB 537ms
168ms Image
image/jpeg 185.148.45.72
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tripleskinny.com/offr/wp-content/uploads/2022/11/s86whghp25y.jpg

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.45.72 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.148.45.72.static.a2webhosting.com

Software

LiteSpeed /

Resource Hash

c027446f3fea0c32db564d50fe30c0f90ce626fa300452908b5c01bce56f004e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offrgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 21:09:33 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 320089
expires: Tue, 14 Feb 2023 22:40:56 GMT

GET Tpyt4zAm9B0
www.youtube-nocookie.com/embed/ Frame ADE2 0
0

GET Tpyt4zAm9B0
www.youtube-nocookie.com/embed/ Frame 0BB8 0
0

GET
H2 200 Tpyt4zAm9B0 Show response
www.youtube-nocookie.com/embed/ Frame 5906 68 KB
27 KB 73ms
73ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1

Requested by

Host: offrgroup.com
URL: https://offrgroup.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc9576f4489eae0c1e7788e6325bed3af765d10b394e7ba7e4dc64178050f374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offrgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 22:40:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube-nocookie.com/s/player/97ea7458/ Frame D718 360 KB
49 KB 24ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49954
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Feb 2024 18:05:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/97ea7458/www-embed-player.vflset/ Frame D718 344 KB
108 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110070
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Feb 2024 12:00:52 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame D718 2 MB
599 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 10:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613648
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 02 Feb 2024 10:50:04 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/97ea7458/fetch-polyfill.vflset/ Frame D718 9 KB
3 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 16:58:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D718 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 12:17:50 GMT
x-content-type-options: nosniff
age: 296586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D718 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 87577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:21:19 GMT

GET
H3 200 www-player.css
www.youtube-nocookie.com/s/player/97ea7458/ Frame 5906 360 KB
49 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/www-player.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 18:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49954
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Feb 2024 18:05:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/97ea7458/www-embed-player.vflset/ Frame 5906 344 KB
108 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110070
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Feb 2024 12:00:52 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 5906 2 MB
599 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 10:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613648
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 02 Feb 2024 10:50:04 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/97ea7458/fetch-polyfill.vflset/ Frame 5906 9 KB
3 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 16:58:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5906 15 KB
15 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 12:17:50 GMT
x-content-type-options: nosniff
age: 296586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5906 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 87577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 22:21:19 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 75ms
27ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 22:40:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D718 66 KB
31 KB 37ms
34ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e16e65232fcadf4daa5c76ff425485efbbcd72b554986f89a63f0153928e9aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31064
x-xss-protection: 0

GET
H2 200 hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js Show response
www.google.com/js/th/ Frame D718 36 KB
15 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c7e221165968ccda033e4561a235151fb1b8d942f4ca64a8665d913e6657a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:32:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14417
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 23:32:43 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame D718 26 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 23:17:53 GMT

GET
DATA 200
OK truncated
/ Frame D718 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJWDkWle7sOjzNxeUy7GV6u7znhrPEItJfFrpc4ryN4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D718 2 KB
2 KB 72ms
21ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWDkWle7sOjzNxeUy7GV6u7znhrPEItJfFrpc4ryN4=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aef22db0e7addf7a61141cf969f0567dfd435836d4ae228ebb5c6d8126ffec67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:39 GMT
x-content-type-options: nosniff
age: 77
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1957
x-xss-protection: 0
server: fife
etag: "v2d4cd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Feb 2023 22:39:39 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/Tpyt4zAm9B0/ Frame D718 118 KB
119 KB 70ms
20ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Tpyt4zAm9B0/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgRig_MA8=&rs=AOn4CLBex4v2y-W6C4ZaLOfGgPtNyetK2g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e93216c9c85c1e5db4dd73b1c571295fb74d9922046853616378d9ed1d3099f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:39 GMT
x-content-type-options: nosniff
age: 77
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121013
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Feb 2023 00:39:39 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 27ms
27ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 22:40:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5906 66 KB
30 KB 43ms
43ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

092b4c32152123c1ea6931f7104361fa2668fd50cbc209edb2115d9ff7f9f43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 22:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31126
x-xss-protection: 0

GET
H2 200 hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js Show response
www.google.com/js/th/ Frame 5906 36 KB
14 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c7e221165968ccda033e4561a235151fb1b8d942f4ca64a8665d913e6657a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:32:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14417
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 23:32:43 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 5906 26 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Feb 2024 23:17:53 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D718 90 B
133 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

767ea5dff393e340076eac40be0db6f38eeea6b7810eaf8592706c1ecfbf9699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 22:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 22:40:57 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5906 90 B
133 B 33ms
33ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

231c9ad0902963953041adc3426856f55e6dc407e63ed37fe478c77860f30571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Feb 2023 22:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 27ms
27ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Feb 2023 22:40:57 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 5906 42 KB
19 KB 107ms
107ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

3e4c3e4edbd1276fa08e167bc521bc2bdd73ceaf206f5c1e21371aeae84f8a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230131.01.00
X-Goog-Visitor-Id: CgtWdWRXNjhzYTV2cyj4poufBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 22:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19102
x-xss-protection: 0
expires: Tue, 07 Feb 2023 22:40:57 GMT

