offtherecord.com Open in urlscan Pro
99.86.4.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fight.offtherecord.com/
Effective URL:
https://offtherecord.com/
Submission: On December 07 via api (December 7th 2022, 8:41:13 pm UTC) from US — Scanned from DE

Summary HTTP 200 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 33 IPs in 3 countries across 24 domains to perform 200 HTTP transactions. The main IP is 99.86.4.110, located in United States and belongs to AMAZON-02, US. The main domain is offtherecord.com.
TLS certificate: Issued by Amazon on January 15th 2022. Valid for: a year.

This is the only time offtherecord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	50.18.212.254 50.18.212.254	16509 (AMAZON-02) (AMAZON-02)
66	99.86.4.110 99.86.4.110	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
11	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	99.86.4.11 99.86.4.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:245... 2600:9000:2451:fa00:1e:9742:1680:21	16509 (AMAZON-02) (AMAZON-02)
8	18.232.32.56 18.232.32.56	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223d:c400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	54.88.197.161 54.88.197.161	14618 (AMAZON-AES) (AMAZON-AES)
2	143.204.89.97 143.204.89.97	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:249... 2600:9000:2491:8200:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	35.245.208.72 35.245.208.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.214.55 52.222.214.55	16509 (AMAZON-02) (AMAZON-02)
16	52.222.214.115 52.222.214.115	16509 (AMAZON-02) (AMAZON-02)
10	52.92.193.33 52.92.193.33	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
3	108.138.7.111 108.138.7.111	16509 (AMAZON-02) (AMAZON-02)
200	33

1 50.18.212.254 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-212-254.us-west-1.compute.amazonaws.com

fight.offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 99.86.4.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-110.fra6.r.cloudfront.net

offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-11.fra6.r.cloudfront.net

tag.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2451:fa00:1e:9742:1680:21 (United States)

ASN16509 (AMAZON-02, US)

d14jnfavjicsbe.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.232.32.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-32-56.compute-1.amazonaws.com

otr-backend-service-us-prod.offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:c400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.88.197.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-197-161.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-97.fra50.r.cloudfront.net

api.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2491:8200:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.245.208.72 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.208.245.35.bc.googleusercontent.com

r1.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-55.fra56.r.cloudfront.net

snippets.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.222.214.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-115.fra56.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.92.193.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

off-the-record-service.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net

httpsofftherecordcom.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	offtherecord.com 1 redirects fight.offtherecord.com offtherecord.com otr-backend-service-us-prod.offtherecord.com	5 MB
30	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 10098 snippets.freshchat.com — Cisco Umbrella Rank: 52678 assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 17064 httpsofftherecordcom.webpush.freshchat.com	717 KB
16	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1664 ka-p.fontawesome.com — Cisco Umbrella Rank: 4297	483 KB
12	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5056 r1.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 82827	95 KB
10	amazonaws.com off-the-record-service.s3.amazonaws.com
8	gstatic.com fonts.gstatic.com	131 KB
7	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2404 rs.fullstory.com — Cisco Umbrella Rank: 2282	83 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	5 KB
4	branch.io api2.branch.io — Cisco Umbrella Rank: 582	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	200 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 83	58 KB
3	getdrip.com tag.getdrip.com — Cisco Umbrella Rank: 25788 api.getdrip.com — Cisco Umbrella Rank: 28393	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 420	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	21 KB
3	google.com apis.google.com — Cisco Umbrella Rank: 110 www.google.com — Cisco Umbrella Rank: 2	112 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	203 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	90 KB
2	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4304	22 KB
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 11943	25 KB
1	app.link app.link — Cisco Umbrella Rank: 1938	598 B
1	cloudfront.net d14jnfavjicsbe.cloudfront.net	29 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5234	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	442 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 170	15 KB
200	24

	Domain	Requested by
66	offtherecord.com	offtherecord.com browser.sentry-cdn.com
16	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
14	ka-p.fontawesome.com	kit.fontawesome.com offtherecord.com
11	dev.visualwebsiteoptimizer.com	offtherecord.com dev.visualwebsiteoptimizer.com browser.sentry-cdn.com
10	off-the-record-service.s3.amazonaws.com
10	wchat.freshchat.com	offtherecord.com wchat.freshchat.com assetscdn-wchat.freshchat.com
8	fonts.gstatic.com	fonts.googleapis.com
8	otr-backend-service-us-prod.offtherecord.com	browser.sentry-cdn.com
5	fonts.googleapis.com	offtherecord.com
4	api2.branch.io	browser.sentry-cdn.com
4	rs.fullstory.com	browser.sentry-cdn.com edge.fullstory.com
4	connect.facebook.net	offtherecord.com connect.facebook.net
3	httpsofftherecordcom.webpush.freshchat.com	wchat.freshchat.com httpsofftherecordcom.webpush.freshchat.com
3	lh3.googleusercontent.com
3	bat.bing.com	offtherecord.com bat.bing.com
3	www.google-analytics.com	offtherecord.com www.google-analytics.com browser.sentry-cdn.com
3	edge.fullstory.com	offtherecord.com browser.sentry-cdn.com rs.fullstory.com
2	api.getdrip.com	d14jnfavjicsbe.cloudfront.net
2	www.facebook.com	offtherecord.com
2	www.googletagmanager.com	offtherecord.com
2	apis.google.com	offtherecord.com apis.google.com
2	browser.sentry-cdn.com	offtherecord.com
2	kit.fontawesome.com	offtherecord.com kit.fontawesome.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	snippets.freshchat.com	offtherecord.com
1	r1.visualwebsiteoptimizer.com	browser.sentry-cdn.com
1	app.link	offtherecord.com
1	d14jnfavjicsbe.cloudfront.net	tag.getdrip.com
1	www.google.de	offtherecord.com
1	www.google.com	offtherecord.com
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	tag.getdrip.com	offtherecord.com
1	www.googleadservices.com	offtherecord.com
1	fight.offtherecord.com	1 redirects
200	34

This site contains links to these domains. Also see Links.

Domain
www.kiro7.com
kmph.com
www.king5.com
www.geekwire.com
www.facebook.com
www.reviews.io
www.google.com
fight.offtherecord.com
play.google.com
mylawfirm.offtherecord.com
facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
*.offtherecord.com Amazon	`2022-01-15` - `2023-02-13`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-16` - `2022-12-15`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-12-03` - `2023-03-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.fullstory.com R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.getdrip.com Amazon	`2022-01-28` - `2023-02-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
freshchat.com Amazon	`2022-07-11` - `2023-08-09`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
freshworksapi.com Amazon	`2022-01-03` - `2023-01-31`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://offtherecord.com/
Frame ID: C9B10DDA138005F31C0F470DF55A1F21
Requests: 189 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Frame ID: 5C56C3D845AE567D9F8DB93B1D2B8866
Requests: 25 HTTP requests in this frame

Frame: https://httpsofftherecordcom.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Frame ID: E0583CF7064E3D0ACD986578A547686B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fight Your Moving Violation | Traffic Ticket Lawyer Local & Online

Page URL History Show full URLs

http://fight.offtherecord.com/ HTTP 307
https://offtherecord.com/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

200
Requests

99 %
HTTPS

52 %
IPv6

24
Domains

34
Subdomains

33
IPs

3
Countries

6777 kB
Transfer

18566 kB
Size

21
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kiro7.com/news/local/got-at-ticket-theres-an-app-for-that/273024500/

Search URL Search Domain Scan URL

URL: https://kmph.com/news/local/traffic-ticket-theres-an-app-for-that

Search URL Search Domain Scan URL

URL: https://www.king5.com/video/news/local/new-app-helps-drivers-fight-traffic-tickets/281-922497

Search URL Search Domain Scan URL

URL: https://www.geekwire.com/2016/off-record-speeding-ticket-app/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OffTheRecordApp/
Title: 4.58 656 reviews

Search URL Search Domain Scan URL

URL: https://www.reviews.io/company-reviews/store/offtherecord-com
Title: 4.95 2180 reviews

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=off+the+record+fight+your+ticket
Title: 4.77 1209 reviews

Search URL Search Domain Scan URL

URL: https://fight.offtherecord.com/a/key_live_oik1hC6SvaFGaQl6L4f5chghyqkDbk9G?channel=website&feature=iOSBadge&stage=footer&$fallback_url=https%3A%2F%2Fapps.apple.com%2Fapp%2Fapple-store%2Fid1032930471%3Fpt%3D117925041%26ct%3Dcustomer_website%26mt%3D8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.offtherecord.otr_mobile_app&referrer=utm_source%3Dwebsite%26utm_medium%3Dfooter

Search URL Search Domain Scan URL

URL: https://mylawfirm.offtherecord.com/
Title: Law Firm Portal

Search URL Search Domain Scan URL

URL: https://facebook.com/OffTheRecordApp

Search URL Search Domain Scan URL

URL: https://twitter.com/OffTheRecordApp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/offtherecordapp/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fight.offtherecord.com/ HTTP 307
https://offtherecord.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

200 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
offtherecord.com/
Redirect Chain

http://fight.offtherecord.com/
https://offtherecord.com/

9 KB
3 KB

175ms
119ms

Document
text/html

99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 21c4a6458b28a11e5a627e50755b0519962743a4c9bf7847bc29a76ab3fa1c83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 20:41:04 GMT
etag: W/"23e1-184edb457d0"
expires: 0
last-modified: Wed, 07 Dec 2022 17:48:50 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: iYQcMsQCOM8TiQtIqU3mPs1lmhrQCE2HjAq3lNdJVYtsQEvy7UqRfg==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-powered-by: Express

Redirect headers

Connection: keep-alive
Date: Wed, 07 Dec 2022 20:41:04 GMT
Last-Modified: Wed, 07 Dec 2022 20:41:04 GMT
Location: https://offtherecord.com
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked

GET
H2 200 af20baf93e.js Show response
kit.fontawesome.com/ 11 KB
4 KB 72ms
50ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/af20baf93e.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9dc51a4567e3f477c625dd64bb07175d5de9c5bacec92e645c8430afe2fbff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7760147c6e08929c-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FyfSTRb7yoJLqvsABYcC

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.19.7/ 65 KB
21 KB 28ms
7ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 26 Apr 2022 13:11:05 GMT
server: Fastly
age: 19465576
etag: "4dc87c1e025f84ef0d14fe9187946dfd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20887
expires: Wed, 26 Apr 2023 13:34:47 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.19.7/ 2 KB
976 B 32ms
11ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.19.7/angular.min.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 26 Apr 2022 13:11:05 GMT
server: Fastly
age: 545950
etag: "14f18525c8f97317f08d5cc6f80a1953"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 882
expires: Fri, 01 Dec 2023 13:01:54 GMT

GET
H2 200 293.8903fb93146eeb696028.js Show response
offtherecord.com/ 6 MB
1 MB 116ms
116ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 643fb7629b665c0f93d4ab0f830f568d434426ff28f21b990ff0f4cf9117148b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 17:48:50 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
etag: W/"663449-184edb457d0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: RFF8iNclG06TTzjSmer6DnpKGxovzBf9ppv_Fj4b1htYv9bZmuImkA==

GET
H2 200 main.6a85d2734327ea951676.js Show response
offtherecord.com/ 1 MB
194 KB 110ms
107ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/main.6a85d2734327ea951676.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9555678057f76f7f2eafb7e3b315b4c75b89470e5c297c7b9f72800509ce03cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 17:48:50 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
etag: W/"1563c0-184edb457d0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: 1Megvj7EkAP_kCoe7KsUnPf08rOfnw1CHDe8RikC5UAfnQvWlyrBvQ==

GET
H2 200 inline-scripts.js Show response
offtherecord.com/app/common/preprocessor/ 3 KB
2 KB 12ms
9ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/app/common/preprocessor/inline-scripts.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 56748cc71c22d9f3f12219b0a1ee17444ae07f1bd29640a3f0076942e2b6fcd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:25 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"cb4-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: JtEui5piKpiR_0gOcPCqty_pEjmRKZIupmfQcXkm6XuD37xZtfgaTQ==

GET
H2 200 client.js Show response
apis.google.com/js/ 17 KB
7 KB 130ms
44ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce33dc61fddd719ab0bb914b3d50b3a82afb8945eda2ba7a388fac66b96e07e2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 20:41:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f72c6f6cd2ffc177"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 189ms
81ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

9afd33ecebacb4ed3f9c1ecf1d50ad4eec1b04c8aa584ed3828e1b95058d9b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15189
x-xss-protection: 0
server: cafe
etag: 17024150440181632750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 autotrack.js Show response
offtherecord.com/node_modules/autotrack/ 24 KB
8 KB 12ms
10ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/autotrack/autotrack.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:25 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:24 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"60d8-184e37236c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: rpib66lAS5aeoPGM4ZoAPDdq5pykNRVDHfINB5SsIQh_k1I3X0Hbwg==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.2.1/css/ 795 KB
172 KB 64ms
30ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/css/pro.min.css?token=af20baf93e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/af20baf93e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 766b624fa66325bb23a7f1bb4d0e5429dab3dde643ab89044967f0e1a2d0d172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
server: cloudflare
age: 1912249
etag: "63725960-2b022"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760147cfee1929c-FRA
content-length: 176162

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.2.1/css/ 27 KB
4 KB 63ms
29ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/css/pro-v4-shims.min.css?token=af20baf93e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/af20baf93e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23510391ff5b9984f27c28542f4111767ef24c091f5c2e32a723b4325e123f11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
server: cloudflare
age: 1912249
etag: "63725960-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760147cfee4929c-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.2.1/css/ 85 KB
12 KB 53ms
19ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/css/pro-v5-font-face.min.css?token=af20baf93e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/af20baf93e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ebbaec1afcc42335561d025651db0eba255ac91b054b29c5e15240b272e70c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
server: cloudflare
age: 1912249
etag: "63725960-30ac"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760147cfee2929c-FRA
content-length: 12460

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.2.1/css/ 12 KB
2 KB 61ms
26ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/css/pro-v4-font-face.min.css?token=af20baf93e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/af20baf93e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b3e6bf953a9cf55e65d934a285e6a47203e1e2e0cd3d0b1448a71f5e1075c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
server: cloudflare
age: 1912249
etag: "6372595f-908"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760147cfee3929c-FRA
content-length: 2312

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/af20baf93e/103681994/ 443 B
408 B 23ms
23ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/af20baf93e/103681994/kit-upload.css?token=af20baf93e

