newyearseve.winstar.com Open in urlscan Pro
2606:2c40::c73c:67e1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newyearseve.winstar.com/
Submission Tags: phishingrod
Submission: On March 22 via api (March 22nd 2023, 3:03:14 pm UTC) from DE — Scanned from DE

Summary HTTP 119 Redirects Links 91 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 31 domains to perform 119 HTTP transactions. The main IP is 2606:2c40::c73c:67e1, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is newyearseve.winstar.com.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2023. Valid for: 3 months.

This is the only time newyearseve.winstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
10	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4 8	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.81 18.66.112.81	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.82 18.66.112.82	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::ac43:4ae4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.90.223.176 34.90.223.176	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2606:4700::68... 2606:4700::6812:16ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	3.234.40.38 3.234.40.38	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.5.236 104.18.5.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.8.110 104.18.8.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1 3	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:d6ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2600:9000:225... 2600:9000:225e:ca00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:55e3:fad:f8b3:1da2	16509 (AMAZON-02) (AMAZON-02)
119	38

30 2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

newyearseve.winstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.70 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

6820846.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10388130.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-81.fra56.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-82.fra56.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.adreadyclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.223.176 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.223.90.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:16ea (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.234.40.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-40-38.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.5.236 (None, )

ASN13335 (CLOUDFLARENET, US)

pixelconnector.adready.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.8.110 (None, )

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.37 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:d6ed (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent10.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225e:ca00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:55e3:fad:f8b3:1da2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	winstar.com newyearseve.winstar.com	187 KB
12	doubleclick.net 4 redirects 6820846.fls.doubleclick.net — Cisco Umbrella Rank: 690133 10388130.fls.doubleclick.net — Cisco Umbrella Rank: 585010 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	7 KB
10	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 975	13 KB
10	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 7416	190 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2412 d.adroll.com — Cisco Umbrella Rank: 1215	22 KB
6	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5247 track.hubspot.com — Cisco Umbrella Rank: 2140 forms.hubspot.com — Cisco Umbrella Rank: 4135	23 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4219 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	1 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6583	293 KB
4	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 5785 a2.adform.net — Cisco Umbrella Rank: 6127	33 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3042	8 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	20 KB
3	reson8.com ds.reson8.com — Cisco Umbrella Rank: 2613	159 B
3	google.de www.google.de — Cisco Umbrella Rank: 6069	806 B
2	adready.com pixelconnector.adready.com — Cisco Umbrella Rank: 42361	948 B
2	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 4341	396 B
2	dstillery.com 2 redirects action.dstillery.com — Cisco Umbrella Rank: 4504	360 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	137 KB
2	gstatic.com www.gstatic.com	23 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	187 KB
1	hubspotusercontent10.net f.hubspotusercontent10.net — Cisco Umbrella Rank: 40747	7 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 3917	87 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4451	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1981	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1977	21 KB
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4044	782 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 171	417 B
1	adreadyclick.com tracker.adreadyclick.com — Cisco Umbrella Rank: 41754	5 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 8071	397 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2113	939 B
1	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 19137	35 KB
119	31

	Domain	Requested by
30	newyearseve.winstar.com	newyearseve.winstar.com js.usemessages.com
10	pixel.mathtag.com	10388130.fls.doubleclick.net pixel.mathtag.com a2.adform.net
10	cdn2.hubspot.net	newyearseve.winstar.com
6	10388130.fls.doubleclick.net	3 redirects www.googletagmanager.com
5	s.adroll.com	1 redirects newyearseve.winstar.com s.adroll.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	app.hubspot.com	newyearseve.winstar.com js.usemessages.com static.hsappstatic.net
4	tags.srv.stackadapt.com	10388130.fls.doubleclick.net tags.srv.stackadapt.com
4	adservice.google.com	10388130.fls.doubleclick.net 6820846.fls.doubleclick.net
3	a2.adform.net	1 redirects 10388130.fls.doubleclick.net s2.adform.net
3	ds.reson8.com	10388130.fls.doubleclick.net
3	www.google.de	newyearseve.winstar.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com newyearseve.winstar.com www.google-analytics.com
2	pixelconnector.adready.com	tracker.adreadyclick.com
2	action.media6degrees.com	10388130.fls.doubleclick.net
2	action.dstillery.com	2 redirects
2	www.facebook.com	newyearseve.winstar.com
2	connect.facebook.net	newyearseve.winstar.com connect.facebook.net
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	6820846.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	newyearseve.winstar.com www.googletagmanager.com
1	d.adroll.com	s.adroll.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	f.hubspotusercontent10.net	newyearseve.winstar.com
1	s2.adform.net	10388130.fls.doubleclick.net
1	js.hsleadflows.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	tag.simpli.fi	10388130.fls.doubleclick.net
1	www.googleadservices.com	1 redirects
1	www.google.com	newyearseve.winstar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tracker.adreadyclick.com	www.googletagmanager.com
1	cdn.callrail.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.calltrk.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
119	41

This site contains links to these domains. Also see Links.

Domain
www.winstar.com
register.winstarworldcasino.com
adagaming.com
artesianhotel.com
www.myblackgoldcasino.com
mybordercasino.com
www.chickasawtravelstop.com
chisholmtrailcasino.com
mygoldmountaincasino.com
goldsbycasino.com
jetstreamcasino.com
madillgaming.com
newcastlecasino.com
theriverstarcasino.com
www.riverwind.com
www.saltcreekcasino.com
mytexomacasino.com
treasurevalleycasino.com
washitacasino.com
www.facebook.com
twitter.com
www.snapchat.com
www.youtube.com
www.instagram.com
www.winstarworldcasino.com
goo.gl
www.winstarvillage.com
www.ncpgambling.org

Subject Issuer	Validity	Valid
newyearseve.winstar.com GTS CA 1P5	`2023-03-22` - `2023-06-20`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M01	`2023-03-02` - `2023-09-08`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://newyearseve.winstar.com/
Frame ID: B8580B1C83046174468DD0B7C32E4D96
Requests: 80 HTTP requests in this frame

Frame: https://6820846.fls.doubleclick.net/activityi;dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 34FCDAAB2760B9D6E7E70F802FB30518
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 1C011E64B6E3F967D5CD9F46ECAD1B04
Requests: 18 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: C90C86389FBEE2FC0ED99F6018C4A4B6
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 581AAEFB5B21D48EA0C64420B822CFBA
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241907&source=mathtag
Frame ID: BE40B13D619374CF5C7B8B62AFD287C2
Requests: 2 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/ef10be3fb5334600b3172524500913d3?uuid=2930a6279dee4e7ba1e791337d5dd848&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=newyearseve.winstar.com&inApp53=false&messagesUtk=ef10be3fb5334600b3172524500913d3&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
Frame ID: 34BAB93B32BB017EE6F75A59E4D276D9
Requests: 9 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1489258101&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPTnyqnn7_0CFQHQmgod6qoJTg%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d9099173273512%3bgtm%3d45He33k0%3bauiddc%3d2090489525.1679497388%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Frame ID: F2D4ED69EA4A86ED8D3108CB98CD6201
Requests: 3 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241848&source=mathtag
Frame ID: FA19A337C6753FB963B11252F045D4C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

winstar

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

96 %
HTTPS

71 %
IPv6

31
Domains

41
Subdomains

38
IPs

7
Countries

1416 kB
Transfer

4003 kB
Size

29
Cookies

91 Outgoing links

These are links going to different origins than the main page.