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame D718 44 KB
19 KB 103ms
102ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

2d104e1daa4d3e5ca9a2986a42438eada095f056a00a6910a5987a9beb0c0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230131.01.00
X-Goog-Visitor-Id: CgtkM1RhQ1piUm9DMCj4poufBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 22:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19891
x-xss-protection: 0
expires: Tue, 07 Feb 2023 22:40:57 GMT

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame 5906 0
17 B 29ms
28ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=ZMib0gQZ8OP3ohez&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24416290%2C24430382%2C24439361%2C24441240%2C24450367%2C24451033%2C24454499%2C24458635%2C24460855%2C24463912%2C24469897&cl=506103060&seq=1&docid=Tpyt4zAm9B0&ei=edPiY5OOL8qU-gaK3b3wCg&event=streamingstats&plid=AAX0I9ddY037dNbJ&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FTpyt4zAm9B0%3Fversion%3D3%26enablejsapi%3D1%26html5%3D1%26hd%3D1%26wmode%3Dopaque%26showinfo%3D0%26rel%3D0%26origin%3Dhttps%3A%2F%2Foffrgroup.com%3B%26controls%3D0%26playsinline%3D1&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.011:S,0.130:S,0.130:S&cmt=0.009:0.000,0.011:0.000,0.130:0.000&afs=0.129:251::i&vfs=0.130:134:134::r&bwe=0.130:130000&bat=0.130:1:1&vis=0.130:0&bh=0.130:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtWdWRXNjhzYTV2cyj4poufBg%3D%3D
X-YouTube-Ad-Signals: dt=1675809656722&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:40:57 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 90 KB
91 KB 175ms
32ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=video%2Fmp4&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG2l71TOmTY6I5CGX4xdQDlwuYK69eCnhnzjn6cm5v7oCIQDkKfdPZ899Xpmoww59eGsvOIVostkT6ZUkGq2xbakP7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=0-92104&rn=1&rbuf=0&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a9bc0c4a50862585f4edc0f0c4f9dff45705592af7f20e4d9dad3fb1c8418852

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:40:58 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 92105
Last-Modified: Sat, 10 Dec 2022 00:28:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 7 KB
8 KB 161ms
19ms Fetch
audio/webm 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=251&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=audio%2Fwebm&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=7475&dur=15.901&lmt=1670632113216210&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG7LfJwAEeMBXY-nN2NM1kHwrNM7FiRq0K1EIdBKkPYgCIQCk59DvVOKVd4fgDbM8JS-VNcXEQsyHQbGwZnzEpkKkaA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=0-7474&rn=2&rbuf=0&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5bf9e252ac99158981134017b3228d0d17f1369b1a5a0c25842653f49fdb860d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:40:58 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 7475
Last-Modified: Sat, 10 Dec 2022 00:28:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Tue, 07 Feb 2023 22:40:58 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame 5906 32 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7baf267fdad9fc5969767a4de850caddefd027a0d9446c0886e14b68b936f768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8952
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Feb 2024 16:04:01 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 5906 5 KB
2 KB 145ms
145ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

aa1bbd65afef9cbf841bce3e7ef86534b28dbbe4fe58c2c78ae76921dfac6ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230131.01.00
X-Goog-Visitor-Id: CgtWdWRXNjhzYTV2cyj4poufBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 22:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1661
x-xss-protection: 0
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame D718 0
17 B 28ms
28ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=aoZGM0siy-_bfLgB&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24276396%2C24415864%2C24430382%2C24439360%2C24441240%2C24449509%2C24450366%2C24451033%2C24454498%2C24457884%2C24463912&cl=506103060&seq=1&docid=Tpyt4zAm9B0&ei=edPiY5LoL8qTgQfdqK9o&event=streamingstats&plid=AAX0I9ddfaecRkWz&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FTpyt4zAm9B0%3Fversion%3D3%26enablejsapi%3D1%26html5%3D1%26hd%3D1%26wmode%3Dopaque%26showinfo%3D0%26rel%3D0%26origin%3Dhttps%3A%2F%2Foffrgroup.com%3B%26controls%3D0%26playsinline%3D1&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.011:S,0.159:S,0.159:S&cmt=0.008:0.000,0.011:0.000,0.159:0.000&afs=0.159:251::i&vfs=0.159:134:136::r&view=0.159:1600:900&bwe=0.159:130000&bat=0.159:1:1&vis=0.159:0&bh=0.159:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkM1RhQ1piUm9DMCj4poufBg%3D%3D
X-YouTube-Ad-Signals: dt=1675809656686&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:40:57 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame D718 90 KB
91 KB 139ms
32ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5LoL8qTgQfdqK9o&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AIGNAkgszPqUE4yUOnUdDG7own-Vp9jelnVEk-nfZyf0&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C29&mn=sn-4g5e6nsr%2Csn-4g5ednsl&ms=au%2Crdu&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhnHYSRWgGYpJmxz41kw5IrjmgtA&vprv=1&mime=video%2Fmp4&ns=3XtdeEvDkAtDQYo_i5OFO4UL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=c1DbuUq23YMXKw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIyJLE18DmbvIPWTUiT0yHd8nJNNT7Y7Cu2tjBkc0LG5AiAqF5ZebD6b2moPXCmQoRR0Xuu2ay4u4qe7Y_s8cXey-Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfkVZMMmwhiPlrws8EF5JnXftVW01dm3AquEGeF-quToCIBVHiVnDmm19i1ZlmrpnTe6iZiCdLDdhpIApZvGlqLib&alr=yes&cpn=aoZGM0siy-_bfLgB&cver=1.20230131.01.00&range=0-92104&rn=1&rbuf=0&pot=D39zjhrweqS4f0uAqgbndTMEc1cdc0i7Rv48ord5Mfl8TE-mVEnRwMauuqMYoXuPEGuqvxyoGpqmXTOdjstCMCJQ194jfb_iU-UoEn_JqCgtNXXFy0_9CgoxhXqNGV36hom-zz8=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a9bc0c4a50862585f4edc0f0c4f9dff45705592af7f20e4d9dad3fb1c8418852