Requested by

Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/af20baf93e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f666472c3669e7c6d2557a92e7f39e735490f862b1ad82f06f1f7ce48608afab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 5315993
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7760147cbe8e929c-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fxu6nRcACT2LYMfF7S4B

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 14 KB
5 KB 317ms
246ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=660553&u=https%3A%2F%2Fofftherecord.com%2F&f=1&vn=1.3
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 87b8536e91ef0f286ac830df3862cbde261f47bfec2dbdf3a4d472c6ae68e542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:05 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1670419277"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ 677 B
433 B 140ms
44ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f7a8e11272b8269b6e75d369163fc11d45525ebf7eb8e8c99abbcc90902a606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 19:14:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 142ms
46ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 19:31:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 138ms
42ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 20:18:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
762 B 140ms
44ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,300,400,600,700,800,900&display=swap

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29fefffd74fbd898004a15ce78dd1ca4ca055edb785e1ac2d92c1f9d2582d6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 20:36:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 24 KB
1 KB 141ms
45ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a6d3ea3228a2dc96f3eb9ee37a17d83c31e404e16bb85e64e793b7bb4689237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 19:07:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 Bariol_Bold.woff
offtherecord.com/assets/fonts/ 42 KB
43 KB 14ms
9ms Font
font/woff 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/assets/fonts/Bariol_Bold.woff
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: abb9e4ae9f1682664b88435116330668da070d8208ecc30efdae9dff34d1bbb0

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:26 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"a938-184e3717b40"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 43320
x-amz-cf-id: 3CjGr28bqJqucb57LlpnA-EQUbXWFlxxD9nJOx6M1U0zd-6O_9xqtw==

GET
H2 200 Bariol_Thin.woff
offtherecord.com/assets/fonts/ 38 KB
39 KB 46ms
42ms Font
font/woff 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/assets/fonts/Bariol_Thin.woff
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 791452a396f1c5751173455e015d2ccf8a19fe1444d07389281336840711b8fc

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:26 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"9864-184e3717b40"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 39012
x-amz-cf-id: sAYTrhXBFvzUrNkNu-2PqdO8BwiET2DB6N4Q_HU3FACwmMdFzo-bJg==

GET
H2 200 icomoon.ttf
offtherecord.com/assets/fonts/ 1 KB
1 KB 12ms
8ms Font
font/ttf 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/assets/fonts/icomoon.ttf?hmoocw
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 107f0c6caa4752feaeebf24f9597163a63cb35aa0caa5dcc4ad15abafa017419

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:25 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"524-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
cache-control: public, max-age=31557600
x-amz-cf-id: EPFJn0nYm0W5qdizBswR-CUUKW2zP1ZNjcvWC7UEohr1jQg5fLHhKQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
46 KB 141ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MVS6TPP

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/app/common/preprocessor/inline-scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b48d90a6ea5dda5b9229d11e085300d9f8be2957a96aed79033f79060610c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46204
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 20:41:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
44 KB 179ms
87ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MVS6TPP&gtm_auth=7szxnVDtCpxOF_NjbDaJgQ&gtm_preview=env-7&gtm_cookies_win=x

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/app/common/preprocessor/inline-scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de236faf8c20e94f725556156146fb2b11ea072c3c92b6c1418c8a80ae4efe01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45320
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/app/common/preprocessor/inline-scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Dec 2022 20:41:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /WfhweSi/Ih4MEh2O/Xy57G0ZrlWjeDEtP2sohX9E2SX5juPNw9RwbNUM41cf13jnwH2PyJtF+mcz2MG6kYpzA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 258 KB
65 KB 124ms
32ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/app/common/preprocessor/inline-scripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6a5ff7be92be9d18a9b5d912a6983e14e28f97c9168bc47a01ca7d5172035d10

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:03:07 GMT
content-encoding: br
age: 2277
x-guploader-uploadid: ADPycds-zipClIi-QY2IfeliGObp2CzuVQMYkkBQXyhlpQ5Eg9lN2C9Z7IakhZMn9cG-mIAeiyqKrVXjyOaJD3YrZAZQWQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65803
last-modified: Tue, 08 Nov 2022 20:42:05 GMT
server: UploadServer
etag: "b3cc89ae11072c9ee7b443faa623e0e9"
vary: Accept-Encoding
x-goog-generation: 1667940125290071
x-goog-hash: crc32c=LkMtdQ==, md5=s8yJrhEHLJ7ntEP6piPg6Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 65803
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 07 Dec 2022 21:03:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/app/common/preprocessor/inline-scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 19:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4584
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 21:24:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 49ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/app/common/preprocessor/inline-scripts.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 07 Dec 2022 20:41:04 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 21BF6B70B814426C8E73C58C8A765600 Ref B: FRAEDGE1115 Ref C: 2022-12-07T20:41:04Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 185612438538592 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 71ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/185612438538592?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23dd8718d3a4a8288dbc27f9e69ff15ba05658c8abb7d52c97f95362a72aaefe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Dec 2022 20:41:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hNRdT+2J0rZ7cozhREy7JYcOwU/hC9nuKZ33SVgcL61gicUNYWmVIUxVa6EQacMtZU0mT+POcfrd3pIdZFSmVQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 16001542.js Show response
bat.bing.com/p/action/ 0
117 B 113ms
113ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16001542.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 07 Dec 2022 20:41:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E140F20F11343428ABAB2F397C613ED Ref B: FRAEDGE1115 Ref C: 2022-12-07T20:41:04Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16001542&Ver=2&mid=140a0609-4a88-4db3-b418-962b49843c31&sid=783b9d80766f11edba9b171b00074f77&vid=783bd220766f11ed9752f57d27230ac0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20fastest%20way%20to%20fight%20your%20traffic%20ticket&kw=%7B%7BngMeta.keywords%7D%7D&p=https%3A%2F%2Fofftherecord.com%2F&r=&evt=pageLoad&sv=1&rn=96613

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 07 Dec 2022 20:41:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B18E5B4D31C4B9B95319AE5EDEB2B77 Ref B: FRAEDGE1115 Ref C: 2022-12-07T20:41:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/ 307 KB
104 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45b384ac925673d553a06e6954ce5170a06b37c53a9405ac581bf105e17dba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106467
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 19:17:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=185612438538592&ev=PageView&dl=https%3A%2F%2Fofftherecord.com%2F&rl=&if=false&ts=1670445664940&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670445664939.70916402&it=1670445664835&coo=false&rqm=GET

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Dec 2022 20:41:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 108ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 07 Dec 2022 21:35:01 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 422ms
364ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 5c8f4084c22aafc93fc6917f8f486f9df70fe9b34e74e59e3a766caa871171f4

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Dec 2022 20:41:05 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://offtherecord.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1662

GET
H2 200 3915275.js Show response
tag.getdrip.com/ 920 B
1 KB 472ms
406ms Script
application/javascript 99.86.4.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.getdrip.com/3915275.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-11.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af9a803faae6cb0968f909de5823ad564393721faa6fc2658c7746f56545a626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 20:12:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "00de65cc591ad43daca489735821211d"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 920
x-amz-cf-id: omubdh7_RJd-hNvCVQasSLht-_BrfG54Ckjg_JKzDajF1E3jzKF3Iw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
43ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=36364921&t=pageview&_s=1&dl=https%3A%2F%2Fofftherecord.com%2F&ul=en-us&de=UTF-8&dt=The%20fastest%20way%20to%20fight%20your%20traffic%20ticket&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEITAAAAACAAI~&jid=327942464&gjid=1841496844&cid=1582547559.1670445665&tid=UA-69140841-1&_gid=1626913384.1670445665&_r=1&gtm=2wgbu0MVS6TPP&did=i5iSjo&z=796910680

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offtherecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag-1e074d878e1f0ab0cf056160d81fed36.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 173 KB
48 KB 64ms
33ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-1e074d878e1f0ab0cf056160d81fed36.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=660553&u=https%3A%2F%2Fofftherecord.com%2F&f=1&vn=1.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 15649c161605179d5d7daae122cacdee728751345fda217860195ef517cd37ec

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 07 Dec 2022 13:20:53 GMT
server: gfra1
etag: "63909335-c181"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49537

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 152ms
119ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=660553&d=offtherecord.com&u=D6F03EB04D58F4A706C73DE707A5A38F9&h=81470dc1b1e1ee274616a78c6ca0de7f&t=false&r=0.8032272704014092

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-69140841-1&cid=1582547559.1670445665&jid=327942464&gjid=1841496844&_gid=1626913384.1670445665&_u=aGDAAEISAAAAACAAI~&z=1507344206

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 20:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offtherecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 155ms
62ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69140841-1&cid=1582547559.1670445665&jid=327942464&_u=aGDAAEISAAAAACAAI~&z=1700810658

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 154ms
64ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69140841-1&cid=1582547559.1670445665&jid=327942464&_u=aGDAAEISAAAAACAAI~&z=1700810658

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag-ee7276e1587689e87e8d7dab5bd6dfa8.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 107 KB
27 KB 34ms
34ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-ee7276e1587689e87e8d7dab5bd6dfa8.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-1e074d878e1f0ab0cf056160d81fed36.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: a0fcfcd98c62ba1e89c50ba98cdc2a5c617c1fb8a57b3b9150a3853bc000a889

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:05 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 07 Dec 2022 13:20:53 GMT
server: gfra1
etag: "63909335-6c42"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27714

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 164ms
163ms Ping
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=14&account_id=660553&cu=https%3A%2F%2Fofftherecord.com%2F&combination=2&s=1&sId=1670445665&u=D6F03EB04D58F4A706C73DE707A5A38F9&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221670445665214%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.256&vns=undefined&vno=undefined&eTime=1670445665235&random=0.11884295462820615

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-1e074d878e1f0ab0cf056160d81fed36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 2 KB
868 B 36ms
36ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=660553&settings_type=1&vn=7.0&exc=1|8|2|3|4|5|6|14
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-1e074d878e1f0ab0cf056160d81fed36.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 2c8d9de6768c77e25dd192644cbf7fd3d7d75bd87ac99feafb69b9e2b9942937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1670419277"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 123ms
123ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=660553&u=D6F03EB04D58F4A706C73DE707A5A38F9&s=1670445665&p=1&tags={%22si%22:{%2214%22:%222%22}}&update=1&cq=0&vn=7.0.256&vns=undefined&vno=undefined&_cu=https%3A%2F%2Fofftherecord.com%2F&eTime=1670445665249&random=0.979895068470817

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 32ms
31ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 07 Dec 2022 13:20:52 GMT
server: gfra1
etag: "63909334-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 119ms
118ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=660553&u=D6F03EB04D58F4A706C73DE707A5A38F9&s=1670445665&p=1&update=1&cq=1&vn=7.0.256&vns=undefined&vno=4.0.184&_cu=https%3A%2F%2Fofftherecord.com%2F&eTime=1670445665269&random=0.5079374791791371

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 c.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 119ms
119ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/c.gif?account_id=660553&experiment_id=1&goal_id=1&ru=&u=D6F03EB04D58F4A706C73DE707A5A38F9&s=1670445665&ifs=1&t=1&cu=https%3A%2F%2Fofftherecord.com%2F&gt=1_8&f={%228%22:%221,3,4,5:1670445665%22}&vn=7.0.256&vns=undefined&vno=4.0.184&eTime=1670445665315&random=0.8108235207018675

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 119ms
119ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=660553&u=D6F03EB04D58F4A706C73DE707A5A38F9&s=1670445665&p=1&tags={%22si%22:{%226%22:%221%22,%225%22:%221%22,%224%22:%221%22,%221%22:%221%22}}&eg=4,3,2,1&update=1&cq=1&vn=7.0.256&vns=undefined&vno=4.0.184&_cu=https%3A%2F%2Fofftherecord.com%2F&eTime=1670445665321&random=0.1655239707979319

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 19ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=185612438538592&ev=Microdata&dl=https%3A%2F%2Fofftherecord.com%2F&rl=&if=false&ts=1670445665443&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20fastest%20way%20to%20fight%20your%20traffic%20ticket%22%2C%22meta%3Adescription%22%3A%22%7B%7BngMeta.description%7D%7D%22%2C%22meta%3Akeywords%22%3A%22%7B%7BngMeta.keywords%7D%7D%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%7B%7BngMeta.title%7D%7D%22%2C%22og%3Atype%22%3A%22%7B%7BngMeta.type%7D%7D%22%2C%22og%3Aimage%22%3A%22%7B%7BngMeta.image%7D%7D%22%2C%22og%3Aurl%22%3A%22%7B%7BngMeta.url%7D%7D%22%2C%22og%3Adescription%22%3A%22%7B%7BngMeta.description%7D%7D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670445664939.70916402&it=1670445664835&coo=false&es=automatic&tm=3&exp=b2&rqm=GET

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Dec 2022 20:41:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 web Show response
edge.fullstory.com/s/settings/6DGA5/v1/ 5 KB
1 KB 193ms
134ms XHR
application/json 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/6DGA5/v1/web
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6fb75923f7e15d56b15d7381d9a3e0c70ec553a34ea4ac1b0b06adc524297c84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:05 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvX0zcSiPu4D4A33XmLg48th3A33UY-QuI6ikoCDxfc5Y24wq77Vno7s20LWX9Vn9I95IggBgdBEhbxgEweJFYhlg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1392
last-modified: Wed, 07 Dec 2022 20:31:49 GMT
server: UploadServer
etag: "f73559ab7a50189ecc33808c07e53102"
x-goog-generation: 1670403709713749
x-goog-hash: crc32c=GpbHOw==, md5=9zVZq3pQGJ7MM4CMB+UxAg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1392
accept-ranges: bytes
content-type: application/json
expires: Wed, 07 Dec 2022 20:56:05 GMT

GET
H2 200 client.js Show response
d14jnfavjicsbe.cloudfront.net/ 88 KB
29 KB 162ms
44ms Script
text/javascript 2600:9000:2451:fa00:1e:9742:1680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Requested by: Host: tag.getdrip.com
URL: https://tag.getdrip.com/3915275.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2451:fa00:1e:9742:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cb435d9631757dce9699bd42f9cf9c27e4b93a9674170ae9d1cb378eb368f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:36:17 GMT
content-encoding: gzip
via: 1.1 509cace18a218c0f05771b7853739562.cloudfront.net (CloudFront)
last-modified: Mon, 23 May 2022 22:40:48 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P2
age: 289
etag: W/"a2daea63ec2db739cad8349e8ee224aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-meta-md5sum: otrqY+wttznK2DSejuIkqg==
cache-control: max-age=300
x-amz-cf-id: rDlFikv0jCv4TCOnpgv_3ue2Z-I9q_7j-Ks2WA96fcQ_8P7hPT75gw==