URL: https://www.winstar.com/
Title: .st0{fill:#FFFFFF;} .st1{fill:#C7B24E;} winstar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-login/
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/winstar-world-casino-hotel/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-venues/
Title: Casino Venues

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/
Title: Casino Games

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/category/electronic-games/
Title: Game Finder

Search URL Search Domain Scan URL

URL: https://www.winstar.com/promotions/category/gaming/
Title: Gaming Promotions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/
Title: Stay

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/the-inn-at-winstar/
Title: The Inn at WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/fun-town-rv-park-at-winstar/
Title: Fun Town RV Park at WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/events/?tribe_paged=1&tribe_event_display=list&tribe-bar-entertainment-venue-field=1436
Title: Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/nightlife/
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.winstar.com/reopening-entertainment/
Title: COVID-19 Updates

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/
Title: Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/fine-dining/
Title: Fine Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/casual-dining/
Title: Casual Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/cafes-and-quick-bites/
Title: Cafés & Quick Bites

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/bars-and-lounges/
Title: Bars & Lounges

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/
Title: Amenities

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/wellness-and-spa/
Title: Wellness & Spa

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/pools-and-cabanas/
Title: Pools & Cabanas

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/shopping/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/
Title: Meet

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/conventions-and-corporate-events/
Title: Conventions & Corporate Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/wedding-events/
Title: Weddings

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/social-events/
Title: Social Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/catering/
Title: Catering

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/meeting-planners/
Title: Meeting Planners

Search URL Search Domain Scan URL

URL: https://www.winstar.com/request-for-proposal/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/my-winstar/
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/club-passport/
Title: Club Passport

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/tiered-card-program/
Title: Tiered Card Program

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/
Title: Rewards

Search URL Search Domain Scan URL

URL: https://www.winstar.com/promotions/list/
Title: Promotions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map
Title: Casino Map

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/list/
Title: Game Finder

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-login
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://register.winstarworldcasino.com/cgi-bin/lansaweb?PROCFUN+RN+RESNET+WSH+funcparms+UP(A2560):;RAINHTL;;1;2;0;;;;;;;;;;;;;;;?/&__hstc=40036989.97683e552085fa8b24db48c130678956.1679497389678.1679497389678.1679497389678.1&__hssc=40036989.1.1679497389678&__hsfp=1413633234
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/gift-cards/
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/shuttle-service/
Title: Shuttle Service

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/casino-and-hotel-valet/
Title: Hotel Valet

Search URL Search Domain Scan URL

URL: https://www.winstar.com/tax-document-requests/
Title: Tax Document Requests

Search URL Search Domain Scan URL

URL: https://adagaming.com/

Search URL Search Domain Scan URL

URL: https://artesianhotel.com/

Search URL Search Domain Scan URL

URL: https://www.myblackgoldcasino.com/

Search URL Search Domain Scan URL

URL: https://mybordercasino.com/

Search URL Search Domain Scan URL

URL: https://www.chickasawtravelstop.com/

Search URL Search Domain Scan URL

URL: https://chisholmtrailcasino.com/

Search URL Search Domain Scan URL

URL: https://mygoldmountaincasino.com/

Search URL Search Domain Scan URL

URL: https://goldsbycasino.com/

Search URL Search Domain Scan URL

URL: https://jetstreamcasino.com/

Search URL Search Domain Scan URL

URL: https://madillgaming.com/

Search URL Search Domain Scan URL

URL: https://newcastlecasino.com/

Search URL Search Domain Scan URL

URL: http://theriverstarcasino.com/

Search URL Search Domain Scan URL

URL: https://www.riverwind.com/

Search URL Search Domain Scan URL

URL: https://www.saltcreekcasino.com/

Search URL Search Domain Scan URL

URL: https://mytexomacasino.com/

Search URL Search Domain Scan URL

URL: https://treasurevalleycasino.com/

Search URL Search Domain Scan URL

URL: https://washitacasino.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WinStarWorldCasino

Search URL Search Domain Scan URL

URL: https://twitter.com/winstarworld

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/winstarworld

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Winstarcasino

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winstar_world/

Search URL Search Domain Scan URL

URL: https://www.winstarworldcasino.com/feed/rss?__hstc=40036989.97683e552085fa8b24db48c130678956.1679497389678.1679497389678.1679497389678.1&__hssc=40036989.1.1679497389678&__hsfp=1413633234

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/cw2ApAsm6pD2

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/directions/
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/frequently-asked-questions/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/stewardship/
Title: Corporate Stewardship

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/news-and-media-hub/
Title: News and Media

Search URL Search Domain Scan URL

URL: https://www.winstarvillage.com/
Title: Central Park at WinStar Village

Search URL Search Domain Scan URL

URL: https://www.winstar.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/house-rules/
Title: House Rules

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ncpgambling.org/
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-beijing#component_0
Title: Beijing

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-cairo#component_0
Title: Cairo

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-london#component_0
Title: London

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-madrid#component_0
Title: Madrid

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-newyork#component_0
Title: New York

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-paris#component_0
Title: Paris

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-rio#component_0
Title: RIO

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-rome#component_0
Title: Rome

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-vienna#component_0
Title: Vienna

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-register/
Title: Join Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://6820846.fls.doubleclick.net/activityi;dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 33

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 36

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 37

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 54

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Request Chain 60

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 61

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 94

https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=311449918465&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPTnyqnn7_0CFQHQmgod6qoJTg%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D9099173273512%3Bgtm%3D45He33k0%3Bauiddc%3D2090489525.1679497388%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=311449918465&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPTnyqnn7_0CFQHQmgod6qoJTg%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D9099173273512%3Bgtm%3D45He33k0%3Bauiddc%3D2090489525.1679497388%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 115

https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

119 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
newyearseve.winstar.com/ 77 KB
13 KB 468ms
368ms Document
text/html 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae99a31c8e61a3f9366b1ea00ccea113f6a9a3999c8256c3eb4b23f5ee1b7b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: s-maxage=5,max-age=5
cf-cache-status: MISS
cf-ray: 7abf51cbf933049f-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 22 Mar 2023 15:03:07 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WFfm0cBdiUUsyFalESDCLkPhPzzqOVC0KLd%2F%2FeqStLV2hOtN5xXHAie0l0kVDzeedcvvVqRuMqYCTbIQ%2FU7dSPA%2F732KykMadPCI3G%2Ffd9933PrX3sFzap1wY%2B%2F67MGGVeNXC9B0ze1vkG6T%2F%2BUvsRYJuiE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-hs-https-only: worker
x-hs-prerendered: Mon, 09 Jan 2023 20:34:52 GMT
x-hs-reason: No view mapper found to handle request
x-hubspot-correlation-id: 2e14a293-5205-4e26-8d0c-37202ee618be
x-hubspot-notfound: true
x-trace: 2BF96707D001E4C9370FBF64B27DC6430D9D6007A4000000000000000000

