urlscan.io logo urlscan.io
SecurityTrails logo

come.sortyellowapples.com Open in urlscan Pro
162.55.76.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ohr.co.nz/
Effective URL: https://come.sortyellowapples.com/away/come.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=5618457
Submission: On March 19 via manual from CA — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 65 HTTP transactions. The main IP is 162.55.76.206, located in Germany and belongs to HETZNER-AS, DE. The main domain is come.sortyellowapples.com.
TLS certificate: Issued by R3 on March 11th 2023. Valid for: 3 months.
This is the only time come.sortyellowapples.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 108.167.180.111 19871 (NETWORK-S...)
1 5 162.55.76.206 24940 (HETZNER-AS)
5 142.251.12.95 15169 (GOOGLE)
3 45.9.148.165 49447 (NICEIT)
10 74.125.24.91 15169 (GOOGLE)
6 172.217.194.94 15169 (GOOGLE)
1 2 142.251.12.157 15169 (GOOGLE)
1 64.233.170.148 15169 (GOOGLE)
1 172.253.118.99 15169 (GOOGLE)
1 142.250.4.119 15169 (GOOGLE)
1 74.125.24.132 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
65 13
22    108.167.180.111 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 108-167-180-111.unifiedlayer.com
ohr.co.nz
5    162.55.76.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.206.76.55.162.clients.your-server.de
step.firstblackphase.com
stats.statisticline.com
far.statisticline.com
come.sortyellowapples.com
5    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
jnn-pa.googleapis.com
3    45.9.148.165 (Amsterdam, Netherlands)

ASN49447 (NICEIT, DM)
cdn.statisticline.com
10    74.125.24.91 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f91.1e100.net
www.youtube.com
6    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
2    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
googleads.g.doubleclick.net
1    64.233.170.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f148.1e100.net
static.doubleclick.net
1    172.253.118.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f99.1e100.net
www.google.com
1    142.250.4.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f119.1e100.net
i.ytimg.com
1    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
yt3.ggpht.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
22 ohr.co.nz
ohr.co.nz
253 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 82
845 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
68 KB
6 statisticline.com
cdn.statisticline.com — Cisco Umbrella Rank: 327681
stats.statisticline.com
far.statisticline.com — Cisco Umbrella Rank: 456307 Failed
8 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
jnn-pa.googleapis.com — Cisco Umbrella Rank: 215
31 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
static.doubleclick.net — Cisco Umbrella Rank: 241
1 KB
1 sortyellowapples.com
come.sortyellowapples.com
663 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
13 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 firstblackphase.com
step.firstblackphase.com — Cisco Umbrella Rank: 846744
2 KB
0 bluelabelsky.com Failed
bluelabelsky.com Failed
65 12
Domain Requested by
22 ohr.co.nz ohr.co.nz
10 www.youtube.com ohr.co.nz
www.youtube.com
6 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 cdn.statisticline.com ohr.co.nz
stats.statisticline.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 stats.statisticline.com step.firstblackphase.com
cdn.statisticline.com
1 come.sortyellowapples.com cdn.statisticline.com
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 far.statisticline.com cdn.statisticline.com
1 fonts.googleapis.com ohr.co.nz
1 step.firstblackphase.com ohr.co.nz
0 bluelabelsky.com Failed come.sortyellowapples.com
65 17

This site contains no links.

Subject Issuer Validity Valid
step.firstblackphase.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
cdn.statisticline.com
R3		 2023-03-17 -
2023-06-15		 3 months crt.sh
stats.statisticline.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
come.sortyellowapples.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh

This page contains 2 frames:

Frame: https://bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=backsnack
Frame ID: 0AC806EFCF8C6DA78DD3F83ACF361822
Requests: 41 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GFRQMwPbMDQ
Frame ID: 9ABC5C8998EEBB6116792DC2E901A467
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ohr.co.nz/ Page URL
  2. https://far.statisticline.com/away/come.php?id=64785e55-66-45776433 HTTP 302
    https://come.sortyellowapples.com/away/come.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=56... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

65
Requests

51 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

13
IPs

3
Countries

1239 kB
Transfer

3892 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ohr.co.nz/ Page URL
  2. https://far.statisticline.com/away/come.php?id=64785e55-66-45776433 HTTP 302
    https://come.sortyellowapples.com/away/come.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=5618457 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ohr.co.nz/ 		39 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
nginx/1.23.2 /
Resource Hash
eb293b78c6814edeeb1d601a73163b9492e2f4ef28261882f7c41547c3387129