GET
H3 200 integrations Show response
rs.fullstory.com/rec/ 4 KB
4 KB 181ms
146ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=6DGA5
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d2cb0b7d160a5e811a29ea50219434d1aa58a16985ceef89340306077cdb2a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

OPTIONS
H2 200 user
otr-backend-service-us-prod.offtherecord.com/api/v1/ Frame 0
0 341ms
109ms Preflight 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/user?version=3512qz3i0g3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-32-56.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-token
Access-Control-Request-Method: GET
Origin: https://offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
access-control-max-age: 3600
date: Wed, 07 Dec 2022 20:41:06 GMT
server: nginx/1.20.0

GET
H2 200 _r Show response
app.link/ 91 B
598 B 217ms
166ms Script
text/javascript 2600:9000:223d:c400:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.0&branch_key=key_live_oik1hC6SvaFGaQl6L4f5chghyqkDbk9G&callback=branch_callback__0

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

9ac3b79e2d18e462f0492721cb4bc738288a38b326549d83f45a55e6d7245aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA56-P3
etag: W/"5b-Ev6NULKBe3uebqid0iJsZrnnWNc"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: x5pSagn3Mmg5TBUUB7pQwXAH6QZ6IfLREinLl6GtWXI-G1RuHNP5yQ==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/main.6a85d2734327ea951676.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05385402fa92d49d6cf2dc6742d3f30110479f21c477137374f308ba2536bad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 20:41:06 GMT
content-md5: uA8mOtclVysbfeLR7BvkEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 31jAj8y5+LhQfAs5ejKBCCPPvf1tjbtl72LMny/phCSGGCBZb12zQH5GsfxerMDs/z8wi12dbmMd0ep55Q0Wdw==
x-fb-content-md5: 0ce7767d8fac45488af9fe8edd1408cf
cross-origin-opener-policy: same-origin-allow-popups
etag: "5df1eafb58578ecfc773e3b43e6370e8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 07 Dec 2022 20:44:54 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 59 KB
19 KB 442ms
219ms Script
application/javascript 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: offtherecord.com
URL: https://offtherecord.com/main.6a85d2734327ea951676.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

474ce803d275f036d64fd67302998a48ed0122fac30e5bdcab522478779bad41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 64bf4f0f-f1d5-4f8a-a414-8d054ce63859
x-trace-id: 00-5cd1df18c2a2b71e408be3489c8c3788-f27ec5596f7c1fb1-00
served-by: 9886
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 9886

GET
H2 200 user Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/ 122 B
551 B 331ms
110ms XHR
application/json 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/user?version=3512qz3i0g3

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-32-56.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

f3f283eeb300723885be482fb13d193ae1b740b3f0194548f18f85ad6bdea402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
Api-Token: vKWrNZN8UMwxcqPxyRqbJo9x6OABtoqMA7scyCkpkSy82UcA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.20.0
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 mask.min.js Show response
offtherecord.com/node_modules/angular-ui-mask/dist/ 8 KB
4 KB 9ms
9ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/angular-ui-mask/dist/mask.min.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 978ab12640fcf74a29985a32c6f817d844a6d9dd99bf0b30b32d5dcbffaeaf6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:24 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"1edb-184e37236c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: hDxuYfbV2Q4Xb-4jlLC6yhJsr1w-I7k258tMM9mz3nCsYbf0Qf82nw==

GET
H2 200 snap.min.js Show response
offtherecord.com/node_modules/snapjs/ 10 KB
3 KB 11ms
6ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/snapjs/snap.min.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 1d4e14ba2eadc380927619ca30b3ce478636d400f9560b921dfeb7ae60ce919b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:24 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"26f7-184e37236c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: cexZEEBnBEZprP7rybAFNH0LCiiU4NYv8RL2vjAAfryRLXnUvVqWpQ==

GET
H2 200 angular-snap.min.js Show response
offtherecord.com/node_modules/angular-snap/ 4 KB
2 KB 12ms
7ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/angular-snap/angular-snap.min.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 39273a8dca0241a43647993698bfabbd276d44fa9871d4bd4c5e67b265ba8d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:23 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"ef0-184e37232d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: hpMRc_tahXWvgMMRTadS5WmmSpHKcnuE6qdGESg3NFUOERUy4wJwww==

GET
H2 200 angular-touch.min.js Show response
offtherecord.com/node_modules/angular-touch/ 2 KB
1 KB 13ms
8ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/angular-touch/angular-touch.min.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 15923ad463706598f8dd20a27bfab037db5f5b8f31c24ff0bdae5e8244c8fbba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:23 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"6cc-184e37232d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: LcsUibMaOx69FUFuOLD86WeIXrZb4EjdN_oxk2M191utBVGRlOdRyQ==

GET
H2 200 fuse.basic.min.js Show response
offtherecord.com/node_modules/fuse.js/dist/ 11 KB
5 KB 14ms
10ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/fuse.js/dist/fuse.basic.min.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 4a40381b9288a240836a6af346a307527edac1e8e09a22d322d3504a225aadc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:24 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"2cea-184e37236c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: X4i_poHokfwKIqYt2OK3mIbtGfQBqPo6T8BkHQ99JOerAOrrmmRdmA==

GET
H2 200 ng-flow-standalone.min.js Show response
offtherecord.com/node_modules/ng-flow/dist/ 16 KB
6 KB 13ms
9ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/ng-flow/dist/ng-flow-standalone.min.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 3d5edde8712859a5f18bd8f31ef88e5e827792758b5a09d86aa0afe198abd042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:25 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"4155-184e3723aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: 6io77Z72qAcHbUqtpNXfTh2QO1fcT2nFHypqd-Vg4VS0mlQmHCY0BA==

GET
H2 200 angular-number-picker.min.js Show response
offtherecord.com/node_modules/angular-number-picker/dist/ 3 KB
2 KB 14ms
10ms Script
application/javascript 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/node_modules/angular-number-picker/dist/angular-number-picker.min.js
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9f9a68efa68722547471c11da86d757726410f9cae6bb877192c7ce0433f6f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:00:24 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"ca4-184e37236c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: SgiEbMH2p0zp2iWZ7HRxKAMH-hVzKwtkcJ4tuiwftiYGI8DYDkrm4A==

GET
H2 200 visit Show response
api.getdrip.com/client/events/ 84 B
839 B 187ms
154ms Script
text/javascript 143.204.89.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/events/visit?drip_account_id=3915275&referrer=&url=https%3A%2F%2Fofftherecord.com%2F&domain=offtherecord.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_980811677

Requested by

Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-97.fra50.r.cloudfront.net

Software

Resource Hash

e1e886b147ea5642ec1036c2ed4f5c367ee5cd67f89ca33bae4146ce640c3272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 84
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 87e79b70-fa77-4665-ab13-7682fa2a00f5
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: cywPYErfoAMF-Sw=
content-length: 84
x-xss-protection: 1; mode=block
x-request-id: 2cd8f3c4-ed38-44dd-bb6f-74402251d88a
x-runtime: 0.037592
referrer-policy: strict-origin-when-cross-origin
etag: W/"e1e886b147ea5642ec1036c2ed4f5c36"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Wed, 07 Dec 2022 20:41:06 GMT
x-amz-cf-id: xZz4t_xLR8YJ6QEZb7aH_f8RVJZqGLtmKXINy3PnA8Ilt7Kp3PQynA==

GET
H2 200 home.component.169b5bd664760c637207.html Show response
offtherecord.com/templates/ 28 KB
6 KB 11ms
11ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/home.component.169b5bd664760c637207.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 24b27d72c11e9ab6df47644b2cd6f3bf777991fea5bfc26b31295cb31079adb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"7128-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: 7flOm2WzkLLzUvwuaiSEH3F3B1TT0pNFi2ommBFN5tgLqGItR3pTRA==

GET
H2 200 terms.component.038988971005fd782bfa.html Show response
offtherecord.com/templates/ 46 KB
10 KB 11ms
11ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/terms.component.038988971005fd782bfa.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: a1161c04d6f26f28beb84bd9145c5ee8ebcc0ad55f60205407483391586414df

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"b991-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: akMVIyNrHC-AlxakJ2Yj1DKciOLfRhaKeH0tyAaDcIJr45yo8OjrYQ==

GET
H2 200 help.component.2dcf876b8713b4bd60d5.html Show response
offtherecord.com/templates/ 2 KB
898 B 12ms
12ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/help.component.2dcf876b8713b4bd60d5.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: d8d41e8397ee47e183a8214fdeddf6880a291052eba3e1ad100f3dbc7f542e34

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"914-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: Er8pYHRwAUTtYUuNLCAbcrhm0pjQ3Gu9w60CrxXVvTacm68I6NpMlQ==

GET
H2 200 client-reviews.component.8b52adc9041bc65a7982.html Show response
offtherecord.com/templates/ 10 KB
2 KB 11ms
11ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/client-reviews.component.8b52adc9041bc65a7982.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 54bc26ea2a0ae205c59e4f271706a588c9e990613d8752fa90ccddebe2870fab

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"26ec-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: 8QTmR1lewbDfKDppQZDUu7Zm3piXbzQqYrIDeu2DH3ll0araCsUQ1Q==

GET
H2 200 referral.component.e99645f79750db507c09.html Show response
offtherecord.com/templates/ 10 KB
2 KB 11ms
11ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/referral.component.e99645f79750db507c09.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: f1e8027ede2def8ee1c1ab25fc3e632ea80217cc115db37ddcda995cad4361a9

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"27c5-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: lilaBCnx2CKaavg7UuaeDWxSdihIZvFezBNrmPAcGzNBOFmYg-HMJw==

GET
H2 200 referral-stats.component.d9eac4b1e501e9279c42.html Show response
offtherecord.com/templates/ 3 KB
1 KB 13ms
12ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/referral-stats.component.d9eac4b1e501e9279c42.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 2ba1ad7af6f77b6e2e22057e4de7eb8593d5cb224de15f59ce1f845faa57dea5

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"df0-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: wE1SdU6M2pYtxZ1byVbNhwgfy0v6cD83W6P8NcfyJXi3mWSUk0LTTQ==

GET
H2 200 referral-invite-prompt.component.74b5250c9c0bde08232f.html Show response
offtherecord.com/templates/ 3 KB
1 KB 13ms
12ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/referral-invite-prompt.component.74b5250c9c0bde08232f.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 5f6f271ff8e9620646f58764459df95790e7dfb724ca852087540b806a0aeb4b

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"bba-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: LZbqtlKZcLPPc5oIsI6J7uKwl-_VPTNnJadeoOSoQ9rLTEmjy0DSzg==

GET
H2 200 contact-us-form.component.e074792dc7e708d532b9.html Show response
offtherecord.com/templates/ 6 KB
2 KB 13ms
13ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/contact-us-form.component.e074792dc7e708d532b9.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: cea514742310a1ef741966fd63bdb0373ccc8e86a6699f0fc8407e0456ee1850

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"1938-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: 0YRgVd4m2x-CTqi2WaLqmkhmKDWoKcV-0-OX3Vp5V7fLAIS027AZqQ==

GET
H2 200 app-text-reveal.component.ec73460453e9a8290e8b.html Show response
offtherecord.com/templates/ 304 B
680 B 14ms
14ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/app-text-reveal.component.ec73460453e9a8290e8b.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: d100a79e9ca4f220f81fd0729136ce2839c361f0850a3ddabb987bb04c99b925

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"130-184e3717b40"
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 304
x-amz-cf-id: uef1FBDWGNw6HiVGtQtB1kNXq1Q3ocF5H5wDg1jghUuZq-0kBFw_hg==

GET
H2 200 knowledge-base.component.ff3e9f50b863723133d0.html Show response
offtherecord.com/templates/ 1 KB
822 B 15ms
15ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/knowledge-base.component.ff3e9f50b863723133d0.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 023b8c10024a4327232c39f1dded627615777b2ed68e3f1eeedd106e3a3ac3e5

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"5c7-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: xphkoSFkrW_gSxFC4u9OWvxJwhlLc966kEtFOjXArpVLiGHuS19IiQ==

GET
H2 200 support-article.component.0b93da129b056fa82c3d.html Show response
offtherecord.com/templates/ 2 KB
934 B 12ms
12ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/support-article.component.0b93da129b056fa82c3d.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 84ccd3a3071d77c78c706cea61e9aaf4aa6c6525c2f2bd9b447143ddcc748aa4

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"64e-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: xPo97LgFWGJuE-XMZMpjAaD52TStaubjlQ1TVEmmxYbMhegrWo-KeQ==

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 426ms
205ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=6DGA5&UserId=5026065829416960&SessionId=5621708927094784&PageId=6153385436860416&Seq=1&PageStart=1670445665191&PrevBundleTime=0&LastActivity=2&IsNewSession=true
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 07797747fa728382da02a8b0eb152fbe764ae07b6267fce54978de3d96e641d0

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://offtherecord.com
date: Wed, 07 Dec 2022 20:41:06 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v3/ 40 KB
11 KB 94ms
35ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v3/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=6DGA5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1c978006c2d514e45e19ce26c0049fddf88f6aa103335c91ef519b06265e1ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:45:33 GMT
content-encoding: gzip
age: 3333
x-guploader-uploadid: ADPycdteZybagc9ViMv7oQhFi5eaA0JYTVZtzqCSyUF0Jua8ehnsLIfiYA5chK1Wd26FYiyWD_ncpYlMv79lToViZl2FnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11295
last-modified: Mon, 05 Dec 2022 20:59:29 GMT
server: UploadServer
etag: "07072bef7f1e145b1cef70a821fa782f"
x-goog-generation: 1670273969765949
x-goog-hash: crc32c=VYw5jA==, md5=Bwcr738eFFsc73CoIfp4Lw==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11295
accept-ranges: bytes
expires: Wed, 07 Dec 2022 20:45:33 GMT

GET
BLOB 200
OK ef689002-a16a-4a2c-982c-392f9539d0d5
https://offtherecord.com/ 47 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offtherecord.com/ef689002-a16a-4a2c-982c-392f9539d0d5
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 47679
Content-Type: text/javascript

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ae53c2023fa9955df926b45243fcfd87