GET
H2 200 jquery-1.7.1.js Show response
newyearseve.winstar.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 61ms
60ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: null
age: 1888152
x-amz-cf-pop: FRA50-C1
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Oby03RB9U2Gfp7nN%2B3pY1UCveASMOXCBbWaVc6hTr51oM2cS3Ih1zk1Na%2BYGrshVGQoQIX9SAYi7Ii8WAZwXzzpEC4VMRQxwbNxv9%2B9%2BuTMO25hnaOXoHzd267buwHSzO3KJjZReaRZXNvw0Jbj4LC2xPKK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7abf51ce4d51049f-FRA
x-amz-cf-id: i44cm0oGwhEhbb1Ts0RFB35EBFsTsnExeW87nuouoe1GM0_CQJ-O4Q==
expires: Thu, 21 Mar 2024 15:03:07 GMT

GET
H2 200 module_-2712622_Site_Search_Input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1673294409987/ 612 B
1 KB 87ms
38ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1673294409987/module_-2712622_Site_Search_Input.min.css
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 746856
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 09 Jan 2023 20:00:10 GMT
server: cloudflare
etag: W/"c708989561e0cdbfcf996d1b7f47482c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1673294409988
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljDg4KE5llIjuYfPNkfPTsmzJcm7uQtl8m0wpeGelGNjiCu%2BLiy1C3WF3ods%2Bnz6rfGeQ52Tcw6ae1MPr0DPa6%2B3wlaIDZEv9RZIzpWQcjOlNQCl2agseGZ5o2Le1HZ7VB9cLIYFVmLJ%2F8oD%2Bi8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abf51ce9d1d30d8-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1673295436074/hubspot/hubspot_default/shared/responsive/ 4 KB
1 KB 108ms
59ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1673295436074/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 757951
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 09 Jan 2023 20:17:17 GMT
server: cloudflare
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1673295436738
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2uQrcCZm3iaKoAHmbHtyjfO0N2QFV6OB1RLJNE7Wcye9DdMNcdiZo2K4p95JGr6OaP8rqY8WIZO5OI6sA3jDgYSWLQUC9yZuhwhvWtAWUIFrk8AQi5iqLWq2e5RU3T9l62TO%2F9KbnCkzJ6mxpc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abf51ce9d1e30d8-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 Winstar_October2018-style.min.css
newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/ 99 KB
33 KB 1017ms
1017ms Stylesheet
text/css 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf6c5a41e84fdb09a39c5e8b6b2266226978cd99f686d28f5095494fb688f6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 478a7b771498cb2871727b0293c8b1ea.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: lotVFteWLvja1fI7OAa..tg_V5RNI3n.
x-amz-cf-pop: IAD12-P2
x-amz-request-id: Q21YQ9SJ4QN57RA4
content-encoding: br
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: O8Hiym3sqjANz8PHWNf8WLjgdD2ATeQWUvzLLZO7D5r8SSLjS5tjOy19Z3qiSne5KSCz+T4gmmA=
last-modified: Sun, 29 Sep 2019 08:27:12 GMT
server: cloudflare
etag: W/"6a22354699c92af4aae64519e0dd5339"
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqRTvpdPt0SdxDKHa2iJxhIYsqLlbA841jrSouUwNdhm40HdUITnmBhorQRvrRzWhVMVZHD%2ByQy4BBhfiFVD0E8I0EZckAdYJV996%2FfA7yxOKWPaP%2Fr3Crb1pfGjUNlx9aWYW80IdSf4tkiyZ%2BfWvWSSJGQy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7abf51ce4d53049f-FRA
x-amz-cf-id: 8cYXB-Z3ykChDCZWJkmPNlWT_UctjkTiJYoBmEJCuXWBLe0ka1MzIA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-adagamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 938ms
933ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-adagamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc781ef4d0b5bdd66aaf381627a9af48dbb71d7ba1d67074b5f4cd2ea83c7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: w4Epn5EdO1osahCKJA4dHK0UlyF7MmXZ
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 7F2DTN34JB7VABZX
edge-cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2896
x-amz-id-2: wyWUzfUA63p9yOmDBFFbqYelRD07QWZTRyCG6lT9uRodgYhVREjXrZmmcnOl5ruexrpU3vXVlxp/UsgPrkPsgBkhmgymYIiJqTm1XgUJ6gU=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "e22039bf0d4a2641d613b070518ee3d6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BizQyKwlFx6G5SzrrXTcRbc91cWeW2t6g6St0NdGRZbkOxz4k3NPdyvBu%2FvAIAP4fpujK%2BAOSWQI3yXx0nD92ZgkUFPITS%2BYjHPWIFgHFpQM5fZbWi6FfVuWsYP%2FttOTfcNqF8tVbH977hwhNe79EI%2BpueHw"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedcc36dd-FRA
x-amz-cf-id: 1sGhsC4E_QlbkoSZ5W8Xjkj19CEhGtcdlNxOTXWCGO7M2472-zN4dA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-theartesianhotel.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 610ms
604ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-theartesianhotel.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dcb960d6bdee6d0ab0404ef26ad1cbf28123fe83cf740ff1d6c665f4552984f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: KlxawU7no2N7BjIdGuhln1BuElXkdEvu
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 566X8EGPJTYM2P34
edge-cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2108
x-amz-id-2: tIfJIHBPju5yNr5RrF0x0J7xsQa21u4Pb7+0BuRGWtZww9Con/e9jq+QqxBuWaTVM6Lq8hkUqqY=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "ac6fef022d36f101d8faaf0cfee74b9f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v1R5NLjuhOKgYI6yA7XI3KRpbX85hhqWNVpLpF%2B2MozDILFwOJTsheQgrONVYQqPkASEwcUhcEU66aOLSK3usIO2zzYT%2BqZ4XBJra%2BwLrrCd1gdEmTvCVTCK8fflZFb7Wcl4blwKMm2r%2F3mPwcbVJwb4Un0"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedce36dd-FRA
x-amz-cf-id: DJPbXONGI5A_T7hK-OZFsqv6wxN2Y174fCRy1iM5T6pK5h9tI_8RdQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-blackgoldcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 590ms
584ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-blackgoldcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce985f900e99d5767a359e6fe93df21a186f81c838ccc6f7fe30b87fe83e0165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: rVKDhABvg6Lwu8SbeolUdie4EpnTXTAZ
x-amz-cf-pop: FRA56-P7
x-amz-request-id: NQWQ4W7FVETK7NXS
edge-cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2405
x-amz-id-2: 77/QIeKRg2t8fFllvbSK0/FKMFzprkADjZbfcW2i+qGWsND06hsBd5/AeKf864+vcum9zK3uyxg=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "51f3509b33848c60bc239ff4662d81e6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w03t2phohG16xfiJzDnK7PXJWOWq0Iuel0CxORRUjPJ673UL5fPvg1d1l4ApT%2FZ27mY83WXO6m7kunaV5HpqMiD8sb2OKnasMVGYhgaO1VQLjfVxB3CeRwwZQ%2FVCrzdL0A7rbnPLVHT%2B1SBsNwNqTLi%2BZB04"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedd036dd-FRA
x-amz-cf-id: kzgyMu5xQuWIHt3I0tkDo-jOpI7e1_tVvJoR-2wNhhD_Rmr-mIKynA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-bordercasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 917ms
912ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-bordercasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d2c9a20e53aef32b8920baf56170e2eee95e352dc42bba73dcabbc3a5e89b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: _eiKaC1gRExRTkXTNA9SokLMmKH4djLJ
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 24V6W5Y7NZ8A3NX9
edge-cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2169
x-amz-id-2: AB+WlOgL3nmeiDGMRohC2s93+NnVyeSXCSAsDBafDluVWmsKhTH/X1CygMrlNByxRbnyDio1PZE=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "6587c770abbbbd62cd043ec19ad480ca"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar%2FHvZ%2FUU6jsWdkSz9BdA5DmLL%2FzK3%2Fyt2K1VajRtNRFsSju63Kw%2BQIxKisBpdBmIEPF0g4UcRaNzOeNpNLH5EplzAIpTlQZwUY8so77OEkKPggCubB7BwxL2zB83DXB1yqxPdUpYtYA8rXU6ZRnnil7ahpi"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedd236dd-FRA
x-amz-cf-id: as5Ec5tAADhCB6XB_NpkQZoE4wSbOLjOc-JMx4R6p4Cth-sGKa0fQQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-chickasawtravelstop.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 611ms
606ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-chickasawtravelstop.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b2bd1012e3f875671efff1ac63034c8895ed0157ef22b4c0d8bc8cde314efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: JsgX7w5FSU6VVxL0H4J_4oZ4lOJyB2GN
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 7F2BNRBH7WSNYNXP
edge-cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1662
x-amz-id-2: sfmPAfgNir74N7e8DLcacT36am/ovu2a78VyZ+zu+AgSFBjUPYge2PMghjqZ/W6z5oXlnfWW2qc=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "d4007843b126b6e9e036594094e6c178"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=om9XP3AsMzeM1NEnF4woWVk8glpfPv1aDHdb2gVlBPF14WAQkhsPS4mifxqjCvZf8e5u8929i3YJyonzsU%2F8deR9T0s3CP6XwYZyIkAl0GLFx7GT2BoCjeg06NqkQFPqx2qTd24Xy38aXWOpJyukMW6TcTKJ"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedd436dd-FRA
x-amz-cf-id: KDixYE1WESWQxfjOt_wzTvGQnmn1JNk8TKTIkPoSGW-GHpR_RXuZtg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-chisholmtrailcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 939ms
934ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-chisholmtrailcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cffef7e9bd43b63fd99014a053a6bc856ab6b8b6f53ae4e0831df562d8bd8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: B5DpOmvch11mXzVseVtlHeywgq_dQ1MS
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 7F2A9F3J4CRQTX80
edge-cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1932
x-amz-id-2: bozgJYpzszrKyKlCJHOVCKKTjO++6113hIfGlqcMg93m8wCbWXgjpFuwDv0MJxFA1Yyr3W8I/mtsJxhP3dMhT+GQS8j75HR/dNm9ozvzJVs=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "d73835f618bc71964c415845fc4d56a9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5uJLc6DY2tK3YkLyn6dwffUbFRJAExKl3EOBhnmw8fI8yPingfbDQgTsZ8u03yNlvrs9vjHgRLJCXGNtxS5oR17Da%2Bm6jivubBX1drmL2UjSAMDHAf9Bzb2EvxeOQTU7NNSt1S3Fs6bahrbGhW9CVNUxL7m"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedd636dd-FRA
x-amz-cf-id: 5duJGIOI8KHZE8X18mxb6mcpRffCi0mpFNJzNqEzqUjefwmL1LXiBg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-goldmountaincasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 587ms
582ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-goldmountaincasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba688650b4ecfebfd260cfff27e2f7f490e1b0ab9ffb4c9edfac5a9388789b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: 28zAG1hhxPcP8rzF0G4jN82VbImzwYH.
x-amz-cf-pop: FRA56-P7
x-amz-request-id: NQWY5FWQH6MXPN9Q
edge-cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3288
x-amz-id-2: KPuAaA8CGUf4EUOXEuABba3J7MOuQxY35pXFi42YhAL0FFoo6rbIGCdJveaDDBTT7D6sKrBi8lQ=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "be35363e74b66134bcb87d78422b3bb9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8MLwMc7B6luX6m%2BGc3psH0WuUUvRMKMx8LX4Ri8RtTbOkgvZwkOlBd8VRfordNX8NW7hYVw0YwhZn87Fqrie%2FxGX5V8DmOJYxJoMBBDpwYznC6sMBiT2Xx%2F4WqVDmrhZ5TIQZH4swVjrkK1f8oFeh24j884"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedd836dd-FRA
x-amz-cf-id: g3UDwJNwiCvGXQxtjOrnL6cQ8C1jlLtp8f8zEWef9oe8owCi7N8IAQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-goldsbygamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 4 KB