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:40:58 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 92105
Last-Modified: Sat, 10 Dec 2022 00:28:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame D718 7 KB
8 KB 128ms
22ms Fetch
audio/webm 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5LoL8qTgQfdqK9o&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AIGNAkgszPqUE4yUOnUdDG7own-Vp9jelnVEk-nfZyf0&itag=251&source=youtube&requiressl=yes&mh=2T&mm=31%2C29&mn=sn-4g5e6nsr%2Csn-4g5ednsl&ms=au%2Crdu&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhnHYSRWgGYpJmxz41kw5IrjmgtA&vprv=1&mime=audio%2Fwebm&ns=3XtdeEvDkAtDQYo_i5OFO4UL&gir=yes&clen=7475&dur=15.901&lmt=1670632113216210&mt=1675809179&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=c1DbuUq23YMXKw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJc4cR1SF1EkCzuM3cg7p8ggoeD8YNb9E00zHn4cChO8AiAn0rwHgCsK7uBEJe3TRyH7P4InjJTHwngxaqW0HbqCUw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfkVZMMmwhiPlrws8EF5JnXftVW01dm3AquEGeF-quToCIBVHiVnDmm19i1ZlmrpnTe6iZiCdLDdhpIApZvGlqLib&alr=yes&cpn=aoZGM0siy-_bfLgB&cver=1.20230131.01.00&range=0-7474&rn=2&rbuf=0&pot=D39zjhrweqS4f0uAqgbndTMEc1cdc0i7Rv48ord5Mfl8TE-mVEnRwMauuqMYoXuPEGuqvxyoGpqmXTOdjstCMCJQ194jfb_iU-UoEn_JqCgtNXXFy0_9CgoxhXqNGV36hom-zz8=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5bf9e252ac99158981134017b3228d0d17f1369b1a5a0c25842653f49fdb860d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 22:40:58 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 7475
Last-Modified: Sat, 10 Dec 2022 00:28:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Tue, 07 Feb 2023 22:40:58 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/ Frame D718 32 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7baf267fdad9fc5969767a4de850caddefd027a0d9446c0886e14b68b936f768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8952
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Feb 2024 16:04:01 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame D718 6 KB
2 KB 181ms
181ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c3daaf5518298c77d89378477c4b2fdd9a1d8e975ff12b83059203c085800109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230131.01.00
X-Goog-Visitor-Id: CgtkM1RhQ1piUm9DMCj4poufBg%3D%3D

Response headers

date: Tue, 07 Feb 2023 22:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1788
x-xss-protection: 0
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H3 200 videoplayback
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 75 KB
0 57ms
33ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=video%2Fmp4&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG2l71TOmTY6I5CGX4xdQDlwuYK69eCnhnzjn6cm5v7oCIQDkKfdPZ899Xpmoww59eGsvOIVostkT6ZUkGq2xbakP7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=92105-183400&rn=3&rbuf=2296&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91296
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame D718 89 KB
89 KB 39ms
20ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5LoL8qTgQfdqK9o&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AIGNAkgszPqUE4yUOnUdDG7own-Vp9jelnVEk-nfZyf0&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C29&mn=sn-4g5e6nsr%2Csn-4g5ednsl&ms=au%2Crdu&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhnHYSRWgGYpJmxz41kw5IrjmgtA&vprv=1&mime=video%2Fmp4&ns=3XtdeEvDkAtDQYo_i5OFO4UL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=c1DbuUq23YMXKw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIyJLE18DmbvIPWTUiT0yHd8nJNNT7Y7Cu2tjBkc0LG5AiAqF5ZebD6b2moPXCmQoRR0Xuu2ay4u4qe7Y_s8cXey-Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfkVZMMmwhiPlrws8EF5JnXftVW01dm3AquEGeF-quToCIBVHiVnDmm19i1ZlmrpnTe6iZiCdLDdhpIApZvGlqLib&alr=yes&cpn=aoZGM0siy-_bfLgB&cver=1.20230131.01.00&range=92105-183400&rn=3&rbuf=2296&pot=D39zjhrweqS4f0uAqgbndTMEc1cdc0i7Rv48ord5Mfl8TE-mVEnRwMauuqMYoXuPEGuqvxyoGpqmXTOdjstCMCJQ194jfb_iU-UoEn_JqCgtNXXFy0_9CgoxhXqNGV36hom-zz8=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