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
11313
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Mar 2023 19:08:32 GMT
Server
nginx/1.23.2
Vary
Accept-Encoding
X-Server-Cache
false
source.js
step.firstblackphase.com/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://step.firstblackphase.com/scripts/source.js
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
0fbe83485f74f46dffd55c0015ea41574ba33498c4db5b08e5abb4f5f6e69942

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Last-Modified
Sat, 11 Mar 2023 11:17:04 GMT
Server
nginx
ETag
"640c6330-73c"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1852
Expires
Wed, 29 Mar 2023 19:08:33 GMT
style.min.css
ohr.co.nz/wp-includes/css/dist/block-library/ 		93 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2022 03:05:05 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Accept-Ranges
bytes
classic-themes.min.css
ohr.co.nz/wp-includes/css/ 		217 B
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 04:15:25 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
189
wpautoterms.css
ohr.co.nz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 		547 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:38:05 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
195
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CKarla%3A400&ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
17e0db3de0d508d6e09dcbe4c8d9ce21bdac4239bc28dfd6e7613a9d616a8ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Mar 2023 19:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Mar 2023 19:08:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Mar 2023 19:08:33 GMT
style.css
ohr.co.nz/wp-content/themes/academy-lite/ 		22 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/style.css?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
2f1b9f9a46c70a7df992105208b74e11337d8f2dcd4d9f9e2532930e14c42eef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
7358
theme-responsive.css
ohr.co.nz/wp-content/themes/academy-lite/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/css/theme-responsive.css?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
6bd944792d58f2fdc2c572d7a0ed8ebab2cfcb35412a89fb229e46f2c23ad9f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
4167
nivo-slider.css
ohr.co.nz/wp-content/themes/academy-lite/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/css/nivo-slider.css?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
d4566a1734820dc04f00555f543473a7a4b7dab85a45fac559616f7619a4cb15

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade
Accept-Ranges
bytes
Content-Length
1191
font-awesome.css
ohr.co.nz/wp-content/themes/academy-lite/css/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/css/font-awesome.css?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
c993c8100887f74cede6cdf1115243bf444ae3a2488fe3287826378c0e81d0ae

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
6660
jquery.min.js
ohr.co.nz/wp-includes/js/jquery/ 		89 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
e1b8c81c2a251931ba50b145e4f0dc3fada3de72636051fa02b5c1aca175ef7d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 20:32:22 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Accept-Ranges
bytes
jquery-migrate.min.js
ohr.co.nz/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2023 17:43:02 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4618
regenerator-runtime.min.js
ohr.co.nz/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 May 2022 03:25:28 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2675
wp-polyfill.min.js
ohr.co.nz/wp-includes/js/dist/vendor/ 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 04:15:25 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7621
dom-ready.min.js
ohr.co.nz/wp-includes/js/dist/ 		498 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 May 2022 03:25:28 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
331
base.js
ohr.co.nz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 		720 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.5.0
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:38:05 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
287
jquery.nivo.slider.js
ohr.co.nz/wp-content/themes/academy-lite/js/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/js/jquery.nivo.slider.js?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
76bd5d2131b6efd9d1927e0d1a62c725cd58dcf7ef28b8e6a3b7b7ee24d099f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7535
custom.js
ohr.co.nz/wp-content/themes/academy-lite/js/ 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/js/custom.js?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
018686d508dd3a25c8034202ad9d26067023918d03dffedbf37b8356c46efa13

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
656
logo15.png
ohr.co.nz/wp-content/uploads/2021/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ohr.co.nz/wp-content/uploads/2021/04/logo15.png
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
2fad3f0fd42aefffaedd76c4f8f363389b64add4352379c22fadc6112b09af08