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ecf684a04bd818520a3f91a4a924a66944f844f114d38bc6fd12636af8d0ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 20:41:06 GMT
content-md5: i+3ex7JKyhROjOpoltG/bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88439
x-fb-rlafr: 0
x-fb-debug: 3og/HS9dLHSzhuOxscfAf1Hocc6QOxl4eLKjxvtffahxJ0rWtNMaGDVeMQd8wnAlxiKvf+fyxwD1EJxrqBqF0g==
x-fb-content-md5: 5eca97f2a68959201a96b837a9896c09
cross-origin-opener-policy: same-origin-allow-popups
etag: "ce9bc0569f3a95f3bb99f8672e728567"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Dec 2023 19:44:35 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 323 B
684 B 219ms
173ms XHR
application/json 2600:9000:2491:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d353eae3d98cb656016ae2a77675763c33035d7341d161f446a30d04982027ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 046a7e07dddd403e822be143209e1757-2022120720
content-length: 323
x-amz-cf-id: xGu7WPPxtTDiVsvmCA3VZ8F2f8RIrkiyO9M0EdQyhD9T0VL8ypZoOg==

GET
H2 200 track Show response
api.getdrip.com/client/ 101 B
855 B 329ms
328ms Script
text/javascript 143.204.89.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/track?url=https%3A%2F%2Fofftherecord.com%2F&visitor_uuid=f0e284a49f6a4cc4bb63a269caba4c4e&_action=Visited%20a%20page&source=drip&drip_account_id=3915275&callback=Drip_613167786

Requested by

Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-97.fra50.r.cloudfront.net

Software

Resource Hash

d2a07b9dd6cce25453e7c96ae3218cd0d9c7ce73d15124385a7d5dab40e44a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 101
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: dc78d9a1-9471-423d-8a7b-78565a6a7665
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: cywPcHX7oAMF7tQ=
content-length: 101
x-xss-protection: 1; mode=block
x-request-id: 24d0be66-e2ee-4a23-a2c1-c10e27e95eaa
x-runtime: 0.043071
referrer-policy: strict-origin-when-cross-origin
etag: W/"d2a07b9dd6cce25453e7c96ae3218cd0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Wed, 07 Dec 2022 20:41:06 GMT
x-amz-cf-id: qGnS4ExYf4T-yyfDNkylC_ytCOcDbBmr9DvmQOAiSksxfllmVNrVgA==

GET
H2 200 main-header.partial.cc6b56bcaee25216c070.html Show response
offtherecord.com/templates/ 12 KB
2 KB 22ms
18ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/main-header.partial.cc6b56bcaee25216c070.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 66b9205f2695c992bec1a8010ba0bf54985dee277dc34943515d5d756d63d108

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"2e94-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: h39o-UHZcZUdoDkUbRpW3kB_qDHYy-8h3WNs291YLBR303VyQwLOAQ==

GET
H2 200 footer.partial.adc857d1d3cfdaa1c88d.html Show response
offtherecord.com/templates/ 10 KB
2 KB 21ms
18ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/footer.partial.adc857d1d3cfdaa1c88d.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 3fec4b3033d940636dbeabc31dcee4bb3eedc3b534ad4c1a652e2470fba0c94e

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"26b7-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: SpAM2QtuhYfJT8XLWgW3XJ-MjtQ2BCIHx7ZY6u3bUVX3osajPawdvw==

GET
H2 200 featured-on.partial.05fb40558ff95ad4028d.html Show response
offtherecord.com/templates/ 1 KB
753 B 21ms
19ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/featured-on.partial.05fb40558ff95ad4028d.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 2fbec33dc79b6fe02f1bb4aed0c266cf0d59ca32ff208c1fb56748de0b1e547e

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"4d3-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: T8Ndnq88wvmyZfcIwmjYcx6x9-8y0qAhQ5M7r2oglR9u4TZUoi_GJA==

GET
H2 200 default-template.dfe16a5d0ed1e11f6172.html Show response
offtherecord.com/templates/ 678 B
1 KB 9ms
9ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/default-template.dfe16a5d0ed1e11f6172.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: b2972a68e50b9d105e4cc8dec627577d00e93202815f36bcc42ab67d148fd575

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"2a6-184e3717b40"
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 678
x-amz-cf-id: Z51Yhu4JFJZ_B-5vMH9VGnubjhvLmj8v9Lr-XseSKcJHGoDCMgLadA==

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 145ms
49ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:49:04 GMT
x-content-type-options: nosniff
age: 514322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 21:49:04 GMT

OPTIONS
H2 200 reviews
otr-backend-service-us-prod.offtherecord.com/api/v1/ Frame 0
0 109ms
109ms Preflight 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/reviews?includeAnonymous=false&limit=100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-32-56.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-token
Access-Control-Request-Method: GET
Origin: https://offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
access-control-max-age: 3600
date: Wed, 07 Dec 2022 20:41:06 GMT
server: nginx/1.20.0

GET
H2 200 banner-alert.component.70dc886d20366383706d.html Show response
offtherecord.com/templates/ 750 B
1 KB 10ms
10ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/banner-alert.component.70dc886d20366383706d.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 7334b9b34d7b3826d4ddb8a335a672e0ed5b0784c15cebc4531997f03c15a07d

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"2ee-184e3717b40"
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 750
x-amz-cf-id: CeLwVliwp64dymcU6Yx557JvhuAZs7vkUPJeykbZJx2Ng__x5-5zlw==

GET
H2 200 side-nav.partial.9589234b7e5ebc92816f.html Show response
offtherecord.com/templates/ 4 KB
1 KB 10ms
10ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/side-nav.partial.9589234b7e5ebc92816f.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 4f9c80a2a77bf82badfc8ea73328ad4766079140edd4cd5e9ec21e4d925f47bc

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"1119-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: yqYIjWVQg-BrNYbzIgg_CsLvDnSjibV2YydWe6l5GCqgK2Hyhq8fkQ==

GET
H2 200 stats-banner.component.6fb564ab70946c6b24b2.html Show response
offtherecord.com/templates/ 3 KB
1 KB 11ms
11ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/stats-banner.component.6fb564ab70946c6b24b2.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 77dafb301622b519a4fcc2ee2fef4a31eaa152a3c94df404cb434cf51faaa92b

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:27 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"b39-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: HGT1rE4C3GinJAsD6MtDCtmYNHQ9MHler-yJ-_Mv3BsPQiJgAa00hg==

GET
H2 200 reviews Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/ 85 KB
10 KB 349ms
274ms XHR
application/json 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/reviews?includeAnonymous=false&limit=100

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-32-56.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

58e98596bda872b06510f1f2f5e21a68c45cbda1d83b89d93abb1b4968eeef02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
Api-Token: vKWrNZN8UMwxcqPxyRqbJo9x6OABtoqMA7scyCkpkSy82UcA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.20.0
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 23e399de557cc0c0f9bf.png
offtherecord.com/ 41 KB
41 KB 10ms
9ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/23e399de557cc0c0f9bf.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: effe1974a12f7b8ab030117a3599fbc0be15c18a7ade84b5884788838a836da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"a3c1-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 41921
x-amz-cf-id: WOA-mgRxVS75xO6AfLZagVujqp58K6zvbY7XBxHXhkw2rnG7Rf89Dg==

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 120ms
116ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:45:47 GMT
x-content-type-options: nosniff
age: 3319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 19:45:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 44ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 186974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:44:52 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 85ms
82ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 11:47:53 GMT
x-content-type-options: nosniff
age: 463993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 11:47:53 GMT

GET
H2 200 pro-fa-solid-900-d5bbe9.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 24 KB
24 KB 63ms
60ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-solid-900-d5bbe9.woff2
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a87caa378662a0579007c576ad8141197ce16499633f355abdf530a5377b1c7

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:27 GMT
server: cloudflare
age: 1912250
etag: "63725b8f-5e04"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 776014883814929c-FRA
content-length: 24068

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 99ms
97ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 549686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:59:40 GMT

GET
H2 200 pro-fa-regular-400-e41116.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 25 KB
25 KB 135ms
133ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-regular-400-e41116.woff2
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff0a235dc7d390e1cf916abcb59cbae2aabb8c509a6f46a6c8cffaa0532a48df

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:26 GMT
server: cloudflare
age: 1911990
etag: "63725b8e-62c4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 776014883817929c-FRA
content-length: 25284

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 123ms
121ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 17:19:31 GMT
x-content-type-options: nosniff
age: 444095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:19:31 GMT

GET
H2 200 pro-fa-brands-400-9a7529.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 45 KB
45 KB 68ms
66ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-brands-400-9a7529.woff2
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af72523d3be5cd871bd15fe2058298c96cd9e034820cb4cbddd2b5fbc9c1ddc

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:24 GMT
server: cloudflare
age: 1912250
etag: "63725b8c-b400"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 776014883819929c-FRA
content-length: 46080

GET
H2 200 otr-main-header-logo.svg
offtherecord.com/assets/img/ 9 KB
4 KB 13ms
7ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/otr-main-header-logo.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 648c698dd41bf291833204226476e7d092b281fd06255a70a4925f45ca8c96c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"2495-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: EfOOZGryiokr24c6V1r48I-wJe5LGo1yB1eEyme9D3W5HXZXSKaGOg==

GET
H2 200 badge_ios.png
offtherecord.com/assets/img/ 4 KB
4 KB 44ms
37ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/badge_ios.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"eaa-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3754
x-amz-cf-id: xU7I6lUE8MxXTqQqDknCYDyHqoAyLrASXtXh11zQcdnswQSt7SBx9Q==

GET
H2 200 badge_google_play.png
offtherecord.com/assets/img/ 18 KB
18 KB 18ms
11ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/badge_google_play.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: e484006b9830dab35504a97bd9dc3196e8b682e902849a157fc08281f5ee9c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"46a0-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 18080
x-amz-cf-id: i4b61E87lryN4UYU15OMxA_1THju10tCuUw_1arIU3i6oDueonw2Ug==

GET
H2 200 hero-img.png
offtherecord.com/assets/img/ 165 KB
165 KB 20ms
13ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/hero-img.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: b39b166082a613e5693afd5ad767b2c7ba74b0ddb5baa4673679f2b0c5ce953a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"29370-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 168816
x-amz-cf-id: RmFyczIneN4XlJoZw-L5J6hN1fq8vcuJSDrwF5zUGqLISgOC4mixpA==

GET
H2 200 facebook--gray.png
offtherecord.com/assets/img/logos/ 11 KB
11 KB 17ms
10ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/facebook--gray.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 87e8f8478b394e75ddcf0778aef7ce167b36f3f372d52fe4a5db4598069bce9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"2ad0-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10960
x-amz-cf-id: ZK7yiuoLtMKms74l1-UIwLpZKZvbgs1kaLYXrND0B3VIRGRLvhxtKw==

GET
H2 200 reviews-io--gray.png
offtherecord.com/assets/img/logos/ 16 KB
17 KB 17ms
11ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/reviews-io--gray.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9389933c6b32060ec66aac366725a7aa4808dd96edf0b6707698e6f8b069756a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"4100-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16640
x-amz-cf-id: q5GDKZcCzedTkh0cYg8Epaf3bx_eLrOFuJFnU5zTOPPteftit_tiIw==

GET
H2 200 google--gray.png
offtherecord.com/assets/img/logos/ 27 KB
27 KB 18ms
12ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/google--gray.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: e84a67a96a0b380a2a32028b749d683d6aca96c4b5ecfe0b15f1bf602ee64bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"6a39-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 27193
x-amz-cf-id: NQBksVjl3mTRgOKEdtH5_am7Uvzn55_7nOg6_82K6Btyo0hFrv89gg==

GET
H2 200 icon-handfull-stars.svg
offtherecord.com/assets/img/ 4 KB
2 KB 24ms
18ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-handfull-stars.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: c46812c7c91d67dcc84ac30ff32138415af25b3416ea5b6588628cb3e2d1f686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"11aa-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: KFSRwi9AD_oYqzIXepRPd_zVWqYpES8_xMVI0msHtsAjFTqPr9jyXg==

GET
H2 200 icon-wallet.svg
offtherecord.com/assets/img/ 2 KB
1 KB 38ms
33ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-wallet.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 8e742fbd7146cea9dee3a9c4b4474e1da43f62e8864d519c1debe7f10ec6043b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"7cf-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: pp4NUrZtiemxlrti-gDCH6Z0q07673ZibHQbpKdxGZa9m0CxklCOZg==

GET
H2 200 icon-briefcase.svg
offtherecord.com/assets/img/ 2 KB
1 KB 24ms
18ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-briefcase.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: a8510ffd3e9d2934e0ad67e81a2fc12f36e2b04ac3f3f150bd7e44ad12af3d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"79f-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: wWxFEGo6VZuu-YUDRoyyqH8Ro7Tlk3ZctIYU_XOaXZjQg1z_QfpBiA==

GET
H2 200 icon-refresh.svg
offtherecord.com/assets/img/ 2 KB
1015 B 25ms
19ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-refresh.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: a3d2952330aefe690302e90460777d9b5c6fc354861336a919c83e44fe352800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"6e0-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: 1ataO5oGOiqSINGN-cHWudu9jwV4FNESnrxYzjxpMPiJ6RfL2LMHGA==

GET
H2 200 how-step-1.png
offtherecord.com/assets/img/ 856 KB
858 KB 26ms
20ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/how-step-1.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: d4b974aa358a45f46d74122d25f5bbe1e83af1b55a85767ef2b8f9adbbfcb67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"d60de-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 876766
x-amz-cf-id: GRyKJv3lpfyEWqqXHPV60zQMVOFwMNEjMDdZh4fsHnYTvcDD_D2eWg==

GET
H2 200 how-step-2.png
offtherecord.com/assets/img/ 1 MB
1 MB 35ms
29ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/how-step-2.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 231c57b570ff2a654d0a1a5b40aaa6995427999221fb6ce28d69b576a131a3c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"1131d3-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1126867
x-amz-cf-id: GF5C_faMgEnV3SU3g_NE5lum3oehdM6Ibtn1-R1AZX76gko2LYLlTA==

GET
H2 200 how-step-3.png
offtherecord.com/assets/img/ 889 KB
891 KB 30ms
24ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/how-step-3.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: cadb4956b7127df7772396e98e46ea3c72b4e2a842bdf38e53f67259c8983f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"de5c7-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 910791
x-amz-cf-id: IqHoA857S049kef1k6AeYMNnpn30Si3H5dy8iLT2MpMu1eZCPsWgKA==