28297b42228dcabbbb3ce2a8cf3b7b2a2885d271ee73e5e3b22059d7af82ef2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91296
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

GET
H2 200 AL5GRJWDkWle7sOjzNxeUy7GV6u7znhrPEItJfFrpc4ryN4=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D718 2 KB
3 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWDkWle7sOjzNxeUy7GV6u7znhrPEItJfFrpc4ryN4=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2dc309364feea8a5ffd1dc6e80be23183c0bdccf785a4bb29bb71c19b0c3b20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 21:15:12 GMT
x-content-type-options: nosniff
age: 5146
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2526
x-xss-protection: 0
server: fife
etag: "v2d4cd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Feb 2023 21:15:12 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 89 KB
89 KB 21ms
20ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=video%2Fmp4&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG2l71TOmTY6I5CGX4xdQDlwuYK69eCnhnzjn6cm5v7oCIQDkKfdPZ899Xpmoww59eGsvOIVostkT6ZUkGq2xbakP7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=809-92104&rn=4&rbuf=0&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

12a11c3d8c396c59178519312987a666ed1a5b61c2dc8994221b8230dfcfc7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91296
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST videoplayback
rr4---sn-4g5e6nsr.googlevideo.com/ Frame D718 0
0

POST
H3 200 videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame D718 20 KB
21 KB 23ms
22ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5LoL8qTgQfdqK9o&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AIGNAkgszPqUE4yUOnUdDG7own-Vp9jelnVEk-nfZyf0&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C29&mn=sn-4g5e6nsr%2Csn-4g5ednsl&ms=au%2Crdu&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhnHYSRWgGYpJmxz41kw5IrjmgtA&vprv=1&mime=video%2Fmp4&ns=3XtdeEvDkAtDQYo_i5OFO4UL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=c1DbuUq23YMXKw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIyJLE18DmbvIPWTUiT0yHd8nJNNT7Y7Cu2tjBkc0LG5AiAqF5ZebD6b2moPXCmQoRR0Xuu2ay4u4qe7Y_s8cXey-Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfkVZMMmwhiPlrws8EF5JnXftVW01dm3AquEGeF-quToCIBVHiVnDmm19i1ZlmrpnTe6iZiCdLDdhpIApZvGlqLib&alr=yes&cpn=aoZGM0siy-_bfLgB&cver=1.20230131.01.00&range=183401-204377&rn=5&rbuf=4592&pot=D39zjhrweqS4f0uAqgbndTMEc1cdc0i7Rv48ord5Mfl8TE-mVEnRwMauuqMYoXuPEGuqvxyoGpqmXTOdjstCMCJQ194jfb_iU-UoEn_JqCgtNXXFy0_9CgoxhXqNGV36hom-zz8=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

09e052337662fec6e39ae99e93539da5e8b4b20c0500d904a378c028490aa6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20977
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 7 KB
7 KB 20ms
20ms Fetch
audio/webm 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=251&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=audio%2Fwebm&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=7475&dur=15.901&lmt=1670632113216210&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG7LfJwAEeMBXY-nN2NM1kHwrNM7FiRq0K1EIdBKkPYgCIQCk59DvVOKVd4fgDbM8JS-VNcXEQsyHQbGwZnzEpkKkaA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=292-7474&rn=5&rbuf=0&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6ff8866c53a0a250f2ab2e76309d9721f99bfdb94427f7d531cdf89ae48f7ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7183
last-modified: Sat, 10 Dec 2022 00:28:33 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame D718 228 KB
228 KB 21ms
20ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5LoL8qTgQfdqK9o&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AIGNAkgszPqUE4yUOnUdDG7own-Vp9jelnVEk-nfZyf0&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C29&mn=sn-4g5e6nsr%2Csn-4g5ednsl&ms=au%2Crdu&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhnHYSRWgGYpJmxz41kw5IrjmgtA&vprv=1&mime=video%2Fmp4&ns=3XtdeEvDkAtDQYo_i5OFO4UL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=c1DbuUq23YMXKw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIyJLE18DmbvIPWTUiT0yHd8nJNNT7Y7Cu2tjBkc0LG5AiAqF5ZebD6b2moPXCmQoRR0Xuu2ay4u4qe7Y_s8cXey-Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfkVZMMmwhiPlrws8EF5JnXftVW01dm3AquEGeF-quToCIBVHiVnDmm19i1ZlmrpnTe6iZiCdLDdhpIApZvGlqLib&alr=yes&cpn=aoZGM0siy-_bfLgB&cver=1.20230131.01.00&range=204378-438094&rn=6&rbuf=5120&pot=D39zjhrweqS4f0uAqgbndTMEc1cdc0i7Rv48ord5Mfl8TE-mVEnRwMauuqMYoXuPEGuqvxyoGpqmXTOdjstCMCJQ194jfb_iU-UoEn_JqCgtNXXFy0_9CgoxhXqNGV36hom-zz8=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