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:34 GMT
Last-Modified
Mon, 12 Apr 2021 16:43:37 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
6880
Content-Type
image/png
navigation.js
ohr.co.nz/wp-content/themes/academy-lite/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/js/navigation.js?ver=20190715
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
72b2b8a0e0b0e8e4a2466d203bf469a246c0e49f7d4c993d37ac70a5d64f86ef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1757
sway.js
cdn.statisticline.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statisticline.com/scripts/sway.js?v=2
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.9.148.165 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
8d8d7c47af34497c96fbc05bb33488d866079b6fdfcbcda260cc77eecc16d39d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:08:35 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Fri, 17 Mar 2023 16:25:38 GMT
server
nginx
etag
W/"64149482-d57"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
ohr.co.nz/wp-includes/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
18e83dfaa08c3661d12e6263a0d2a260ce7b1215db357b2f1dfe3c4eec988be5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 20:32:22 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5660
Y1hjNr
stats.statisticline.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=Recent%20Water%20Restrictions%20in%20Auckland%20and%20Wellington%20-%20Reasons%20and%20Solutions%20for%20Water%20Restrictions%20in%20Auckland%20and%20Wellington&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Requested by
Host: step.firstblackphase.com
URL: https://step.firstblackphase.com/scripts/source.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 19:08:34 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
851
Expires
0
GFRQMwPbMDQ
www.youtube.com/embed/ Frame 9ABC 		71 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/GFRQMwPbMDQ
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
ESF /
Resource Hash
fb447b769fa4f2a626351d5610f7630b5f69ed64065a1d69f5cbda123f751d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ohr.co.nz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 19 Mar 2023 19:08:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
cropped-save-water2-1.jpg
ohr.co.nz/wp-content/uploads/2021/04/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ohr.co.nz/wp-content/uploads/2021/04/cropped-save-water2-1.jpg
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
889f9c03d9fa9c815402a420085921ed89551ff990f2773ae0297709670c1ad8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:34 GMT
Last-Modified
Mon, 12 Apr 2021 16:14:19 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
60069
Content-Type
image/jpeg
nav_right.png
ohr.co.nz/wp-content/themes/academy-lite/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/images/nav_right.png
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/wp-content/themes/academy-lite/style.css?ver=6.1.1
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
0e937b84a78630a5f7448eee66b421bf69a9016011f8b843a4ab7a419a16fd0d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/wp-content/themes/academy-lite/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:34 GMT
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
1093
Content-Type
image/png
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CKarla%3A400&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ohr.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 00:18:30 GMT
x-content-type-options
nosniff
age
154204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Mar 2024 00:18:30 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CKarla%3A400&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ohr.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:48:04 GMT
x-content-type-options
nosniff
age
426030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Mar 2024 20:48:04 GMT
qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v23/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CKarla%3A400&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
bb02ccb2a85f5dfe18c15061f954f61797fcea7dfbff432126a7ec75e12394f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ohr.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:51:02 GMT
x-content-type-options
nosniff
age
429452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11284
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:39:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Mar 2024 19:51:02 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CKarla%3A400&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ohr.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:07:19 GMT
x-content-type-options
nosniff
age
219675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Mar 2024 06:07:19 GMT
fontawesome-webfont.woff2
ohr.co.nz/wp-content/themes/academy-lite/css/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://ohr.co.nz/wp-content/themes/academy-lite/css/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: ohr.co.nz
URL: http://ohr.co.nz/wp-content/themes/academy-lite/css/font-awesome.css?ver=6.1.1
Protocol
HTTP/1.1
Server
108.167.180.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-167-180-111.unifiedlayer.com
Software
Apache /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
http://ohr.co.nz/wp-content/themes/academy-lite/css/font-awesome.css?ver=6.1.1
Origin
http://ohr.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 19:08:34 GMT
Last-Modified
Fri, 24 Feb 2023 00:43:56 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
66624
Content-Type
font/woff2
www-player.css
www.youtube.com/s/player/59acb1f3/ Frame 9ABC 		399 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
sffe /
Resource Hash
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 03:42:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
228389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51796
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Mar 2024 03:42:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9ABC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 07:42:39 GMT
x-content-type-options
nosniff
age
300355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 07:42:39 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9ABC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 14:41:51 GMT
x-content-type-options
nosniff
age
361603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Mar 2024 14:41:51 GMT
www-embed-player.js
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame 9ABC 		346 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
sffe /
Resource Hash
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 18:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
89687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110099
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 17 Mar 2024 18:13:48 GMT
base.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/ Frame 9ABC 		2 MB
609 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
sffe /
Resource Hash
5434eaea46ba59097c38351199f477dc9898ffc033df1188e5b2985fb1dddb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 04:25:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
53005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
623688
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Mar 2024 04:25:10 GMT
fetch-polyfill.js
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame 9ABC 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 05:09:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
50355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Mar 2024 05:09:20 GMT
swaynew.js
cdn.statisticline.com/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statisticline.com/scripts/swaynew.js
Requested by
Host: stats.statisticline.com
URL: https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=Recent%20Water%20Restrictions%20in%20Auckland%20and%20Wellington%20-%20Reasons%20and%20Solutions%20for%20Water%20Restrictions%20in%20Auckland%20and%20Wellington&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.9.148.165 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
d265c9b96a93946c58dfe624725a175c505e039df49d76cfe5c78e313ef0b56c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:08:35 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Fri, 17 Mar 2023 16:25:37 GMT
server
nginx
etag
W/"64149481-101c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
Y1hjNr