GET
H2 200 icon-tickets.svg
offtherecord.com/assets/img/ 3 KB
1 KB 25ms
20ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-tickets.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 2d367b9054bc5b92d423f2f9484c18d8b41468a7f4fd9e63829d3dba290a206e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"d60-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: VOuDoZpoQAOUW92gfixpmey5p8M6TEbAopMdt0OdBFvtRCQM6t2wVA==

GET
H2 200 icon-window-check.svg
offtherecord.com/assets/img/ 2 KB
1 KB 24ms
19ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-window-check.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 0e52361cb2f6af4bb1f5fa4f27c87ddb8c6d4918ccd75655bd1d1bb34d4eeabe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"6b8-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: _W-ccMMS_xeO9nmP9ssl4gctlc5dvZ740PYd6o6rs8VbsEfTjf8j1A==

GET
H2 200 icon-directions.svg
offtherecord.com/assets/img/ 2 KB
1 KB 41ms
36ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-directions.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: a5d227b5d9c8b9b461d0a35df1c39685463fe0bd375c2aa2aa197dfd2776a7c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"787-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: Al_DFPBZmahLUIyKX5v4yZvnaYjDhPxnQHzEk7dZ_iahl-eHhMhnng==

GET
H2 200 icon-verified.svg
offtherecord.com/assets/img/ 3 KB
2 KB 33ms
28ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-verified.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 909c4adf1c2435d373b6e0d83ee64cc9888881ac24905238ea010b4da3d06b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"b51-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: Q2LvqcB7NP2tG973e8zqITANelqRkV5LfWx5RL-THNbTXcvGUNwxcg==

GET
H2 200 icon-money-back.svg
offtherecord.com/assets/img/ 2 KB
1 KB 29ms
24ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-money-back.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 17d2ee6ef525d4a35125c1ce7417ef5b7e1b611c2dc110a3add824bb078adcbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"897-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: eDqslc_V9tJD-JOUYh7dvzgfuMqRtmZlyyW6LNzGfBZ16rdVw2eTOQ==

GET
H2 200 icon-courthouse.svg
offtherecord.com/assets/img/ 3 KB
1 KB 37ms
32ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-courthouse.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 6a432ec996da0b400368eb6cf47f8e056f2b25e32a50b03d9a709fa6c1fecc1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"c41-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: O-xbKTLnkJ_NPgTrzXyQFbkN8VVHvO7QtKm3FX0P6l6XhR_FxR0tdA==

GET
H2 200 icon-notification-bell.svg
offtherecord.com/assets/img/ 3 KB
1 KB 40ms
36ms Image
image/svg+xml 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/icon-notification-bell.svg
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: b07fffef0ae1504dfba7fb4096afb6e097815298973f51a1b211771e05c075b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"a5c-184e3717b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-id: nC_TmDZW5qzRxG2japPq7TNHbagyWkvqMWoDw-mlDRqFTR8w3JHA_w==

GET
H2 200 cbs-logo-bw-min.png
offtherecord.com/assets/img/logos/ 3 KB
4 KB 41ms
36ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/cbs-logo-bw-min.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: cf950af8af64c9a95980894fb846b7c292daef8c5d2c926883e67ca8585205c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"d0f-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3343
x-amz-cf-id: Rwg-u0Bq2DmxRyQRZqu4iwLyLwhTW_RmlFTSXi_43wulFfiQP5xyFw==

GET
H2 200 fox-news-logo-bw-min.png
offtherecord.com/assets/img/logos/ 4 KB
4 KB 40ms
36ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/fox-news-logo-bw-min.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: f73a98da9f95a6fc0cf990afb6cab3aa425763dabc57657d7716348de1789dec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"e53-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3667
x-amz-cf-id: Xwvl2xsAGwq3amSakCaLWYHf_N2ERF3x6H1qMbN_RkPStRk4D1gALQ==

GET
H2 200 nbc-logo-bw-min.png
offtherecord.com/assets/img/logos/ 5 KB
5 KB 41ms
37ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/nbc-logo-bw-min.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 1665c4ead8413ee315dd58a31d655ce5309f288fc586aa744d6d3655bfe64609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"128e-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4750
x-amz-cf-id: GvVYGYCUZ68Ab25C-r4qMyuDjGqp09jVOk6N1BxhwYUdaPAR7hPBIA==

GET
H2 200 geekwire-logo-bw-min.png
offtherecord.com/assets/img/logos/ 4 KB
5 KB 65ms
62ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/geekwire-logo-bw-min.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: eb0148a81522418286ec73bbe42e77c7a1c3495848e1a0fd0f4d46c7804bcf1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"10f5-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4341
x-amz-cf-id: JHERS23JwMOgwFrArY9R6XSjGJjVqYEcHTAtn4cDOFG_EL2CrAuSJg==

GET
H2 200 pro-fa-solid-900-1722b2.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 26 KB
26 KB 30ms
27ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-solid-900-1722b2.woff2
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6a830a26c9a11dae14dbd539d7c872f5cf1efd608b4daca5a7ce2789ba9b747

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:27 GMT
server: cloudflare
age: 1912250
etag: "63725b8f-67a8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760148898b8929c-FRA
content-length: 26536

GET
H3 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 109ms
36ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:50:07 GMT
x-content-type-options: nosniff
age: 514259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17324
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 21:50:07 GMT

GET
H2 200 pro-fa-brands-400-f6b769.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 18 KB
18 KB 41ms
41ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-brands-400-f6b769.woff2
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2306dff2ad40394ccbab07a0ef3124e8a68cdfc4a5fc762a3ef6be86141e406b

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:24 GMT
server: cloudflare
age: 1912250
etag: "63725b8c-480c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 77601488b8e7929c-FRA
content-length: 18444

OPTIONS
H2 200 user
otr-backend-service-us-prod.offtherecord.com/api/v1/ Frame 0
0 110ms
110ms Preflight 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/user?version=tyll8nyofol
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-32-56.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-token
Access-Control-Request-Method: GET
Origin: https://offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
access-control-max-age: 3600
date: Wed, 07 Dec 2022 20:41:06 GMT
server: nginx/1.20.0

GET
H2 200 user Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/ 122 B
550 B 110ms
109ms XHR
application/json 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/user?version=tyll8nyofol

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-32-56.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

f3f283eeb300723885be482fb13d193ae1b740b3f0194548f18f85ad6bdea402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
Api-Token: vKWrNZN8UMwxcqPxyRqbJo9x6OABtoqMA7scyCkpkSy82UcA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.20.0
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 pro-fa-regular-400-e5c668.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 32 KB
32 KB 51ms
48ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-regular-400-e5c668.woff2
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944a7f6a840668d71f459e9414f895e5299978fa61d4056a6b8dd164c43c167b

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:26 GMT
server: cloudflare
age: 1912250
etag: "63725b8e-80f8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 77601488e934929c-FRA
content-length: 33016

GET
H2 200 fb6f3c230cb846e25247.gif
offtherecord.com/ 4 KB
4 KB 14ms
8ms Image
image/gif 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/fb6f3c230cb846e25247.gif
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"1052-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4178
x-amz-cf-id: 1BsKHPYL5XguzkfLKo4YREyMKcUxXq90msOqSNG46ft7iprZkp6OCw==

POST
H2 200 analyze Show response
r1.visualwebsiteoptimizer.com/ 0
143 B 702ms
210ms XHR
application/javascript 35.245.208.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.visualwebsiteoptimizer.com/analyze?_a=660553&_u=https%3A%2F%2Fofftherecord.com%2F
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.208.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.208.245.35.bc.googleusercontent.com
Software: r1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryrg9WUni9GSQCQwZ9

Response headers

access-control-allow-origin: *
date: Wed, 07 Dec 2022 20:41:07 GMT
content-encoding: gzip
server: r1
content-type: application/javascript; charset=UTF-8

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
435 B 177ms
176ms XHR
application/json 2600:9000:2491:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 6404fbc5b5ed4395babcb6a97b54531f-2022120720
content-length: 29
x-amz-cf-id: Vg1kmZSULLmptVcpqZWKMHDAoIbm5XH1xrYXJhrFRqKV4YKDJ3rd0w==

GET
H2 200 stats-banner-design.png
offtherecord.com/assets/img/ 14 KB
15 KB 11ms
10ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/stats-banner-design.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 3968d37ade51adbdf0a0047ccf818fdac37ad4c7cf373275abf7a2a2f8e941d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26798
x-powered-by: Express
etag: W/"397b-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 14715
x-amz-cf-id: 5CLJE7eY5Ltc69DqPXv7MZCISI0edY-lW6bpG1zjldg4QVKet-4DGw==

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 521931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H2 200 pro-fa-solid-900-b909c1.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 25 KB
25 KB 41ms
40ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-solid-900-b909c1.woff2
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e5ea2c2821b58c20e033f0cc7a514677efa9f6b0b7935d28e4c90009080612

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:06 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:27 GMT
server: cloudflare
age: 1912250
etag: "63725b8f-6580"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760148a2b4c929c-FRA
content-length: 25984

OPTIONS
H2 200 logout
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ Frame 0
0 110ms
109ms Preflight 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-32-56.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-token,content-type
Access-Control-Request-Method: POST
Origin: https://offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
access-control-max-age: 3600
date: Wed, 07 Dec 2022 20:41:06 GMT
server: nginx/1.20.0

POST
H2 200 logout Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
424 B 110ms
110ms XHR
text/plain 18.232.32.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.32.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-32-56.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
Api-Token: vKWrNZN8UMwxcqPxyRqbJo9x6OABtoqMA7scyCkpkSy82UcA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 20:41:07 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx/1.20.0
x-frame-options: DENY
access-control-allow-origin: https://offtherecord.com
access-control-expose-headers: Location, Otr-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 fc-pre-chat-form.css
snippets.freshchat.com/css/ 2 KB
1 KB 39ms
11ms Stylesheet
text/css 52.222.214.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snippets.freshchat.com/css/fc-pre-chat-form.css
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/main.6a85d2734327ea951676.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9027bc2ee5d559beeb81d822fd8e1b8962f6be256aaed95aca74a0a519406c3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 7OnEBywXzVAA7dOf2qysIqyO2hTJpPUZ
content-encoding: br
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
date: Wed, 07 Dec 2022 20:41:06 GMT
last-modified: Wed, 30 Oct 2019 14:02:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 96
x-amz-server-side-encryption: AES256
etag: W/"4e65817d49212c3bd08daf7ba74670a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: tfbDtKd434zk5jTH-JQgOvhqY4sVCjsBsEX4p2i5-y7Yrs2UwXuRsg==

GET
H/1.1 200
OK / Show response
wchat.freshchat.com/widget/ Frame 5C56 5 KB
3 KB 234ms
116ms Document
text/html 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

84abbbc4cd0b65e84730c4a299491e8208c3e7e9e8e0b66cd2b788d3874244a6

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offtherecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 07 Dec 2022 20:41:07 GMT
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
served-by: 4082
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: 6067dfb5-7e68-9baa-82c6-b5340d266791
x-server: 4082
x-trace-id: 00-a0e314dbd21288a82e88e531428b344a-7a4ed8ad067fec4f-01
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK widget.css
wchat.freshchat.com/widget/css/ 9 KB
3 KB 118ms
117ms Stylesheet
text/css 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/widget.css?t=1670445666975

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02447c2793c5846eabe0ee2721b8f6350bf35c06471e71a0af973306456573cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 8b9225bb-245e-9d39-8e63-bc62c132f28c
x-trace-id: 00-fa2390d6a8c4b5c5f887f1b706c0abdc-1df6206fac494f72-01
served-by: 4082
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 4082
expires: Thu, 07 Dec 2023 20:41:07 GMT

GET
H2 200 reviews-io--gray.png
offtherecord.com/assets/img/logos/ 16 KB
17 KB 10ms
9ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/reviews-io--gray.png
Requested by: Host: offtherecord.com
URL: https://offtherecord.com/293.8903fb93146eeb696028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9389933c6b32060ec66aac366725a7aa4808dd96edf0b6707698e6f8b069756a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"4100-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16640
x-amz-cf-id: 0R0ynCAIpgS10Tor46UR8VM3v8aTsBRaAFYj9FHIE_xH_fjpjD-Vag==

GET
H2 200 user-rating.component.f6904da87c364c06a12b.html Show response
offtherecord.com/templates/ 3 KB
1001 B 116ms
116ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/user-rating.component.f6904da87c364c06a12b.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: eea5366562d72a121b32333da086a47489f983bb563fb740ccc0a62134c69ce5

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:07 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 17:48:49 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
etag: W/"d0b-184edb453e8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
x-amz-cf-id: kefZus0gDsolIenqGUiNwO6XR2oIP6REyrmYy4g9YmOjvccbTj9v9Q==

GET
H2 200 avatar-image-fallback.component.31d2811901fb446ef182.html Show response
offtherecord.com/templates/ 59 B
434 B 9ms
9ms XHR
text/html 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offtherecord.com/templates/avatar-image-fallback.component.31d2811901fb446ef182.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 6f734ecf1191f5b75870fb8ef2b2b72acd5bb2552c23f1cd4ab8214cce385572

Request headers

Accept: application/json, text/plain, */*
Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"3b-184e3717b40"
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 59
x-amz-cf-id: yb4HBkY7oPIk0zsW_Evkkg46oCNXVhlR617gkv5GefeNexK1NlPHOQ==

GET
DATA 200
OK truncated
/ 329 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 692b86eb74526d07ca165b8eea3728d951fe8df81e93516666550da1ccf28e21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a73d9886283369e97c809bb8b7af15cab6263559318fb730256f6da6a720426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4333f5dde7ebbe95817db62d45966b8b0ea878734e0ebdceb3cbf93b0b2620d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc3b201b03f97f0a69115ed407d31214e8b54671e399e1391d5d705a5f9acc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45295a811f899c7eea5e4d0312049da477390afc2a94ffa491dc6979cc34c9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 603e10027c39bb736cc7dee132026554899c8df72c18a59e85d3f748228b0bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff00234ed13b5e571fe0ef5b0f9e465c86d895c156193cd0a7c2f75eac059bf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b2355de8c35632901a81e09dd89f0df8f7f27f9203bf4824da8b9c483801401

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b604083835a59cf9f77d9b7241cf5228a8d22e976735a0ea69a68cbe7c1359e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85ddb6693cdac9f66361f0f0c54ba4c07eb5b0a202ff94f8692c241bc1ae1fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 329 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed1f896874cf1d2e5ffcf369ed1277be55c36ab18bcbeb822e7a587008e397bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35badedf2f470a003c142adac2b71949647c08863bc1010be3c418e3ad2d4850