5 KB 870ms
865ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-goldsbygamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d957237d81e87709bfd818c28ece38bcc35f71c16ed0b70c4eace4d755cc28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: s6xG2gLf4vDchAz.TAHdotjAWYcN78ao
x-amz-cf-pop: FRA56-P7
x-amz-request-id: NQWGBA7GP61YAACQ
edge-cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3815
x-amz-id-2: f9AgBbaClm1HWX+eCUjd/v/0eEgVE9nokWv+1+/hqxrC4Rk4gFIYWdRfqxtGAVIPmS1fNEEyxm8=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "45151587e78178e0716a98a0478884f1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F16B817JI0vGxOWFMJhTOBhTGlV5wuTPhXoULvEiSXnyc%2BPJLsr%2FF898UB6o5uv%2FmdqS2NSdvmFZD5PebfDN2yvwClZS8Mj4HGWRRBDX%2FLr11lZTVOeCaYyeGSQLAASGznnUenpp1vxc86zdiFGoNNY%2FfxX"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedd936dd-FRA
x-amz-cf-id: uVo9GVnSqLyc7NwC6p7gRxrZ5ULCnUY61DvH4qPd71VstRF-Sujy8A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-jetstreamcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 943ms
938ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-jetstreamcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8a2d1550f03c4243fca644a5edbe0a99a1bca8154c09c3476d734ab4c9496d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: yV2pbA74yXQbqlUtAtPT1uobzeOtLEqR
x-amz-cf-pop: FRA56-P7
x-amz-request-id: F3PKZ05HYTSKZWS6
edge-cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2195
x-amz-id-2: v3QIb+BG3aJCfraSS7ax4bvyuR9wcc41VLk/zmiGetp+yblf9ceL2dCYdxK56OW/51Rl8NkK+bU=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "82e962c1b7cd0f32296913945e92880c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn4%2B6LioYHbpQQY%2FDcYc2VODt6muzzO9gGYL3Bw%2FIXJ0kjkTg7V7xcsykyIo2b%2BVp5t8WlPDw4mpViGYZD0kdeNBw%2B5hvpKPf05BpskbiDe6yEga2gjYIpfYq0Ylzig9XP0AXb1KJq4Cej8reHj8GDPHdHNX"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceeddb36dd-FRA
x-amz-cf-id: nZM3LSI9g5GFCX-3bT3wDCsKQWPN87Y68ZsSwPVASagV5kqEklvh3g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-madillgamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 4 KB
5 KB 871ms
866ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-madillgamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf824312f02027d0465d66db66e2a162385246064153e2b63a439233feafccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: Xox5HCzdcxcUtCmMf2Gwm3rSb20a2zbY
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 7F25M70064H674M3
edge-cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3752
x-amz-id-2: HWexUgtGVkMN22c36NEN4WcKEI/fVpLSAE3HPPlIHFhra792Y+0dRuFYnnNt3zfWFr4EXZDMxhQ=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "ba61e591f21334bf66104547fd683e7d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyRX3mtUh2bF6UhQ%2FC80Z25BQwJ1Uo7uQJARn5o9x81HXD1LphDcgmpeOt%2BSY8Zqq7IP%2FD65n7TMmHUaWlihuNCFroLVzKbwfHjGew4JVNbcuEQdE9aFpc8Aa9nvBn33udOoMgFp6HV%2BcSUpgka55WNbqLzI"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceeddd36dd-FRA
x-amz-cf-id: fziIvxc_6LlNTM_WTrGFRzI2GsyCNZS0V_vwVqTAy386id_B3tK7sw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-newcastlecasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 948ms
943ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-newcastlecasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b622bee1109736d0daccea46195fb72dc39651d33b5055d88b37c6f1babb3d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: JxuxL14I1BBjf201CcFaFRGhq1T7VFr6
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 24V92VXZWXA1776C
edge-cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2282
x-amz-id-2: tsGZBDXZFSYTaYVygudJZ5Qrt/NuPD7PWPSoY+V0evnx2GFJFV0UVKqd4/s21EfCaqngV+SM7ow=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "3b277a721cb80958606d69fc574230f6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANiI24FNIq91K5syI%2FVG6FKde7QDnfvL5wCEXhhmJlpzVOp3BYKptAzDBoXzN9JtdjC6wasQEyoTeao%2FhDaSuWdFIuXB4YtgzfI4nzTnbKLpA7NVvnpYtPdZofWmDXeE9d7coXMfChUr7QJfOBC7m7PDbeRu"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceeddf36dd-FRA
x-amz-cf-id: hQpHlgLQclygviH1HL374Z7MEr7hpcxNZLcaeoKDWyZ5DRu6-vEukQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-theriverstarcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 637ms
632ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-theriverstarcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d8306bd4ee9c279fe3fde6fa7492d96bbfcea6885ab14585b23bbdaf4dec10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: 9a3FCbqn1vj3Z_wWI2mGXv2t2Jpl1uFp
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 566S5RB5GC2NWXBM
edge-cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1859
x-amz-id-2: ihOlhpG/T1ZzaY4JLdLJKuZBXCUPg0o6wyaxG07zTAx8+LSRjtpVGI4u7SxJMDW229D9uEn3KaU=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "4ba78248dc1ffe227d22515d85e6c4af"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2B83Rvh7%2BOZxRl51K46OJxAx26xfE4Vjt27YH9BfEFjoFe9eIKygHIKoo9qALKSWqjz%2F2qtaITFF7ndhmVg7uBRoFxEF3csGkYsrp%2BcA6h4D4ssJKXBhm8340Hj4zQt8JmrtdzK1XY2qH6CdrChGLRIfHziN"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceede036dd-FRA
x-amz-cf-id: MCV1OAx3McntSFAzrjXgBiUOTcvVWVAKTXn7YvP5X0JaXzMVjfOjzw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-riverwindcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
4 KB 610ms
606ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-riverwindcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fce0755677e0c97a66300b8346a0882e8a01df4f54147a6ef6e494cff162796a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: U4CsENiFD2YPkdxDKuZHPHXEU6NbKdfu
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 24V47AMR4TA2VS3G
edge-cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2542
x-amz-id-2: +cTDneuzl37WFwNaHhNgws7uJhG7dArYyv2aI4OsrhJ6frTUvkqDVDMCwf0W3Tq8cIREvvIA/fQ=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "0b8c8ad86e3575434a4e55295ef8f332"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFMce88lSd0qCixDAWf%2FdK2wKJhTVkoBswV8E%2BRf7rz5ht0nO23MnjRHiEm3biPCudVVy%2BHrX6dVD96yhQMbBq6chDgGFqNb270PahsYwyyalxeA1Z%2BT%2FF4Wz7Qvf6aqytCnxmOSD%2FhU%2F7tO%2FZaxVHIJtL8v"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceede136dd-FRA
x-amz-cf-id: jUP-LKyH42phUIV0TP0oACVh973yovJmbWTYKEc_4luBIF5pkzYYUA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-saltcreekcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 594ms
589ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-saltcreekcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f475146a0fcff8471ca0cae826dcd90da49b3deed8066db05e4fcc28e726b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: .saMBQpLsncBAch6fw1FORsSGkHAHhJH
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 566JVHKQ56NM22N2
edge-cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2590
x-amz-id-2: 38gknbQ3w+iDy/U+9UdxJmUXKpV4tpRPLJUKhw+v2NliQzSshDPZ3yMKdW5dFy63h+UsT2XE9zM=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "73ac739590a26b08f4bc87c0eec1c3d7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl38MMP0abuplccM11trezldwZPx%2FkMZyQsoBlGAVF8jq%2FgDGIzTVioAnrUv%2BSTpTh3CzQ8ghY78f4dGFkNL1RajC290i0O7UsgK2Q1yI2HzQa0AulZUTvxMwS1T007oULmm%2BAOD7IJfjqfYvebs4PnOhBgk"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceede236dd-FRA
x-amz-cf-id: Pfax9D4I3oQyrMOs8oTMYC9AEVQJzN1EaLhzAC3oDaXZIYem_IBeyQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-texomacasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 927ms
922ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-texomacasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c37e3627758ae8eee1bc7eae847d199e83c32ae218d84ad29c7bdd336b1a866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: HAu7Wsyo4tR7DubDCN8_tKH5SosEX5dW
x-amz-cf-pop: FRA56-P7
x-amz-request-id: A68BHZ3DHFZRT3JJ
edge-cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2447
x-amz-id-2: 5sVdiw7jfgriOnpP46hqVL1D25BdHCut1c8o9Zo+pSV350d1lFnezx7dUkx4i2UUPmw1fY82fow=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "8f7955f826d5785a3669876e9f00d557"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gckt5ZI4G45eNAYunJhMk%2FjBQ24a0FGqPQTKg5HKxt9GVonDug3G%2BetNnv74OTF85iOcz6Cmr60%2BkZPFCqwphv7TlG4OGgHkPfVAGIS8fCPi2vme193YjzF%2BSJlWOKPs0zZDFVVzk80YIKkAIMPC5PURYNbb"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceede336dd-FRA
x-amz-cf-id: pQvNdW5essqe1TN4QU252WkiLBBUx_BebYmjevcJHq4nw-rxp5t3Dw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-treasurevalleycasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 938ms
934ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-treasurevalleycasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7649adfc612321d734d9a455897d0e9583f67df1a82cf6163ec2e4afed9b0833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: _SUcF7YoC0Gse0YT8IMX4kXn30ztWvZu
x-amz-cf-pop: FRA56-P7
x-amz-request-id: NQWHW4ZW5C3E8BGM
edge-cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3365
x-amz-id-2: fp7/Il/Xl1JQDeFiQushYM8AYBbcWmFQB8C71ifeaN7+0awiwstRo+7vBmlIEWc8OlxBJLWmsXg=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "df2fabf268d97e4452655e874c1cbc1e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RL46Tf4GQfyk639ZdEsrp35O0%2BTWJWtxHJfKqjND%2Bd4JZTxgP%2FPRxqC9ToJZSDhmbn7Qf5iqsF8nQt01OyhSaCgNaAWN%2FxEn7V6mhlNG%2BSHxhSGIOaTA6Y%2FgGn3plA%2BZL4FN%2F5O6ynqaGmzoQs0VzNztFeoN"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceede536dd-FRA
x-amz-cf-id: Sx_1OU31YvtdDEJrFmlngL64SD2AJ0nNBtWNWILkg4ewvGwBVB9EVw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 logo-washitacasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 608ms
604ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-washitacasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34d4be36c17e8e93b4aeebc9641afe9bb677cb06f157e33e20c08e485c4a13c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: EMtezGLG.SmVidAAesVQTZFAlKT.gPGw
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 7F2BGEMTF8BHKZ77
edge-cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2632
x-amz-id-2: Xw48i3FTdYJ+8Au61W2qXWMfB4J+T1DXQ6iohqIwfCvxedqPTw4+gtkKE1PBaaVZmoRew11WJm8=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "ab09c5c85f22f772e73d108c43cba424"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FnVCFgdE2YGBh4XlCnrMTwnc31sGzgtNjEuEk1YY4RyrYlaG8j%2FPMkFQH4NgiuAwkfknCdmzuhQfCdDKtjtAypGSt%2FMXeQJCdzFoRPHar1JiP4wcBayseLEEmGWbloYcdiA2xs4Mqs5JegdWgpbnOvrNNfV"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceede636dd-FRA
x-amz-cf-id: 9fQmEF6rfH--qbL7A5ieNzZcD53TY5X-50qlCsLJr7a5iqcSO440YA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 winstar_logo_new.svg
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 9 KB
5 KB 614ms
609ms Image
image/svg+xml 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/winstar_logo_new.svg