stats.statisticline.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=Recent%20Water%20Restrictions%20in%20Auckland%20and%20Wellington%20-%20Reasons%20and%20Solutions%20for%20Water%20Restrictions%20in%20Auckland%20and%20Wellington&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Requested by
Host: cdn.statisticline.com
URL: https://cdn.statisticline.com/scripts/sway.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Mar 2023 19:08:35 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
851
Expires
0
go.php
far.statisticline.com/away/ 		0
0
go.php
far.statisticline.com/away/ 		0
0
id
googleads.g.doubleclick.net/pagead/ Frame 9ABC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 19 Mar 2023 19:08:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 9ABC 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f148.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:03:33 GMT
x-content-type-options
nosniff
age
303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Mar 2023 19:18:33 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 19 Mar 2023 19:08:36 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9ABC 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 19 Mar 2023 19:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30824
x-xss-protection
0
remote.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/ Frame 9ABC 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
sffe /
Resource Hash
72c74f1ff66c5d97926b9661f873cc96286639e7a4f7731f75737667eb13ef86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 12:58:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
22214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36325
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Mar 2024 12:58:22 GMT
TFpCJuYKq5VdJEIOQfjlCaPqX3PLPoITsNLgji7G8Zw.js
www.google.com/js/th/ Frame 9ABC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/TFpCJuYKq5VdJEIOQfjlCaPqX3PLPoITsNLgji7G8Zw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f99.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
159082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14218
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Mar 2024 22:57:15 GMT
sddefault.webp
i.ytimg.com/vi_webp/GFRQMwPbMDQ/ Frame 9ABC 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/GFRQMwPbMDQ/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f119.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:08:36 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12640
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 19 Mar 2023 21:08:36 GMT
embed.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/ Frame 9ABC 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 00:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
68788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8631
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 18 Mar 2024 00:02:09 GMT
truncated
/ Frame 9ABC 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJXIJNIO-i1NnK6vFf9gSUkFOalVKQY3dTs2rBGEaQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9ABC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJXIJNIO-i1NnK6vFf9gSUkFOalVKQY3dTs2rBGEaQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 16:42:17 GMT
x-content-type-options
nosniff
age
8779
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2440
x-xss-protection
0
server
fife
etag
"v167"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 19 Mar 2023 04:03:11 GMT
swaynew.js
cdn.statisticline.com/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statisticline.com/scripts/swaynew.js
Requested by
Host: stats.statisticline.com
URL: https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=Recent%20Water%20Restrictions%20in%20Auckland%20and%20Wellington%20-%20Reasons%20and%20Solutions%20for%20Water%20Restrictions%20in%20Auckland%20and%20Wellington&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.9.148.165 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
d265c9b96a93946c58dfe624725a175c505e039df49d76cfe5c78e313ef0b56c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://ohr.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:08:36 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Fri, 17 Mar 2023 16:25:37 GMT
server
nginx
etag
W/"64149481-101c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9ABC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 19:08:37 GMT
come.php
far.statisticline.com/away/ 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 9ABC 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time
1679252916514
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
X-YouTube-Client-Version
1.20230314.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgttbHQ2NGgyRXFiSSiyu92gBg%3D%3D
X-YouTube-Ad-Signals
dt=1679252915490&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C270%2C350&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 19 Mar 2023 19:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
Primary Request come.php
come.sortyellowapples.com/away/
Redirect Chain
  • https://far.statisticline.com/away/come.php?id=64785e55-66-45776433
  • https://come.sortyellowapples.com/away/come.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=5618457
841 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://come.sortyellowapples.com/away/come.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=5618457
Requested by
Host: cdn.statisticline.com
URL: https://cdn.statisticline.com/scripts/swaynew.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
http://ohr.co.nz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Mar 2023 19:08:38 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Mar 2023 19:08:37 GMT
Location
https://come.sortyellowapples.com/away/come.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=5618457
Server
nginx
Transfer-Encoding
chunked
log_event
www.youtube.com/youtubei/v1/ Frame 9ABC 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time
1679252916519
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
X-YouTube-Client-Version
1.20230314.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgttbHQ2NGgyRXFiSSiyu92gBg%3D%3D
X-YouTube-Ad-Signals
dt=1679252915490&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C270%2C350&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 19 Mar 2023 19:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9ABC 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 19 Mar 2023 19:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 19 Mar 2023 19:08:37 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
generate_204
www.youtube.com/ Frame 9ABC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?aUSRjw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/GFRQMwPbMDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f91.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.youtube.com/embed/GFRQMwPbMDQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 19:08:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
atr
www.youtube.com/api/stats/ Frame 9ABC 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 9ABC 		0
0
/
bluelabelsky.com/ 		0
0
/
bluelabelsky.com/ 		0
0
/
bluelabelsky.com/ 		0
0
/
bluelabelsky.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
far.statisticline.com
URL
https://far.statisticline.com/away/go.php?id=64785e55-66-45776433
Domain
far.statisticline.com
URL
https://far.statisticline.com/away/go.php?id=64785e55-66-45776433
Domain
far.statisticline.com
URL
https://far.statisticline.com/away/come.php?id=64785e55-66-45776433
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=P8-hO2Lx-ttQ91AS&ver=2&cmt=0&fs=0&rt=0&euri=http%3A%2F%2Fohr.co.nz%2F&lact=2994&cl=516646855&mos=0&volume=100&cbr=Chrome&cbrver=111.0.5563.64&c=WEB_EMBEDDED_PLAYER&cver=1.20230314.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=en_US&cr=NZ&len=370&fexp=23983296%2C24004644%2C24007246%2C24058862%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24415864%2C24416290%2C24439360%2C24447748%2C24450367%2C24456736%2C24470719%2C24471123%2C24481771%2C24482080%2C24483085%2C24493736%2C24495840%2C24496168%2C39323074&muted=0&docid=GFRQMwPbMDQ
Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Domain
bluelabelsky.com
URL
https://bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=backsnack
Domain
bluelabelsky.com
URL
https://bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=backsnack
Domain
bluelabelsky.com
URL
https://bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=backsnack
Domain
bluelabelsky.com
URL
https://bluelabelsky.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=backsnack