74c4dd03a7455c8099a6eec0adbb76a21720172c3106bbdc9c9deeaa17cdf2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233717
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

GET
H3 204 playback Show response
www.youtube-nocookie.com/api/stats/ Frame D718 0
17 B 29ms
29ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/playback?ns=yt&el=embedded&cpn=aoZGM0siy-_bfLgB&ver=2&cmt=0.019&fmt=134&fs=0&rt=0.487&euri=https%3A%2F%2Foffrgroup.com%2F&lact=1451&cl=506103060&mos=1&volume=0&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=15.901&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24276396%2C24415864%2C24430382%2C24439360%2C24441240%2C24449509%2C24450366%2C24451033%2C24454498%2C24457884%2C24463912&rtn=4&afmt=251&size=1600%3A900&inview=0&muted=1&docid=Tpyt4zAm9B0&ei=edPiY5LoL8qTgQfdqK9o&plid=AAX0I9ddfaecRkWz&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FTpyt4zAm9B0%3Fversion%3D3%26enablejsapi%3D1%26html5%3D1%26hd%3D1%26wmode%3Dopaque%26showinfo%3D0%26rel%3D0%26origin%3Dhttps%3A%2F%2Foffrgroup.com%3B%26controls%3D0%26playsinline%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZ0dnM0Y3JjVjhWRk91R1hDdndPTzMtRXVXNEFCVkh5ZWcxbHlvSmR1VHJfd2JbQVBta0tES3N4TWlrZ1B2amhsdW95cVg0VDdsMVNCWlF6ajRmNlFjblBEMUdmZEQ1V3lmY1BZa0dJalQtbG5OUmQ0N0k3TUg2bml2aF93RzFhODljZHBVdTZvb2gB

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkM1RhQ1piUm9DMCj4poufBg%3D%3D
X-YouTube-Ad-Signals: dt=1675809656686&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:40:58 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube-nocookie.com/ Frame D718 0
19 B 27ms
27ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/ptracking?html5=1&video_id=Tpyt4zAm9B0&cpn=aoZGM0siy-_bfLgB&ei=edPiY5LoL8qTgQfdqK9o&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkM1RhQ1piUm9DMCj4poufBg%3D%3D
X-YouTube-Ad-Signals: dt=1675809656686&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:40:58 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 89 KB
89 KB 25ms
25ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=video%2Fmp4&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG2l71TOmTY6I5CGX4xdQDlwuYK69eCnhnzjn6cm5v7oCIQDkKfdPZ899Xpmoww59eGsvOIVostkT6ZUkGq2xbakP7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=92105-183400&rn=6&rbuf=2291&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

28297b42228dcabbbb3ce2a8cf3b7b2a2885d271ee73e5e3b22059d7af82ef2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91296
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

GET
H3 204 playback Show response
www.youtube-nocookie.com/api/stats/ Frame 5906 0
17 B 29ms
29ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/playback?ns=yt&el=embedded&cpn=ZMib0gQZ8OP3ohez&ver=2&cmt=0.005&fmt=134&fs=0&rt=0.543&euri=https%3A%2F%2Foffrgroup.com%2F&lact=1439&cl=506103060&mos=1&volume=0&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230131.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=15.901&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24415864%2C24416290%2C24430382%2C24439361%2C24441240%2C24450367%2C24451033%2C24454499%2C24458635%2C24460855%2C24463912%2C24469897&rtn=5&afmt=251&inview=0&muted=1&docid=Tpyt4zAm9B0&ei=edPiY5OOL8qU-gaK3b3wCg&plid=AAX0I9ddY037dNbJ&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FTpyt4zAm9B0%3Fversion%3D3%26enablejsapi%3D1%26html5%3D1%26hd%3D1%26wmode%3Dopaque%26showinfo%3D0%26rel%3D0%26origin%3Dhttps%3A%2F%2Foffrgroup.com%3B%26controls%3D0%26playsinline%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBRlNkMkZzOVJxT1NtMlY1cXlKRlJkWkRqOVpYQi1aUGdmNFJhc1lfVXdVUHpmclV2UWJbQVBta0tESzRqYTk1VURmVF9rM1E3cGNQNXE3ZF8tVlZmaVBab0R4eDFuX0Q5ZVJ4X2xJVElpcUlJWFFodGJoVHVIbGhXZExkeVlRTVN1WnpDN2VRVF8xSk9YNGgB