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: CCiFdR5lVMuU5PjWh7Vu5PseI5ieorRz
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 7F2D2NDJ1FFTGTJN
content-encoding: br
edge-cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vmEuJujnQdooX4GhWaya0hgXwR06wy/si45Ck2yt6fKWUihdpfJDL5c74zNKQ4g+xRvjhdCiBnvMQt7doaWdeyZaVadyRb7+
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: W/"50e2b8162235b3d5b57b9d94d0481154"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmD1%2BHToatH3Mr3rwimFhv%2BOqRiY3HZB8BS823LuVLI512V%2BX9R5cWtXFcTKOKk3P7uGiBlUbRruiUxV%2FdyxkS3VHH%2BnmW4pfL7XdJuAg9BW%2BGKpaEsYO0m%2FqYjWcSzXTmySMMn61IVT1tAZJha1mYVBRUDY"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 7abf51ceede736dd-FRA
x-amz-cf-id: SJXLrWYbu9BUTNNO1AB1SOW3pOEOmBoAT-t-9M65Hnl4FwE63s8rsg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 winstar_google_map.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 8 KB
9 KB 939ms
935ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/winstar_google_map.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a5d0d8b771e48a0ba79e62ac22f72bfe276e344269d357265cdf7e881772e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: Cre4s9XRPy7GwpYotpUCw54eim.Tn.vc
x-amz-cf-pop: FRA56-P7
x-amz-request-id: Q21X2ZY2E1J162FV
edge-cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7799
x-amz-id-2: iOU2AywIrL6PQ1dQetNkhRn1X+rlBfnJ1rJLQeLDnjWPgwY3NeU7TqMxS2W31262Se9bflrodXg=
last-modified: Mon, 15 Oct 2018 10:11:41 GMT
server: cloudflare
etag: "8119a7d269e079586154be2ec0935f17"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnFAdPinmOEYEDsl6eymKt%2Borlbu3k3KOBq67VYnLhL3V0EFKxd35p1kedWLqeu6rxMa%2Ff8LcAaYrWePYM9bc8E73gJKLK26n9%2BtVh5iRKOK1Ke2180VC%2BoCsSWOH%2F8sXvyhfbSiQx1sOIl6AbbGCeYBRJdm"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceede936dd-FRA
x-amz-cf-id: W2IaqlBWxH7hOwSi49sbXgtWRSb-zRGARvvMkWLSgAclf7KHFY0s_w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 footer_map.jpg
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 17 KB
18 KB 637ms
632ms Image
image/jpeg 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/footer_map.jpg