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1feff37397f802603ed85e9061608051d5b2a77cea125d78519057d06232b07b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9c242bdf5411decaed3c6fd15a0193472feedd3f6509fa5d3a91267cb7daa27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 329 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccb7e3319b8febae9c65ab29606ebdf09541e6e0a94d4b606465d3845dcb9717

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 329 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78555e77f61d09d04c161af14988377120b44cbfa38a4f8886083949e34f3e46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 606d1f2d749f0ae5ef2efe867be98b2610ea1a04b4ea0979a6f2bf0f4155aa58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1153b55bebff3c11194b85fe0b16ff2378fcf8c0b10a220727eb4ad762491d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dffac0197e3131c6f35307b96613f04748e6365d3bdea82d0f13e8a97347f272

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 google--color.png
offtherecord.com/assets/img/logos/ 5 KB
5 KB 9ms
8ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/google--color.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 03ad13ae622a22bc150ffe7b80c297a81953318bc8d0df254dd48720b5cd737c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"131c-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4892
x-amz-cf-id: AvZhLzS0xu27rj6fL94AP6Bcy6E1Y7bTkvEuQkCVEsL3kJUMiD7YHw==

GET
DATA 200
OK truncated
/ 329 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b15b6c9545897b7e1ec41dae5284c1e102e53c435f12c56ede872c54eae03a92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 android--green.png
offtherecord.com/assets/img/logos/ 7 KB
8 KB 10ms
10ms Image
image/png 99.86.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offtherecord.com/assets/img/logos/android--green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-110.fra6.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 2e4ffa4d535303a83b7d9428b61533203d8fce37e298f1d5029c7232759cca96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:14:28 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 17:59:36 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA6-C1
age: 26799
x-powered-by: Express
etag: W/"1da4-184e3717b40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7588
x-amz-cf-id: iqUI2-sXRX4U5e2KChmSbkbvnz9xL5S5M3mwrmJUfUxxjTv4K0Vvww==

POST
H2 200 logout Show response
api2.branch.io/v1/ 190 B
622 B 167ms
167ms XHR
application/json 2600:9000:2491:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/logout

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

67d0f3f3be0b21f55c08fa555b79810a1f2b8b619169573e9c95e1ee2bd7bded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 20:41:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"be-A70+7HOiUKD+8h+78dVYS7kRt7w"
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: c5b9e9090cb34a0caa4756a5ab724fed-2022120720
content-length: 190
x-amz-cf-id: XQXVM2ORZOVkuUkhUzpuzdQuO6y_sps-9ewZ0T5r6VGT0cXpxmeGHg==

GET
H2 200 pro-fa-light-300-e41116.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 27 KB
27 KB 25ms
25ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-light-300-e41116.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f395c92f8076a65bcf89aac811120b7f01cd88eb81a2ccfa772817f7129af11

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:07 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:25 GMT
server: cloudflare
age: 244685
etag: "63725b8d-6a68"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760148efac1929c-FRA
content-length: 27240

GET
H2 200 pro-fa-light-300-2a5ebc.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 37 KB
37 KB 29ms
29ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-light-300-2a5ebc.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4f3e3d9cdcd907e24e84656d52d8eda706f6453051ce1049d52d8817899b04

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:07 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:25 GMT
server: cloudflare
age: 705396
etag: "63725b8d-931c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7760148efac3929c-FRA
content-length: 37660

GET
H2 200 vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 23 KB
5 KB 39ms
10ms Stylesheet
text/css 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:39:51 GMT
content-encoding: gzip
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 80
x-amz-server-side-encryption: AES256
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: S3YUjCjzbzziKdYsQIiEjWQyxJKsPV2GMpl7Llo2c9nP_3__Xq2Y6A==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 0
419 B 40ms
10ms Stylesheet
text/css 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:38:44 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: 6pzoFRNJOhHaL6NfZFblp565LUX-4OuKdvk5eIBFank7NYcv2FS7pA==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 vendor.3474f8e0dcdb6126f26894076afa40d6.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 684 KB
181 KB 40ms
11ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:40:14 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 54
x-amz-server-side-encryption: AES256
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: L_I6nJ-teEH2XusZ7rYYlv00ed4HbIQd-Cz37mrOHGyMO_oGcAYWSg==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H/1.1 403
Forbidden 200289.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 667ms
191ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/200289.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden 370209.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 667ms
191ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/370209.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden 239394.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 664ms
189ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/239394.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden 368997.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 702ms
227ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/368997.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden XHV2Yv2.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 671ms
195ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/XHV2Yv2.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden 299820.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 667ms
192ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/299820.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden 203808.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 519ms
177ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/203808.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 AD5-WClnAPmN3B9doS4w9PSlkcN5HWyoszW2ljm1NOi4vQ=s120-c-c0x00000000-cc-rp-mo-br100-s150
lh3.googleusercontent.com/a-/ 43 KB
43 KB 131ms
47ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AD5-WClnAPmN3B9doS4w9PSlkcN5HWyoszW2ljm1NOi4vQ=s120-c-c0x00000000-cc-rp-mo-br100-s150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5fed1ac25e41548078f7a0efb21d7f58c3815bb6318e3905b0eb8c8ca2719a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:57:32 GMT
x-content-type-options: nosniff
age: 9816
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44222
x-xss-protection: 0
server: fife
etag: "v594"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 08 Dec 2022 04:44:13 GMT

GET
H/1.1 403
Forbidden 426007.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 520ms
178ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/426007.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 AEdFTp7QOcDwqj9kstpld4JuEDkhOzkAPhaeLdTmN6nG=s120-c-c0x00000000-cc-rp-mo-ba2-br100-s150
lh3.googleusercontent.com/a/ 10 KB
10 KB 123ms
40ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/AEdFTp7QOcDwqj9kstpld4JuEDkhOzkAPhaeLdTmN6nG=s120-c-c0x00000000-cc-rp-mo-ba2-br100-s150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64026816756a142fc6895504af5faae7ca3c6ed33c8472d427adff464059311f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:57:32 GMT
x-content-type-options: nosniff
server: fife
age: 9816
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10442
x-xss-protection: 0
expires: Thu, 08 Dec 2022 17:57:32 GMT

GET
H2 200 AEdFTp7BTiQhAkZdVWcpxWxiASWwua8LTVWfUuEVd-JS=s120-c-c0x00000000-cc-rp-mo-br100-s150
lh3.googleusercontent.com/a/ 4 KB
5 KB 120ms
37ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/AEdFTp7BTiQhAkZdVWcpxWxiASWwua8LTVWfUuEVd-JS=s120-c-c0x00000000-cc-rp-mo-br100-s150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4a1405dfb056e054e0bf0852a473da7b77ade738e01898b145e7d220aea0001d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:57:32 GMT
x-content-type-options: nosniff
server: fife
age: 9816
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4487
x-xss-protection: 0
expires: Thu, 08 Dec 2022 17:57:32 GMT

GET
H/1.1 403
Forbidden 328861.png
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 531ms
188ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/328861.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden 438956.jpeg
off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/ 0
0 537ms
191ms Image
application/xml 52.92.193.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/438956.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

POST
H2 200 logout Show response
api2.branch.io/v1/ 190 B
619 B 165ms
164ms XHR
application/json 2600:9000:2491:8200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/logout

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:8200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

17dc65fcb62baf1ff9c6cb8abf1321874f0715c0f62c9dd7bbac1617127b95b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 20:41:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"be-MNj0Cskf89SIC8yk/c76cHC6dRs"
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 84fe8a8b1ba34ffba1948f1860ec2fea-2022120720
content-length: 190
x-amz-cf-id: zzaZ788IM3rmZOXonmvZUYmZnhPlSFEir3ytkKbkc9mn4pdexttVnw==

GET
H2 200 3799.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 772 KB
178 KB 8ms
8ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/3799.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:37:14 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 236
x-amz-server-side-encryption: AES256
etag: W/"8180076189d919f05b9c73b7c659821f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 6lEUxN1WCUsdjvmA5hRJFzmIhziayAuthklzNT4b6Wc6uQR2HciHYQ==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 chunk.dae9916ea314ef4d0ff8.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 229 KB
26 KB 8ms
8ms Stylesheet
text/css 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.dae9916ea314ef4d0ff8.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:40:08 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 12:27:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 61
x-amz-server-side-encryption: AES256
etag: W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: tFJIOeqqBjmyDs4BJ-1uuOoFMmVif8QHk4tGDu5YBEX50LFVPJRkhA==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 fd-messaging.76925d88901c00a60140.css
assetscdn-wchat.freshchat.com/static/ Frame 5C56 229 KB
26 KB 8ms
8ms Stylesheet
text/css 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.76925d88901c00a60140.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:37:43 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 206
x-amz-server-side-encryption: AES256
etag: W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: r9rFf2fp1uKPavN1fc0uA-_5umt4tDxLU6Jys94rvmnny-MZwQwtZA==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 fd-messaging.70b5110e6eed58324691.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 700 KB
125 KB 8ms
7ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5209d9e09685ab33b8cbe08949b8424f4ef22c9ca04209f7b777cce9308f4371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:38:33 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 12:27:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 156
x-amz-server-side-encryption: AES256
etag: W/"a575d616c2f2189f6befb324344343ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: ZFYoX-5EEQwcJ51hwg5n-VP-OlNRkZRkvyp16rZdK8x0qrriDbQ_jA==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame 5C56 81 KB
25 KB 55ms
12ms Script
text/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b44134c882041c32203269160189f2a0a1b12e4e348f74a1f38b94640f7d65ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: BHs75.bKXbPkSsEMomQcy9Qw2gVgmqdU
content-encoding: gzip
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
date: Wed, 07 Dec 2022 20:41:08 GMT
last-modified: Thu, 17 Nov 2022 06:29:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4
x-amz-server-side-encryption: AES256
etag: W/"c4bb02a4c6be31fc499881d3abbbc6be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: GZxQGeKYOLS6TIZWxBCdyOxyksUboZIuifWyNuwr6evAt3BZiZk2JA==

GET
H2 200 chunk.9938837881ee5355d084.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 5 KB
2 KB 8ms
7ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.9938837881ee5355d084.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41d31fccc00a2693af835bb3ad029053a8b9b980eaf363de3a84d474a95e4841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:40:46 GMT
content-encoding: gzip
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 12:27:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 34
x-amz-server-side-encryption: AES256
etag: W/"daac960ffa002e906acd414b6f246293"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 63aNDxYQbGsKqzlNrOM9nTZPYCC2HeVfuuJTzbqCC2TMi06O_Q3v9w==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 chunk.f0e50d864072128887fc.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 11 KB
4 KB 11ms
11ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:36:14 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 295
x-amz-server-side-encryption: AES256
etag: W/"1ae4407b7afcc2dc550f4d597659d448"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: M34ydCiv7WAYElsvJ7OuwRpA3HixhN1QyVr5wEHg8VlXAi-Q7T7Paw==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H/1.1 200
OK config Show response
wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/ Frame 5C56 2 KB
3 KB 130ms
129ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/config?domain=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

c955866cfbc0baca286b2fb990526189be4cdfa28d91f21e25ddc7c65ce9d9c2

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:08 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 10
Connection: keep-alive
Content-Length: 1552
x-xss-protection: 1; mode=block
x-request-id: 5f4e2de4-1006-4a72-87d6-4b41a5210f78
x-trace-id: 00-0df915e840ac12c786dec9cf2c8b83a4-c1fc2d047b6ec25c-00
server: fwe
x-ratelimit-remaining: 2999
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 5323
x-ratelimit-limit: 3000

GET
H/1.1 200
OK co-browsing.js Show response
wchat.freshchat.com/widget/js/ 26 KB
9 KB 117ms
116ms Script
application/javascript 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 3ef33186-3527-4dfe-b086-bc32e4934234
x-trace-id: 00-e1a3abb667418bcb1506dde7f778df1c-229051e7b98dc077-00
served-by: 4082
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 4082
expires: Thu, 07 Dec 2023 20:41:08 GMT

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 4 KB
5 KB 8ms
8ms Media
audio/mpeg 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 07 Dec 2022 20:41:03 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: NVuqLZiGUgtomLqs0AKEPM33jHmBMlB4oQEA4c6L-o8SURZgSAgLUw==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H/1.1 200
OK user Show response
wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/ Frame 5C56 63 B
1 KB 120ms
120ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:08 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 63
x-xss-protection: 1; mode=block
x-request-id: b3002aed-aa58-4910-a677-e495ad5d0a55
x-trace-id: 00-152c1e0a9e2f5161416cb2c58c530980-dbc1378121042d38-00
server: fwe
x-ratelimit-remaining: 2998
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 4082
x-ratelimit-limit: 3000

GET
H/1.1 200
OK cb.css
wchat.freshchat.com/widget/css/ 1 KB
2 KB 116ms
115ms Stylesheet
text/css 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/cb.css?t=1670445668619

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/js/co-browsing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: b89d82a7-f35e-9a2a-a3c9-9ca56d952a24
x-trace-id: 00-91960968b0e221f78be11d046fcce605-877bbc2024a4ac10-01
served-by: 9886
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 9886
expires: Thu, 07 Dec 2023 20:41:08 GMT

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/ Frame 5C56 9 KB
3 KB 122ms
122ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

0367cc6162c6cda0833684e7a4b2923a1b744fd178e0da59ab7baab49db1a59c

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:08 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 0
x-status: HIT
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 9a1dd18e-c8b3-4e47-9691-00dc8a7a772b
x-trace-id: 00-d4e8b29646ddc404baa6f5e117cba89f-ef17ab7f8383a256-00
server: fwe
vary: accept-encoding
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 6714
x-ratelimit-remaining: 2997
x-ratelimit-limit: 3000

GET
H2 200 pro-fa-solid-900-2a5ebc.woff2
ka-p.fontawesome.com/releases/v6.2.1/webfonts/ 28 KB
28 KB 31ms
31ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.2.1/webfonts/pro-fa-solid-900-2a5ebc.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952c0411dfb54d1fe2267c5db27265e2c086dcf71699c908ee157fdf9341196d

Request headers

Referer: https://offtherecord.com/
Origin: https://offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:41:08 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:15:27 GMT
server: cloudflare
age: 1911992
etag: "63725b8f-6e7c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 776014955be1929c-FRA
content-length: 28284