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtWdWRXNjhzYTV2cyj4poufBg%3D%3D
X-YouTube-Ad-Signals: dt=1675809656722&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:40:58 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube-nocookie.com/ Frame 5906 0
19 B 29ms
28ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/ptracking?html5=1&video_id=Tpyt4zAm9B0&cpn=ZMib0gQZ8OP3ohez&ei=edPiY5OOL8qU-gaK3b3wCg&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1
X-YouTube-Client-Version: 1.20230131.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtWdWRXNjhzYTV2cyj4poufBg%3D%3D
X-YouTube-Ad-Signals: dt=1675809656722&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 22:40:58 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5e6nsr.googlevideo.com/ Frame D718 242 KB
242 KB 21ms
20ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5LoL8qTgQfdqK9o&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AIGNAkgszPqUE4yUOnUdDG7own-Vp9jelnVEk-nfZyf0&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C29&mn=sn-4g5e6nsr%2Csn-4g5ednsl&ms=au%2Crdu&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhnHYSRWgGYpJmxz41kw5IrjmgtA&vprv=1&mime=video%2Fmp4&ns=3XtdeEvDkAtDQYo_i5OFO4UL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=c1DbuUq23YMXKw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIyJLE18DmbvIPWTUiT0yHd8nJNNT7Y7Cu2tjBkc0LG5AiAqF5ZebD6b2moPXCmQoRR0Xuu2ay4u4qe7Y_s8cXey-Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfkVZMMmwhiPlrws8EF5JnXftVW01dm3AquEGeF-quToCIBVHiVnDmm19i1ZlmrpnTe6iZiCdLDdhpIApZvGlqLib&alr=yes&cpn=aoZGM0siy-_bfLgB&cver=1.20230131.01.00&range=438095-685637&rn=7&rbuf=10240&pot=D39zjhrweqS4f0uAqgbndTMEc1cdc0i7Rv48ord5Mfl8TE-mVEnRwMauuqMYoXuPEGuqvxyoGpqmXTOdjstCMCJQ194jfb_iU-UoEn_JqCgtNXXFy0_9CgoxhXqNGV36hom-zz8=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5224bfc75ee5473e35b76dcfbb1fc4bc1353db87881cfeea9edfc14330dc742b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247543
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H3 200 videoplayback
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 205 KB
205 KB 23ms
23ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=video%2Fmp4&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG2l71TOmTY6I5CGX4xdQDlwuYK69eCnhnzjn6cm5v7oCIQDkKfdPZ899Xpmoww59eGsvOIVostkT6ZUkGq2xbakP7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=183401-392813&rn=7&rbuf=4588&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209413
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

POST
H3 200 videoplayback
rr4---sn-4g5e6nsr.googlevideo.com/ Frame 5906 286 KB
286 KB 20ms
20ms Fetch
video/mp4 2a00:1450:4001:63::9

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5OOL8qU-gaK3b3wCg&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AH-fiecZkiVZPN0Xleu17OXQ49OSFTQL2o1SIVzexb56&itag=134&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C26&mn=sn-4g5e6nsr%2Csn-h0jeened&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhjVW9dLeZfcf5OCF0_ktoJ9JZWs&vprv=1&mime=video%2Fmp4&ns=_wpY8_OsY_145t-0NrzSrDUL&gir=yes&clen=685638&dur=15.880&lmt=1670632116111946&mt=1675809179&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=Ct6qnN3GMdOxFw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgG2l71TOmTY6I5CGX4xdQDlwuYK69eCnhnzjn6cm5v7oCIQDkKfdPZ899Xpmoww59eGsvOIVostkT6ZUkGq2xbakP7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgTZX0U0hrfXbbRka8Fl0ZzQjeAcgaWvAsqPF8XVX6d5ECIATI2RMRkcFEZ9huPHVHV5X7I2i7Lyti8N9ovwaHZNpK&alr=yes&cpn=ZMib0gQZ8OP3ohez&cver=1.20230131.01.00&range=392814-685637&rn=8&rbuf=9243&pot=DyhvG5YSoJQJKFciz1kVBETxHDWcDVs9g0QqhBLw7Ufrtk0Qri2o5QM80IieC9nDQ-gM0EICS3pQiZgU9mupFgH_V0Y_FH2O-4EdPWp7dYrZglLEsY6yzcsQYoq6oop0gMY1aOE=

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/97ea7458/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 07 Feb 2023 22:40:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 292824
last-modified: Sat, 10 Dec 2022 00:28:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Tue, 07 Feb 2023 22:40:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/1a5da492d2?a=2164051&v=1223.PROD&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=2008&ck=0&s=2b76083ca36fe23f&ref=https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/1a5da492d2?a=2164051&v=1223.PROD&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=2009&ck=0&s=2b76083ca36fe23f&ref=https://t.yesware.com/tt/842b9697d19918beebb4dbac1103504fc9837169/b35799f0222d139288416ecb2e6cfc13/4dc516e441de4e682c2affeaa49f33c4/www.offrgroup.com

Domain: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1

Domain: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Tpyt4zAm9B0?version=3&enablejsapi=1&html5=1&hd=1&wmode=opaque&showinfo=0&rel=0&origin=https://offrgroup.com;&controls=0&playsinline=1