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: UYP-OEzWrCI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: mlt64h2EqbI
ohr.co.nz/ Name: wp-simple-duser
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluelabelsky.com
cdn.statisticline.com
come.sortyellowapples.com
far.statisticline.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
ohr.co.nz
static.doubleclick.net
stats.statisticline.com
step.firstblackphase.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
bluelabelsky.com
far.statisticline.com
www.youtube.com
108.167.180.111
142.250.4.119
142.251.12.157
142.251.12.95
162.55.76.206
172.217.194.94
172.253.118.99
45.9.148.165
64.233.170.148
74.125.200.94
74.125.24.132
74.125.24.91
018686d508dd3a25c8034202ad9d26067023918d03dffedbf37b8356c46efa13
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e937b84a78630a5f7448eee66b421bf69a9016011f8b843a4ab7a419a16fd0d
0fbe83485f74f46dffd55c0015ea41574ba33498c4db5b08e5abb4f5f6e69942
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
17e0db3de0d508d6e09dcbe4c8d9ce21bdac4239bc28dfd6e7613a9d616a8ec4
18e83dfaa08c3661d12e6263a0d2a260ce7b1215db357b2f1dfe3c4eec988be5
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
2f1b9f9a46c70a7df992105208b74e11337d8f2dcd4d9f9e2532930e14c42eef
2fad3f0fd42aefffaedd76c4f8f363389b64add4352379c22fadc6112b09af08
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
5434eaea46ba59097c38351199f477dc9898ffc033df1188e5b2985fb1dddb41
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bd944792d58f2fdc2c572d7a0ed8ebab2cfcb35412a89fb229e46f2c23ad9f5
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
72b2b8a0e0b0e8e4a2466d203bf469a246c0e49f7d4c993d37ac70a5d64f86ef
72c74f1ff66c5d97926b9661f873cc96286639e7a4f7731f75737667eb13ef86
76bd5d2131b6efd9d1927e0d1a62c725cd58dcf7ef28b8e6a3b7b7ee24d099f5
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
889f9c03d9fa9c815402a420085921ed89551ff990f2773ae0297709670c1ad8
8d8d7c47af34497c96fbc05bb33488d866079b6fdfcbcda260cc77eecc16d39d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
bb02ccb2a85f5dfe18c15061f954f61797fcea7dfbff432126a7ec75e12394f6
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c993c8100887f74cede6cdf1115243bf444ae3a2488fe3287826378c0e81d0ae
d265c9b96a93946c58dfe624725a175c505e039df49d76cfe5c78e313ef0b56c
d4566a1734820dc04f00555f543473a7a4b7dab85a45fac559616f7619a4cb15
e1b8c81c2a251931ba50b145e4f0dc3fada3de72636051fa02b5c1aca175ef7d
eb293b78c6814edeeb1d601a73163b9492e2f4ef28261882f7c41547c3387129
eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f58e30ab562e4d580aa3af24b123c2c296906742de518a749215e13d6bd2f0db
fb447b769fa4f2a626351d5610f7630b5f69ed64065a1d69f5cbda123f751d9b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995