GET
H2 200 chunk.1dc4795cd56d572db712.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 60 KB
14 KB 9ms
7ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.1dc4795cd56d572db712.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462befed2e9022fc8a63fe2222fa565ae4360b60aa2a805f8301253d5e7350ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:37:55 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Mon, 28 Nov 2022 06:43:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 194
x-amz-server-side-encryption: AES256
etag: W/"c939aebf2ff94aae618963959833de70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: wIIjVQahSJ1AwOk_0GWqxR7D99BhYw5WHLDSxTFJqHmAJD6aOuPLrQ==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 chunk.06dbc6116583eb762379.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 267 KB
46 KB 10ms
8ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.06dbc6116583eb762379.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f523bf3997717186673e604d4e19a2abd7402105845f4d0d73fed5210064f5ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:38:36 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 153
x-amz-server-side-encryption: AES256
etag: W/"f19eb03b66e354125c83d121670d685d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: SdkT-2bGN53tpFLwwZz_yWgf_zjvsHGAOcN2WDSCZA97Pf-DG3raAQ==
expires: Fri, 01 Dec 2023 12:27:52 GMT

PUT
H/1.1 200
OK activity Show response
wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/user/bf77ddba-500f-4f5b-86e6-6f911444a364/ Frame 5C56 17 B
1 KB 117ms
117ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/user/bf77ddba-500f-4f5b-86e6-6f911444a364/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/3799.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:08 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: 9beedcda-7326-4bcf-9614-5b8cb8938abf
x-trace-id: 00-c5980c677a7fd8b0a26dfe986b9fc204-ea2df80d41d0e58e-00
server: fwe
x-ratelimit-remaining: 2996
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 5323
x-ratelimit-limit: 3000

GET
H2 200 index.html Show response
httpsofftherecordcom.webpush.freshchat.com/ Frame E058 30 KB
7 KB 440ms
402ms Document
text/html 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://httpsofftherecordcom.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer: https://offtherecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 07 Dec 2022 20:41:10 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: 8E3e2eVIRk1EofQEM74TnLFTik4RHpskXrjfVaZkFjX-QnI9swEPUw==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H/1.1 200
OK category Show response
wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/faq/ Frame 5C56 209 B
1 KB 124ms
124ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/c36ed4b1-ac05-4052-a91f-83203339cd7c/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

5d1b3f98e41c0c318f5ebcf69b206583c2fc462665218fc3584e916e57b249c8

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=c36ed4b1-ac05-4052-a91f-83203339cd7c&referrer=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:41:08 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 11
Connection: keep-alive
Content-Length: 209
x-xss-protection: 1; mode=block
x-request-id: c9e5f158-f7f8-498b-a985-0191765cf376
x-trace-id: 00-5a2ebada4df45afa0445b2f79b001a04-b27785636710b47c-00
server: fwe
x-ratelimit-remaining: 2995
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 6714
x-ratelimit-limit: 3000

GET
H2 200 8627.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 16 KB
3 KB 8ms
7ms Stylesheet
text/css 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/8627.css
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:36:49 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 260
x-amz-server-side-encryption: AES256
etag: W/"20f054b8b45ccd177447feada77d0895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: FqFMAn0mImZyo38Aav0znhb7w4uoni7XlwWkg_MFZBmiYFnjLRVZPA==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 chunk.628a675083b43474a40b.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 137 B
586 B 11ms
10ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.628a675083b43474a40b.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49c3013edf1418bbf91a918d399e49717da0543a72c2c7a9e6964063dd94dea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:40:11 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 58
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 137
last-modified: Thu, 27 Oct 2022 11:43:34 GMT
server: AmazonS3
etag: "09f1bb696676dad184d04bb7b3602926"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: WsxasFIo3vy1TyEpVtRmj41rQvnCPsykVpkwmyPh-hbotiZIWauCBQ==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 chunk.11d90f755164bc5505e0.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 48 KB
14 KB 8ms
8ms Script
application/javascript 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.11d90f755164bc5505e0.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88d243f25253d432a1c21a5a8baa8c9252c0f2a5586543b7935d2ee9fbe39d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:38:43 GMT
content-encoding: br
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 146
x-amz-server-side-encryption: AES256
etag: W/"123f4c9f2c2093fb886435e7016642c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: HeqYK7uJi6lyN4IM7x3p8ZzdbUfR80dZlKOlaUUYX1MAlH3A67_zjw==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
BLOB 200
OK 0ff47c13-cdd8-4815-ac5c-ca863ee9af7d
https://wchat.freshchat.com/ Frame 5C56 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/0ff47c13-cdd8-4815-ac5c-ca863ee9af7d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 152

GET
H2 200 freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame 5C56 663 B
1 KB 9ms
8ms Image
image/svg+xml 52.222.214.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:40:47 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 22
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 663
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
server: AmazonS3
etag: "cd452acf4efb05843ef7575e5a9de756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: G1kYPkhj21qqUIQyZHbIarApc9DCG2za0h89CRQODY8snO6jk_9NOA==
expires: Fri, 01 Dec 2023 12:27:52 GMT

GET
H2 200 img_1525886662574.png
httpsofftherecordcom.webpush.freshchat.com/0403b2ccea0c0c5cc50c75b8637339f1f576312a7a63730edc62a2eb40b11742/f_hlimage/u_a64204bfa240cb896c36e2b48c543dd110fc838dc1e3e7bcb378b720c4c2ad6a/ Frame 5C56 31 KB
31 KB 9ms
9ms Image
image/png 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://httpsofftherecordcom.webpush.freshchat.com/0403b2ccea0c0c5cc50c75b8637339f1f576312a7a63730edc62a2eb40b11742/f_hlimage/u_a64204bfa240cb896c36e2b48c543dd110fc838dc1e3e7bcb378b720c4c2ad6a/img_1525886662574.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96056e7f261b02dc4cddc8bc5b87307b95eccd8ed9f41973a51250cd83cc09bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 07 Dec 2022 09:35:00 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 09 May 2018 17:24:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 39969
x-amz-server-side-encryption: AES256
etag: "641d035b6bb597ef736cb45850194a86"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 31610
x-amz-cf-id: 1uBar5lAVXe6Goxaw4Hx_KBWZFKwWbyk5teyOoFdPhql9nJ1QeVdBA==

GET
H2 200 fc_logo.png
httpsofftherecordcom.webpush.freshchat.com/ Frame E058 4 KB
4 KB 7ms
7ms Image
image/png 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://httpsofftherecordcom.webpush.freshchat.com/fc_logo.png
Requested by: Host: httpsofftherecordcom.webpush.freshchat.com
URL: https://httpsofftherecordcom.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://httpsofftherecordcom.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZ0aGVyZWNvcmQuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:10:50 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 41420
etag: "e87df9f10dcf497ae292dc234200465c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: P9-A67DMFlg-Hilb8VZfAQRysbb68coIqHeCyQWiyDInJF4Ayfs4jw==

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 268ms
151ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=6DGA5&UserId=5026065829416960&SessionId=5621708927094784&PageId=6153385436860416&Seq=2&PageStart=1670445665191&PrevBundleTime=1670445666576&LastActivity=4802&IsNewSession=true
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 06c9855471b32b18caf9eb1cd674a59a93f2a6fec33f510373b4be73275c198e

Request headers

Referer: https://offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://offtherecord.com
date: Wed, 07 Dec 2022 20:41:11 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST analyze
r1.visualwebsiteoptimizer.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r1.visualwebsiteoptimizer.com
URL: https://r1.visualwebsiteoptimizer.com/analyze?_a=660553&_u=https%3A%2F%2Fofftherecord.com%2F

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-20 17:22:21	Name: MUID Value: 3819AD30ADA16D1F006BBF43ACCA6CBB
.offtherecord.com/	1970-01-20 08:02:12	Name: _uetsid Value: 783b9d80766f11edba9b171b00074f77
.offtherecord.com/	1970-01-20 17:22:21	Name: _uetvid Value: 783bd220766f11ed9752f57d27230ac0
.offtherecord.com/	1970-01-20 10:10:21	Name: _fbp Value: fb.1.1670445664939.70916402
.offtherecord.com/	1970-01-20 17:36:45	Name: _ga Value: GA1.2.1582547559.1670445665
.offtherecord.com/	1970-01-20 08:02:12	Name: _gid Value: GA1.2.1626913384.1670445665
.offtherecord.com/	1970-01-20 08:00:45	Name: _gat_UA-69140841-1 Value: 1
.offtherecord.com/	1970-01-20 16:47:48	Name: _vwo_uuid_v2 Value: D6F03EB04D58F4A706C73DE707A5A38F9\|81470dc1b1e1ee274616a78c6ca0de7f
.offtherecord.com/	1970-01-20 10:24:45	Name: _vis_opt_s Value: 1%7C
.offtherecord.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.offtherecord.com/	1970-01-20 17:36:45	Name: _vwo_uuid Value: D6F03EB04D58F4A706C73DE707A5A38F9
.offtherecord.com/	1970-01-20 10:24:45	Name: _vis_opt_exp_14_combi Value: 2
.offtherecord.com/	1970-01-20 08:00:47	Name: _vwo_sn Value: 0%3A1%3Ar1.visualwebsiteoptimizer.com%3A1%3A1
.offtherecord.com/	1970-01-20 08:43:57	Name: _vwo_ds Value: 3%3At_1%2Ca_1%3A0%241670445665%3A36.28130547%3A8_1_1_0_1%3A4_1%2C3_1%2C2_1%2C1_2%3A3_1%2C2_1%3A0
.offtherecord.com/	1970-01-20 16:46:21	Name: fs_uid Value: #6DGA5#5026065829416960:5621708927094784:::#/1701981665
.offtherecord.com/	1970-01-20 16:46:21	Name: fs_cid Value: 1.0
.offtherecord.com/	1970-01-20 16:46:21	Name: mp_971aeee0e6b3795a30de20c2cc8585b4_mixpanel Value: %7B%22distinct_id%22%3A%20%22184ee520f651c7-08673227ad61d5-173b3a75-1d4c00-184ee520f66b56%22%2C%22%24device_id%22%3A%20%22184ee520f651c7-08673227ad61d5-173b3a75-1d4c00-184ee520f66b56%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.app.link/	1970-01-20 16:46:21	Name: _s Value: m6CsVaROSHc8sVtbNlGr4%2Bd5lcS6%2F9HLloK2U0yWRJYBinqgXsMdau9%2F%2FL%2BQAaJG
.offtherecord.com/	1970-01-20 17:36:45	Name: _drip_client_3915275 Value: vid%253Df0e284a49f6a4cc4bb63a269caba4c4e%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1670445666415%2526weeklySessionCount%253D1%2526lastSessionAt%253D1670445666415
.offtherecord.com/	1970-01-20 08:43:57	Name: otr-referrer Value: %22https%3A%2F%2Fofftherecord.com%2F%22
.offtherecord.com/	1970-01-20 16:46:21	Name: _fw_crm_v Value: aab0da64-f0e7-46a9-a20c-3e7d01780fd6