Domain: rr4---sn-4g5e6nsr.googlevideo.com
URL: https://rr4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1675831257&ei=edPiY5LoL8qTgQfdqK9o&ip=2001%3A1b60%3A1010%3A2%3A1012%3A45a5%3A55ae%3A3ae4&id=o-AIGNAkgszPqUE4yUOnUdDG7own-Vp9jelnVEk-nfZyf0&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=2T&mm=31%2C29&mn=sn-4g5e6nsr%2Csn-4g5ednsl&ms=au%2Crdu&mv=m&mvi=4&pl=36&initcwndbps=1411250&spc=H3gIhnHYSRWgGYpJmxz41kw5IrjmgtA&vprv=1&mime=video%2Fmp4&ns=3XtdeEvDkAtDQYo_i5OFO4UL&gir=yes&clen=2972672&dur=15.880&lmt=1670632118175263&mt=1675809179&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=c1DbuUq23YMXKw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIeQyezvg9p08tPsfFNHJQXNHp0MGPgtrOucjGNk0gvEAiAmz3SlrYtni0I6m0KL5RVOlubQIcgox9PfoIUn9NuTrA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgfkVZMMmwhiPlrws8EF5JnXftVW01dm3AquEGeF-quToCIBVHiVnDmm19i1ZlmrpnTe6iZiCdLDdhpIApZvGlqLib&alr=yes&cpn=aoZGM0siy-_bfLgB&cver=1.20230131.01.00&range=0-807&rn=4&rbuf=0&pot=D39zjhrweqS4f0uAqgbndTMEc1cdc0i7Rv48ord5Mfl8TE-mVEnRwMauuqMYoXuPEGuqvxyoGpqmXTOdjstCMCJQ194jfb_iU-UoEn_JqCgtNXXFy0_9CgoxhXqNGV36hom-zz8=

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yesware.com/	1970-01-20 19:06:09	Name: t Value: oFLkDmeovdT33wcjLGW9aA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: yXjxO_OWGR4
.youtube.com/	1970-01-20 13:49:21	Name: DEVICE_INFO Value: ChxOekU1TnpVME56WTJOREUxTkRZeE1Ua3pNdz09EPemi58GGPemi58G
.youtube.com/	1970-01-20 13:49:21	Name: VISITOR_INFO1_LIVE Value: 7ljIGKgaj98