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e3fb5b38a0738a68fe363f835acd6291a6da3227077d22c72dd4f401a364763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: .T7fUTtu9zGC3W14jM3tKd5NtLutdFHb
x-amz-cf-pop: FRA56-P7
x-amz-request-id: NQWKRKDDA88YRNQY
edge-cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17550
x-amz-id-2: EjK442TOzoX9365SNMikuujTnfJ4lXHoDc7kEkld8s/mfOICZSJV1bNzTTNM59vgr1dO8QtrxlU=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "34e2e4012be9c202eaa9e64bf3b8cd9c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj3JxFAO4k4GaUWvCU41ZLiI4ns%2BQeT54QXR%2BCoxUFUo%2BE4Ai9GvwHe9xtdvOl3zEK1Tz2Wh%2BTBYuPc4zevr15MZpiyZeYk%2FvWBvdDnkkuBMKElJzzju4ZVytTykwrinLElyNmNXHxUsfjzFgUdwGb4%2BuGSA"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51ceedea36dd-FRA
x-amz-cf-id: 3BhYCXd5uXmw8fQYnkiSZeO08ObkGc_OH04sIBT1yTRn15F_w748OQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 Winstar_October2018-main.js Show response
newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473161/1569745634254/Winstar_October2018_Theme/Coded_Files/ 3 KB
2 KB 557ms
557ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473161/1569745634254/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-main.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa47cfb176e0b8f1e4ac5ca452888fb45222a802e555a3368460b70c3b8d065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 bf7159e30a38421f642619d6da9a8eb4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KrERUaf2d9Nsrz3_RbPh2Xb9M752n3o6
x-amz-cf-pop: IAD12-P2
x-amz-request-id: BT4T65E3PZH93JD4
content-encoding: br
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MQsqFkATn3KGokik58hfRZ3QnCB8U4AZnDUHiWpq98HA9TpRuondgiW8v9jD1tvqBZ02Zb0ATcg=
last-modified: Sun, 29 Sep 2019 08:27:15 GMT
server: cloudflare
etag: W/"d1eb4ef9da07c83ba45ac31bf950fd9d"
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YczvpBjGuNQYYwSPk0en%2FvpQ71cgsjKUEG4ZO5Qg6XQe9dw96PRCWWsC5q0ioXK0TNmIxNdENYmh32mxCz1nbu9J72ai4AbZW%2BCnf%2BOABs8twGHH2aFlMm%2FZ41R5cG0qf7lMB7WLrGKKJxZLnxzTZKz1uv7o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7abf51ceddbf36dd-FRA
x-amz-cf-id: npk_XlDgPpmOtiFLiGWMceC6ZWg5oqNo74c7BdZrXphZaRV1rz2S7Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 project.js Show response
newyearseve.winstar.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 60ms
54ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age: 4268445
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9fQFBBhAunf1d3uiAGTQmD7M5igElDp83%2BnOZYhMwBaG2moI6EfFZF6x4stcSYUwQr57hUDJ%2FEOIWokxKIAowrrfhhf3AUY%2BiNpE4t8iF2ob6vChsRr72CTwtF0xNiloeX1y1qlVNFYm9f0N4a5p7sRa%2B6K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7abf51ceedc936dd-FRA
x-amz-cf-id: ZmuEZCCdZrm5xyAia8nJAfKJsHaYaoSZxaKdSs-yqLaOz8YTH1JBVw==
expires: Thu, 21 Mar 2024 15:03:07 GMT