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/239394.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/200289.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/370209.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/299820.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/XHV2Yv2.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/368997.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/203808.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/426007.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/328861.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://off-the-record-service.s3.amazonaws.com/private/clients/profile-pictures/438956.jpeg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getdrip.com
api2.branch.io
apis.google.com
app.link
assetscdn-wchat.freshchat.com
bat.bing.com
browser.sentry-cdn.com
connect.facebook.net
d14jnfavjicsbe.cloudfront.net
dev.visualwebsiteoptimizer.com
edge.fullstory.com
fight.offtherecord.com
fonts.googleapis.com
fonts.gstatic.com
httpsofftherecordcom.webpush.freshchat.com
ka-p.fontawesome.com
kit.fontawesome.com
lh3.googleusercontent.com
off-the-record-service.s3.amazonaws.com
offtherecord.com
otr-backend-service-us-prod.offtherecord.com
r1.visualwebsiteoptimizer.com
rs.fullstory.com
rts-static-prod.freshworksapi.com
snippets.freshchat.com
stats.g.doubleclick.net
tag.getdrip.com
wchat.freshchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
r1.visualwebsiteoptimizer.com
108.138.7.111
143.204.89.97
172.217.18.2
18.232.32.56
2600:9000:223d:c400:19:9934:6a80:93a1
2600:9000:2451:fa00:1e:9742:1680:21
2600:9000:2491:8200:11:f728:3040:93a1
2606:4700::6812:1734
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::729
34.96.102.137
35.186.194.58
35.201.112.186
35.245.208.72
50.18.212.254
52.222.214.115
52.222.214.55
52.92.193.33
54.88.197.161
65.9.66.123
99.86.4.11
99.86.4.110
023b8c10024a4327232c39f1dded627615777b2ed68e3f1eeedd106e3a3ac3e5
02447c2793c5846eabe0ee2721b8f6350bf35c06471e71a0af973306456573cd
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
0367cc6162c6cda0833684e7a4b2923a1b744fd178e0da59ab7baab49db1a59c
03ad13ae622a22bc150ffe7b80c297a81953318bc8d0df254dd48720b5cd737c
05385402fa92d49d6cf2dc6742d3f30110479f21c477137374f308ba2536bad2
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
06c9855471b32b18caf9eb1cd674a59a93f2a6fec33f510373b4be73275c198e
07797747fa728382da02a8b0eb152fbe764ae07b6267fce54978de3d96e641d0
0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d
0bc3b201b03f97f0a69115ed407d31214e8b54671e399e1391d5d705a5f9acc0
0d4f3e3d9cdcd907e24e84656d52d8eda706f6453051ce1049d52d8817899b04
0e52361cb2f6af4bb1f5fa4f27c87ddb8c6d4918ccd75655bd1d1bb34d4eeabe
0f395c92f8076a65bcf89aac811120b7f01cd88eb81a2ccfa772817f7129af11
107f0c6caa4752feaeebf24f9597163a63cb35aa0caa5dcc4ad15abafa017419
1153b55bebff3c11194b85fe0b16ff2378fcf8c0b10a220727eb4ad762491d5c
14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e
15649c161605179d5d7daae122cacdee728751345fda217860195ef517cd37ec
15923ad463706598f8dd20a27bfab037db5f5b8f31c24ff0bdae5e8244c8fbba
1665c4ead8413ee315dd58a31d655ce5309f288fc586aa744d6d3655bfe64609
17d2ee6ef525d4a35125c1ce7417ef5b7e1b611c2dc110a3add824bb078adcbf
17dc65fcb62baf1ff9c6cb8abf1321874f0715c0f62c9dd7bbac1617127b95b0
1c978006c2d514e45e19ce26c0049fddf88f6aa103335c91ef519b06265e1ad3
1d4e14ba2eadc380927619ca30b3ce478636d400f9560b921dfeb7ae60ce919b
1feff37397f802603ed85e9061608051d5b2a77cea125d78519057d06232b07b
21c4a6458b28a11e5a627e50755b0519962743a4c9bf7847bc29a76ab3fa1c83
2306dff2ad40394ccbab07a0ef3124e8a68cdfc4a5fc762a3ef6be86141e406b
231c57b570ff2a654d0a1a5b40aaa6995427999221fb6ce28d69b576a131a3c6
23510391ff5b9984f27c28542f4111767ef24c091f5c2e32a723b4325e123f11
23dd8718d3a4a8288dbc27f9e69ff15ba05658c8abb7d52c97f95362a72aaefe
24b27d72c11e9ab6df47644b2cd6f3bf777991fea5bfc26b31295cb31079adb7
24e5ea2c2821b58c20e033f0cc7a514677efa9f6b0b7935d28e4c90009080612
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
29fefffd74fbd898004a15ce78dd1ca4ca055edb785e1ac2d92c1f9d2582d6bb
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2ba1ad7af6f77b6e2e22057e4de7eb8593d5cb224de15f59ce1f845faa57dea5
2c8d9de6768c77e25dd192644cbf7fd3d7d75bd87ac99feafb69b9e2b9942937
2d367b9054bc5b92d423f2f9484c18d8b41468a7f4fd9e63829d3dba290a206e
2e4ffa4d535303a83b7d9428b61533203d8fce37e298f1d5029c7232759cca96
2fbec33dc79b6fe02f1bb4aed0c266cf0d59ca32ff208c1fb56748de0b1e547e
35badedf2f470a003c142adac2b71949647c08863bc1010be3c418e3ad2d4850
39273a8dca0241a43647993698bfabbd276d44fa9871d4bd4c5e67b265ba8d87
3968d37ade51adbdf0a0047ccf818fdac37ad4c7cf373275abf7a2a2f8e941d2
3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64
3d5edde8712859a5f18bd8f31ef88e5e827792758b5a09d86aa0afe198abd042
3fec4b3033d940636dbeabc31dcee4bb3eedc3b534ad4c1a652e2470fba0c94e
41d31fccc00a2693af835bb3ad029053a8b9b980eaf363de3a84d474a95e4841
4333f5dde7ebbe95817db62d45966b8b0ea878734e0ebdceb3cbf93b0b2620d0
45295a811f899c7eea5e4d0312049da477390afc2a94ffa491dc6979cc34c9ec
462befed2e9022fc8a63fe2222fa565ae4360b60aa2a805f8301253d5e7350ee
474ce803d275f036d64fd67302998a48ed0122fac30e5bdcab522478779bad41
49c3013edf1418bbf91a918d399e49717da0543a72c2c7a9e6964063dd94dea8
4a1405dfb056e054e0bf0852a473da7b77ade738e01898b145e7d220aea0001d
4a40381b9288a240836a6af346a307527edac1e8e09a22d322d3504a225aadc1
4f9c80a2a77bf82badfc8ea73328ad4766079140edd4cd5e9ec21e4d925f47bc
5209d9e09685ab33b8cbe08949b8424f4ef22c9ca04209f7b777cce9308f4371
54bc26ea2a0ae205c59e4f271706a588c9e990613d8752fa90ccddebe2870fab
56748cc71c22d9f3f12219b0a1ee17444ae07f1bd29640a3f0076942e2b6fcd0
58e98596bda872b06510f1f2f5e21a68c45cbda1d83b89d93abb1b4968eeef02
5b2355de8c35632901a81e09dd89f0df8f7f27f9203bf4824da8b9c483801401
5c8f4084c22aafc93fc6917f8f486f9df70fe9b34e74e59e3a766caa871171f4
5d1b3f98e41c0c318f5ebcf69b206583c2fc462665218fc3584e916e57b249c8
5ecf684a04bd818520a3f91a4a924a66944f844f114d38bc6fd12636af8d0ba3
5f6f271ff8e9620646f58764459df95790e7dfb724ca852087540b806a0aeb4b
5fed1ac25e41548078f7a0efb21d7f58c3815bb6318e3905b0eb8c8ca2719a23
603e10027c39bb736cc7dee132026554899c8df72c18a59e85d3f748228b0bd9
606d1f2d749f0ae5ef2efe867be98b2610ea1a04b4ea0979a6f2bf0f4155aa58
64026816756a142fc6895504af5faae7ca3c6ed33c8472d427adff464059311f
643fb7629b665c0f93d4ab0f830f568d434426ff28f21b990ff0f4cf9117148b
648c698dd41bf291833204226476e7d092b281fd06255a70a4925f45ca8c96c2
66b9205f2695c992bec1a8010ba0bf54985dee277dc34943515d5d756d63d108
67d0f3f3be0b21f55c08fa555b79810a1f2b8b619169573e9c95e1ee2bd7bded
692b86eb74526d07ca165b8eea3728d951fe8df81e93516666550da1ccf28e21
6a432ec996da0b400368eb6cf47f8e056f2b25e32a50b03d9a709fa6c1fecc1a
6a5ff7be92be9d18a9b5d912a6983e14e28f97c9168bc47a01ca7d5172035d10
6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65
6f734ecf1191f5b75870fb8ef2b2b72acd5bb2552c23f1cd4ab8214cce385572
6fb75923f7e15d56b15d7381d9a3e0c70ec553a34ea4ac1b0b06adc524297c84
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5
7334b9b34d7b3826d4ddb8a335a672e0ed5b0784c15cebc4531997f03c15a07d
766b624fa66325bb23a7f1bb4d0e5429dab3dde643ab89044967f0e1a2d0d172
77dafb301622b519a4fcc2ee2fef4a31eaa152a3c94df404cb434cf51faaa92b
78555e77f61d09d04c161af14988377120b44cbfa38a4f8886083949e34f3e46
791452a396f1c5751173455e015d2ccf8a19fe1444d07389281336840711b8fc
7a6d3ea3228a2dc96f3eb9ee37a17d83c31e404e16bb85e64e793b7bb4689237
7b48d90a6ea5dda5b9229d11e085300d9f8be2957a96aed79033f79060610c43
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84abbbc4cd0b65e84730c4a299491e8208c3e7e9e8e0b66cd2b788d3874244a6
84ccd3a3071d77c78c706cea61e9aaf4aa6c6525c2f2bd9b447143ddcc748aa4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ddb6693cdac9f66361f0f0c54ba4c07eb5b0a202ff94f8692c241bc1ae1fdb
87b8536e91ef0f286ac830df3862cbde261f47bfec2dbdf3a4d472c6ae68e542
87e8f8478b394e75ddcf0778aef7ce167b36f3f372d52fe4a5db4598069bce9b
88d243f25253d432a1c21a5a8baa8c9252c0f2a5586543b7935d2ee9fbe39d50
8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3
8a73d9886283369e97c809bb8b7af15cab6263559318fb730256f6da6a720426
8af72523d3be5cd871bd15fe2058298c96cd9e034820cb4cbddd2b5fbc9c1ddc
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e742fbd7146cea9dee3a9c4b4474e1da43f62e8864d519c1debe7f10ec6043b
9027bc2ee5d559beeb81d822fd8e1b8962f6be256aaed95aca74a0a519406c3a
909c4adf1c2435d373b6e0d83ee64cc9888881ac24905238ea010b4da3d06b93
9389933c6b32060ec66aac366725a7aa4808dd96edf0b6707698e6f8b069756a
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb
944a7f6a840668d71f459e9414f895e5299978fa61d4056a6b8dd164c43c167b
952c0411dfb54d1fe2267c5db27265e2c086dcf71699c908ee157fdf9341196d
9555678057f76f7f2eafb7e3b315b4c75b89470e5c297c7b9f72800509ce03cd
96056e7f261b02dc4cddc8bc5b87307b95eccd8ed9f41973a51250cd83cc09bf
978ab12640fcf74a29985a32c6f817d844a6d9dd99bf0b30b32d5dcbffaeaf6b
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
97ebbaec1afcc42335561d025651db0eba255ac91b054b29c5e15240b272e70c
9a87caa378662a0579007c576ad8141197ce16499633f355abdf530a5377b1c7
9ac3b79e2d18e462f0492721cb4bc738288a38b326549d83f45a55e6d7245aee
9afd33ecebacb4ed3f9c1ecf1d50ad4eec1b04c8aa584ed3828e1b95058d9b65
9b604083835a59cf9f77d9b7241cf5228a8d22e976735a0ea69a68cbe7c1359e
9cb435d9631757dce9699bd42f9cf9c27e4b93a9674170ae9d1cb378eb368f0b
9f7a8e11272b8269b6e75d369163fc11d45525ebf7eb8e8c99abbcc90902a606
9f9a68efa68722547471c11da86d757726410f9cae6bb877192c7ce0433f6f1f
a0fcfcd98c62ba1e89c50ba98cdc2a5c617c1fb8a57b3b9150a3853bc000a889
a1161c04d6f26f28beb84bd9145c5ee8ebcc0ad55f60205407483391586414df
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a3d2952330aefe690302e90460777d9b5c6fc354861336a919c83e44fe352800
a5d227b5d9c8b9b461d0a35df1c39685463fe0bd375c2aa2aa197dfd2776a7c8
a8510ffd3e9d2934e0ad67e81a2fc12f36e2b04ac3f3f150bd7e44ad12af3d76
a8b3e6bf953a9cf55e65d934a285e6a47203e1e2e0cd3d0b1448a71f5e1075c1
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
abb9e4ae9f1682664b88435116330668da070d8208ecc30efdae9dff34d1bbb0
af9a803faae6cb0968f909de5823ad564393721faa6fc2658c7746f56545a626
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b07fffef0ae1504dfba7fb4096afb6e097815298973f51a1b211771e05c075b0
b15b6c9545897b7e1ec41dae5284c1e102e53c435f12c56ede872c54eae03a92
b2972a68e50b9d105e4cc8dec627577d00e93202815f36bcc42ab67d148fd575
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b39b166082a613e5693afd5ad767b2c7ba74b0ddb5baa4673679f2b0c5ce953a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b44134c882041c32203269160189f2a0a1b12e4e348f74a1f38b94640f7d65ab
bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c46812c7c91d67dcc84ac30ff32138415af25b3416ea5b6588628cb3e2d1f686
c6a830a26c9a11dae14dbd539d7c872f5cf1efd608b4daca5a7ce2789ba9b747
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
c955866cfbc0baca286b2fb990526189be4cdfa28d91f21e25ddc7c65ce9d9c2
cadb4956b7127df7772396e98e46ea3c72b4e2a842bdf38e53f67259c8983f85
ccb7e3319b8febae9c65ab29606ebdf09541e6e0a94d4b606465d3845dcb9717
ce33dc61fddd719ab0bb914b3d50b3a82afb8945eda2ba7a388fac66b96e07e2
cea514742310a1ef741966fd63bdb0373ccc8e86a6699f0fc8407e0456ee1850
cf950af8af64c9a95980894fb846b7c292daef8c5d2c926883e67ca8585205c9
d100a79e9ca4f220f81fd0729136ce2839c361f0850a3ddabb987bb04c99b925
d2a07b9dd6cce25453e7c96ae3218cd0d9c7ce73d15124385a7d5dab40e44a58
d2cb0b7d160a5e811a29ea50219434d1aa58a16985ceef89340306077cdb2a52
d353eae3d98cb656016ae2a77675763c33035d7341d161f446a30d04982027ea
d4b974aa358a45f46d74122d25f5bbe1e83af1b55a85767ef2b8f9adbbfcb67a
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d8d41e8397ee47e183a8214fdeddf6880a291052eba3e1ad100f3dbc7f542e34
de236faf8c20e94f725556156146fb2b11ea072c3c92b6c1418c8a80ae4efe01
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dffac0197e3131c6f35307b96613f04748e6365d3bdea82d0f13e8a97347f272
e1e886b147ea5642ec1036c2ed4f5c367ee5cd67f89ca33bae4146ce640c3272
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e484006b9830dab35504a97bd9dc3196e8b682e902849a157fc08281f5ee9c58
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e84a67a96a0b380a2a32028b749d683d6aca96c4b5ecfe0b15f1bf602ee64bf0
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e9dc51a4567e3f477c625dd64bb07175d5de9c5bacec92e645c8430afe2fbff8
eb0148a81522418286ec73bbe42e77c7a1c3495848e1a0fd0f4d46c7804bcf1b
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590
ed1f896874cf1d2e5ffcf369ed1277be55c36ab18bcbeb822e7a587008e397bf
eea5366562d72a121b32333da086a47489f983bb563fb740ccc0a62134c69ce5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effe1974a12f7b8ab030117a3599fbc0be15c18a7ade84b5884788838a836da7
f1e8027ede2def8ee1c1ab25fc3e632ea80217cc115db37ddcda995cad4361a9
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f3f283eeb300723885be482fb13d193ae1b740b3f0194548f18f85ad6bdea402
f45b384ac925673d553a06e6954ce5170a06b37c53a9405ac581bf105e17dba4
f523bf3997717186673e604d4e19a2abd7402105845f4d0d73fed5210064f5ea
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f666472c3669e7c6d2557a92e7f39e735490f862b1ad82f06f1f7ce48608afab
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f73a98da9f95a6fc0cf990afb6cab3aa425763dabc57657d7716348de1789dec
f9c242bdf5411decaed3c6fd15a0193472feedd3f6509fa5d3a91267cb7daa27
ff00234ed13b5e571fe0ef5b0f9e465c86d895c156193cd0a7c2f75eac059bf1
ff0a235dc7d390e1cf916abcb59cbae2aabb8c509a6f46a6c8cffaa0532a48df

offtherecord.com Open in urlscan Pro 99.86.4.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

99 %HTTPS

52 %IPv6

24 Domains

34 Subdomains

33 IPs

3 Countries

6777 kBTransfer

18566 kBSize

21 Cookies

13 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offtherecord.com Open in urlscan Pro
99.86.4.110 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

99 %
HTTPS

52 %
IPv6

24
Domains

34
Subdomains

33
IPs

3
Countries

6777 kB
Transfer

18566 kB
Size

21
Cookies

200 HTTP transactions
20 data transactions