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://offrgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1(Line 1) Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
jnn-pa.googleapis.com
js-agent.newrelic.com
ka-f.fontawesome.com
kit.fontawesome.com
offrgroup.com
rr4---sn-4g5e6nsr.googlevideo.com
t.yesware.com
tripleskinny.com
www.ekko-wp.com
www.google.com
www.offrgroup.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
bam.nr-data.net
rr4---sn-4g5e6nsr.googlevideo.com
www.youtube-nocookie.com
151.101.130.137
162.247.243.29
185.148.45.72
2606:4700::6812:1734
2606:4700:e4::ac40:a916
2a00:1450:4001:63::9
2a00:1450:4001:803::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2016
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82f::200a
34.206.184.58
35.242.224.42
52.54.158.190
68.66.226.82
00af185cf180016dcb42eafedd0417ba53a8d49ab2683a92eed5f22ad8f71946
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0449e67ab35c3dd86312646b54ef9bf9470bcb80a37373ad7bb395bf91d930d9
092b4c32152123c1ea6931f7104361fa2668fd50cbc209edb2115d9ff7f9f43d
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
09e052337662fec6e39ae99e93539da5e8b4b20c0500d904a378c028490aa6af
12a11c3d8c396c59178519312987a666ed1a5b61c2dc8994221b8230dfcfc7da
1544b2ce742950f3428a134f1f3043cf841ba73639f19f04ded8c9e0e5d893c5
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
207993b30364d0f292d540615e81c3bd139fc1ff37bfaa9b31c0b9aba06f13f4
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
231c9ad0902963953041adc3426856f55e6dc407e63ed37fe478c77860f30571
28297b42228dcabbbb3ce2a8cf3b7b2a2885d271ee73e5e3b22059d7af82ef2f
29cc91344fa42a2ddf205c2d26b851ae379f940eb5c0e321cc274d32bc629ced
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2d104e1daa4d3e5ca9a2986a42438eada095f056a00a6910a5987a9beb0c0ea0
2dc309364feea8a5ffd1dc6e80be23183c0bdccf785a4bb29bb71c19b0c3b20d
315c40d749a75d1f9fad280488b1bfc7cebba59431640b6682356da13b7116f2
317171b744a882bbb435813a822be96442aba4281464edf72fb28c142e9d00a6
31892916142efe9ada976540d20064a98c7e135817f0199477a8968c6a750070
33bb1f5016c4bc7e1d4f5e3b2bddba0b96c35de388138358d5defb3bc4cc3650
357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8
39a89bb88f8d9433287a42c3bdc0119763743b29344f9b897ad587aaa1522c42
3be6d6194e274dcf0f20f4bf43fb5c9c3ebbcbf46a6e625d17d104ffe3da525a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4c3e4edbd1276fa08e167bc521bc2bdd73ceaf206f5c1e21371aeae84f8a93
3e93216c9c85c1e5db4dd73b1c571295fb74d9922046853616378d9ed1d3099f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49939458d312237b993a4de46c64e8c672d044826fa6d52e2d92c7cb1e3b2e1f
4c4e876d0ea913c3481773e608474fb59591cc3de6a79e1137fc06592710ddf7
4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3
4dce1f7130cae19886f5306a8277b041508966c6d5144bad2b9ff62344e74969
5224bfc75ee5473e35b76dcfbb1fc4bc1353db87881cfeea9edfc14330dc742b
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b169400c72045d965aac2010ff973d4184849800eac9e3ced121b38cabf8317
5bf9e252ac99158981134017b3228d0d17f1369b1a5a0c25842653f49fdb860d
5c58ea32c7093dae33f856c3b70c51d130277a900b1b93489f86567d9832c9b1
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
60c10e8ee50e4bf9b31339e9806ede6d08cfffeb40165e0c49553482fe710066
648b221bb308db3693f045cedd34f0abf84aaf25fbd401f6b7fc5d1279f24afb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6fc0c282b3bbbbfe9a5ab6666573c5c0fd459f1e324449747a1e0d4e67ff76d4
6ff8866c53a0a250f2ab2e76309d9721f99bfdb94427f7d531cdf89ae48f7ae1
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
74c4dd03a7455c8099a6eec0adbb76a21720172c3106bbdc9c9deeaa17cdf2d1
767ea5dff393e340076eac40be0db6f38eeea6b7810eaf8592706c1ecfbf9699
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7baf267fdad9fc5969767a4de850caddefd027a0d9446c0886e14b68b936f768
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
821d05c93a24781cd8ee8ea038a3ab929f8992c4a48f735d3c772fe18f3abc6f
84c7e221165968ccda033e4561a235151fb1b8d942f4ca64a8665d913e6657a4
852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9
8aedf6cfea0cab0b1f40f53ec29e95bd9f6fa480a13050e877e2a29bc3875ded
8fdf1cfd78e4abe7fd0a37250efe89dee5dd44c2f02a3a2793751b593a0b4eb3
943db31d0306817cf5ee7ef3532ebe44dc541136ed84ee805549d671d3688187
95f59f9a4a19697496edc01bb55011ea4056f90625cc816a7f18256f056a6258
9da675ace2c7592a16af2c9bf3b015bb78d09d29320d4234e79dc7cdfaaa6d69
a47ff037b0a646f620f8cd07d37740485317af5d6f6732dcf85c8ee124c21d07
a963d0d6baf5f8ad3a8d21c2bff2971d0819789204815a7082d8d4776dec4a80
a9bc0c4a50862585f4edc0f0c4f9dff45705592af7f20e4d9dad3fb1c8418852
aa1bbd65afef9cbf841bce3e7ef86534b28dbbe4fe58c2c78ae76921dfac6ee7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8
aef22db0e7addf7a61141cf969f0567dfd435836d4ae228ebb5c6d8126ffec67
afe7e1b89e41b41fb0d129846b0fd9b65b2b57891ffd0502d7ab777502defffd
b0b5c0f1800d6e2eb3e67f0210bcb4d1496c3cb39f5b79f888ef5495e5b4ac90
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b95164237b524353d235fd03cdc0ddf54a489315c59ee4e744cf120657a1ee33
bde03ba131cd8a2600424474fd916add546a5b4025e6853021d1b1173a2e9936
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
c027446f3fea0c32db564d50fe30c0f90ce626fa300452908b5c01bce56f004e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3daaf5518298c77d89378477c4b2fdd9a1d8e975ff12b83059203c085800109
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d295a9f98443697624ca2d90094ff1039d90bab521c5d8c40f7cf0bbe205e31d
d31ab855331440e38b23b8aab10864a603c6051b62803bf98c0e7d0e78415141
d3bbfd5809ca9c520b3565dad1b49bebe6da051f31d29db91c24711ccd98dfdc
d5ecd1f39b078601a06dff9e9f62474551db346e6791f89e7ea4c4df32bf02d5
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
d94f105affad20f5ee0ff3c3b2ca72ed0210b4ad553e960bc3dc6dd82e733b05
dc9576f4489eae0c1e7788e6325bed3af765d10b394e7ba7e4dc64178050f374
e16e65232fcadf4daa5c76ff425485efbbcd72b554986f89a63f0153928e9aae
e293ee5238870d40981cf474d983a8bb84e9981b1438db27b096b220423e6c6f
e339ee4847050a6f899dbe7d679420e68ac48c185ef0aaeaea3d0af2c5d1df85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e706878ec3ba589f7eb929dabd911830ac07f0f8d8d54841bc19cab6f45354ed
e9af993b0f6240709bec8a60f3b41a8308cecb7489fe6d7f79617f1986f54541
f099377650df2a2a49c597de255a3d4fa86605bd34f01bfc9ff51fa27e9906fe
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f3d21bb07e1bf29734d1f4a17574b239d7b2e4de6c8490e502fca1c4aeb555df
f7f7ae8fffaaf1a75e47094600aa9db7b393a6e96cc06c24f0ed3784fff86fcd
fb2b8ba2bac274f804fc715f68bd0ff65adc8753a88bdeda5f6f65ad993a80c5
fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545

offrgroup.com Open in urlscan Pro 68.66.226.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

96 %HTTPS

59 %IPv6

15 Domains

18 Subdomains

17 IPs

2 Countries

4848 kBTransfer

11655 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offrgroup.com Open in urlscan Pro
68.66.226.82 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

96 %
HTTPS

59 %
IPv6

15
Domains

18
Subdomains

17
IPs

2
Countries

4848 kB
Transfer

11655 kB
Size

4
Cookies

139 HTTP transactions
2 data transactions