GET
H3 200 project.js Show response
newyearseve.winstar.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 61ms
55ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 df4167ab0949b4d2c15466bdfdc05f94.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
age: 4268319
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NS%2BqOKf7phRLkbvP0AbyKBzfMiuuedKo2DV2Ci3nHBwNBkpRUzs22rOvCjsmrdXXp8Te%2FYc6SKXZU8%2FkUgcDqFJp6lxOVk5jrmURS3u9XkzjkIlXeK%2BtCGRwR1zWCNP6Awz0C7x%2Fvoourzi%2FHbFcVnzn0YbF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7abf51ceedca36dd-FRA
x-amz-cf-id: kFmX7yEjk10n8JloR2Q4K0-52MUX8mtMrKkriAJ3pHBNGcP73SS5cg==
expires: Thu, 21 Mar 2024 15:03:07 GMT

GET
H2 200 module_-2712622_Site_Search_Input.min.js Show response
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1673294409328/ 26 KB
7 KB 45ms
38ms Script
application/javascript 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1673294409328/module_-2712622_Site_Search_Input.min.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619a66c6578804076873b784af0ca94ae10caa2836883e3777bab7a230c293e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 755354
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 09 Jan 2023 20:00:10 GMT
server: cloudflare
etag: W/"11bfecd439fb3a9412e44bc4c6b9d516"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1673294409328
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKjZbjSEbvZt8qeGeS9%2FTXxxfY8oGlCsh7K5cpVfTewEdBwjAqzRcf1Mk68gickfmplRMCnVM4gXDWZa%2F0ybXqCeAHox5JjxrY4Bx2LHTzozdJj5IjXxMTEx2XfxfxbT6lqIiv8u5kM0oQbXkKo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abf51ceeda130d8-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 4132260.js Show response
newyearseve.winstar.com/hs/scriptloader/ 2 KB
1 KB 442ms
438ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd73e14b3a25c8e9146f1b32027d7248e6611e9f6326217f839abe7daaaeeb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 75eaa85e-3d0a-4195-ac81-7d84b449fbd1
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 15:03:07 GMT
server: cloudflare
x-trace: 2B22890B6E391867BB19733DF92B18FAF12245B644000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newyearseve.winstar.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRXj0MElkdVGvhDB3V6ZcZ0MniubpXYel6%2Br1YJnrid71W4zdLEkBZfrSYq1vKtBgThVTj%2Bhle9TacdL4r3zVL0T92K1U6BE1msbgG5vo28pP3H3DkjmLGym0KykmkbiY%2FGsXz8c9MAlxGrZ0J0DiO0C1oLk"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7abf51ceedeb36dd-FRA
expires: Wed, 22 Mar 2023 15:04:07 GMT

GET
H3 200 index.js Show response
newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.143/js/ 10 KB
4 KB 59ms
55ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9293649926b2fefcc745d0745f7069515068d051a0e5da1a8af0099fcbc2a285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: tYk7zfZxv1cPKMqgfjKc2KKrk..2BkHm
age: 4268445
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 14:39:49 GMT
server: cloudflare
etag: W/"a058511f8075f32c8de21808866260c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMv16nkiNaJWqFQiG5jGPTd6jU0DyNNs2H2sGpG0fi%2BM63iFc1gApbB7UHQlOys2AAyzWShlE4tXknFpzxMJGDZU%2FpBKeb%2BnLC4IzsBYeNYHWJQgWj8XF1rRMpQxN72REzn7Kbn2UwuxiwQGzc8Zb%2BMnGJ6m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7abf51ceedec36dd-FRA
x-amz-cf-id: Ddanuc4-NfkM0okWQnCO3pLZssooB_LwbyW_TC84BHfkSI6F80QtBg==
expires: Thu, 21 Mar 2024 15:03:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 391 KB
103 KB 150ms
69ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa11682b5c2802e18d528764795a15a0439bf72e16522b90b92d78f2732c44f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Mar 2023 15:03:07 GMT

GET
H2

200

activityi;dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F Show response
6820846.fls.doubleclick.net/ Frame 34FC
Redirect Chain

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
https://6820846.fls.doubleclick.net/activityi;dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fne...

401 B
566 B

66ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6820846.fls.doubleclick.net/activityi;dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

c25cc32f42fd9b9e9026d7361bb2ffe2578957c27765dd25335739a05ee32b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 228
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:07 GMT
expires: Wed, 22 Mar 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6820846.fls.doubleclick.net/activityi;dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Mar 2023 14:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2374
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 22 Mar 2023 16:23:33 GMT

GET
H2

200

activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F Show response
10388130.fls.doubleclick.net/ Frame 1C01
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2F...

3 KB
1 KB

65ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

aebc2f19db59d3749ca5ee57a902efd314811600d814e78528c0d10411dbdbb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1076
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:07 GMT
expires: Wed, 22 Mar 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/ 2 KB
2 KB 125ms
66ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/?random=1679497387623&cv=11&fst=1679497387623&bg=ffffff&guid=ON&async=1&gtm=45He33k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&hn=www.googleadservices.com&frm=0&auid=2090489525.1679497388&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea143bf0d3e9b50d179009f140a80d5d5dc9bfac245bbf3543ce275ddb5c6819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1164
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 79ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Mar 2023 16:02:12 GMT

GET
H2

200

activityi;dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F Show response
10388130.fls.doubleclick.net/ Frame C90C
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A...

408 B
555 B

106ms
103ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

54b92b2b1bf35aa9222c80300713b56dc6ea35151d7844e10de92d55389fa019

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:08 GMT
expires: Wed, 22 Mar 2023 15:03:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F Show response
10388130.fls.doubleclick.net/ Frame 581A
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
https://10388130.fls.doubleclick.net/activityi;dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3...

409 B
533 B

73ms
69ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

59fc74ed90be0e8b1d4b1373abfbfa0f073b68a77b123f0ede06f440eb030c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 235
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:07 GMT
expires: Wed, 22 Mar 2023 15:03:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:03:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/ 34 KB
35 KB 191ms
129ms Script
text/javascript 18.66.112.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-81.fra56.r.cloudfront.net
Software: /
Resource Hash: b9a2ceff9fb1938f6a9a7199ac741bd480d0f1c256582f498c5721b4e962b393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-runtime: 0.007161
date: Wed, 22 Mar 2023 15:03:07 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"b9a2ceff9fb1938f6a9a7199ac741bd4"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: 3S2w5SkMIENRtZ3Rk4lVt1JvIvVO06Ngc6jqf_P11cAtSx2lwlsX5g==
x-request-id: e9e55063-76e3-40f4-8260-d8befa8b9481

GET
H2 200 4132260.js Show response
js.hs-scripts.com/ 2 KB
939 B 461ms
410ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4132260.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12836c9d1bd93e83ff19fccb8531be65e2885305703d2e7311040bc698211a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 13:19:54 GMT
server: cloudflare
x-hubspot-correlation-id: 8adb030a-9883-4a3a-85e2-27b98f911185
x-trace: 2B6D93C2DFF2ACA3C950DDFB429FA18C29401249BB000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7abf51d129012c01-FRA
expires: Wed, 22 Mar 2023 15:04:08 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/ 32 B
397 B 279ms
219ms Script
text/javascript 18.66.112.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-82.fra56.r.cloudfront.net
Software: /
Resource Hash: d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-runtime: 0.017999
date: Wed, 22 Mar 2023 15:03:07 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: JK3f3vstYHTTP3Pm92qlu2W8iS4uy7wKKg1qCOziFv7AfxL5_o5Okw==
x-request-id: 69e2435a-9713-4923-b0e9-59885e0c8ebc

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 77ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Mar 2023 15:03:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ERtn7oagHfD/VNpFTC3Woa53GcyRFEagT62NA/mQj/2+rjncZQ0IKQ7opEV3xtWZ5Szo7c170ZauXgdpca3E7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK flip.js Show response
tracker.adreadyclick.com/ 15 KB
5 KB 89ms
29ms Script
application/javascript 2606:4700:20::ac43:4ae4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.adreadyclick.com/flip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644cd051e1a99703736b2f4a00b68031af230af72b5ee80137b7146e676802a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:07 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674060236
age: 3154
Transfer-Encoding: chunked
x-guploader-uploadid: ADPycdugLMMU1irXobpu7V5NwbsXK875iUkzBDy9BiBLGzeBKbmRmpCdbOtL15zP6sVvlURJP-xDL45dTXQ-kqxOukpp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
last-modified: Wed, 18 Jan 2023 16:43:58 GMT
Server: cloudflare
etag: W/"55e1c0470e07223e302d41841b945057"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1674060238304546
Content-Type: application/javascript
x-goog-hash: crc32c=UJ3EKw==, md5=VeHARw4HIj4wLUGEG5RQVw==
Cache-Control: public, max-age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiU7kOlKW9QC%2FF3Fe%2Bg67ZSCM0cRwPfBZ7xtuSmLAhMNbDFDim%2BqmnSaek47pmvtMV370pnefQkgtkipIlNOjh%2FmBzJutazCbO6PEzDxLkoOffm55skf%2Bi5qwxI4OfvHRMqe%2FLzkcEman64Divji90qniAHBnA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 15776
CF-RAY: 7abf51d13af32c5a-FRA
expires: Wed, 22 Mar 2023 15:10:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
85 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06f7242553004cc6f2bf0b6c731973cae16385d93af76f9aab745a275bbe0b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86643
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Mar 2023 15:03:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 278ms
22ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28262588-1&cid=282959067.1679497388&jid=1225373063&gjid=1619915590&_gid=145404646.1679497388&_u=YGBAiEABBAAAAEAAI~&z=794312205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Mar 2023 15:03:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 23ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=169455141&t=pageview&_s=1&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=1225373063&gjid=1619915590&cid=282959067.1679497388&tid=UA-28262588-1&_gid=145404646.1679497388&gtm=45He33k0n81TTP9H29&cd2=1679497387612.w4ndpt0z&cd3=2023-03-22T15%3A03%3A07.612%2B00%3A00&z=1281069065

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 23:51:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54671
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 16:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 16:02:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 220ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1LWDFVQ2YJ&gtm=45je33k0&_p=169455141&_gaz=1&cid=282959067.1679497388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679497387&sct=1&seg=0&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 215ms
23ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1LWDFVQ2YJ&cid=282959067.1679497388&gtm=45je33k0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 215ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M62JR698ND&gtm=45je33k0&_p=169455141&cid=282959067.1679497388&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679497387&sct=1&seg=0&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 239ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1LWDFVQ2YJ&cid=282959067.1679497388&gtm=45je33k0&aip=1&z=966238474

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 727075671205102 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 104ms
103ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727075671205102?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7fc7e6f55c0557187e771053814d3308b9c7c5407ad4f4c2a00379e208578e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Mar 2023 15:03:07 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: T9cj2lsq7YF7KdsD7JL+oRUR+0tkKBhL0TmzjOWvYzzKF0EvQdmZWfFr2i1KM090tjJbH/8uYJE5ofsQIisclw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/991190777/ 42 B
455 B 205ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991190777/?random=1679497387623&cv=11&fst=1679497200000&bg=ffffff&guid=ON&async=1&gtm=45He33k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&frm=0&fmt=3&is_vtc=1&random=1513264705&rmt_tld=0&ipr=y

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/991190777/ 42 B
455 B 206ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/991190777/?random=1679497387623&cv=11&fst=1679497200000&bg=ffffff&guid=ON&async=1&gtm=45He33k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&frm=0&fmt=3&is_vtc=1&random=1513264705&rmt_tld=1&ipr=y

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

80 B
244 B

41ms
40ms

XHR
application/json

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Wed, 22 Mar 2023 15:03:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD
access-control-allow-origin: https://newyearseve.winstar.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 100ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727075671205102&ev=PageView&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&rl=&if=false&ts=1679497387991&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22201577111753694%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22134857518671964%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22974729233288551%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221247061269080564%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22945468869627504%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22317042923488421%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1679497387990.496896968&it=1679497387805&coo=false&rqm=GET

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Mar 2023 15:03:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 bf18cdb0-0102-0139-376b-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 1C01 0
782 B 110ms
38ms Script
application/javascript 34.90.223.176
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/bf18cdb0-0102-0139-376b-06abc14c0bc6

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.223.176 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

176.223.90.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: F07F-ePoyoGv91sLbiCB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 1C01 2 KB
2 KB 366ms
59ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506714&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master zrh-pixel-x7 config_version:"unknown" /
Resource Hash: 82262aacb94b381a117602983f76746d67fc69619d96f0df36a3e7dc58b51f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:08 GMT
Server: MT3 622 a74c1f2 master zrh-pixel-x7 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2012
Expires: Wed, 22 Mar 2023 15:03:07 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 1C01 2 KB
2 KB 363ms
56ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506713&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x29 config_version:"unknown" /
Resource Hash: 3522c88ce5bdd64ccdd98bb9a4f857492a404caf6837f902cb4cb0a2d1e2cc5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:08 GMT
Server: MT3 622 a74c1f2 master cdg-pixel-x29 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2012
Expires: Wed, 22 Mar 2023 15:03:07 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 1C01 2 KB
2 KB 359ms
52ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506712&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x28 config_version:"unknown" /
Resource Hash: 984b134a9134ac38373d66422300eaf42b8c3c1c6dd77f00c1a95651a35bcaed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:08 GMT
Server: MT3 622 a74c1f2 master cdg-pixel-x28 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2012
Expires: Wed, 22 Mar 2023 15:03:07 GMT

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 1C01
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
253 B

373ms
362ms

Script
text/html

2606:4700::6812:16ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Server: 2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7abf51d77edc373f-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Wed, 22 Mar 2023 15:03:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7abf51d52b60373f-FRA
content-type: text/html; charset=iso-8859-1

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 1C01
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
143 B

399ms
398ms

Script
text/html

2606:4700::6812:16ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Server: 2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7abf51d7af08373f-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Wed, 22 Mar 2023 15:03:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7abf51d52b63373f-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
adservice.google.com/ddm/fls/z/ Frame 1C01 42 B
107 B 183ms
88ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
adservice.google.com/ddm/fls/z/ Frame 34FC 42 B
401 B 164ms
69ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 6820846.fls.doubleclick.net
URL: https://6820846.fls.doubleclick.net/activityi;dc_pre=COv_yann7_0CFf3MOwId-DIFHg;src=6820846;type=winss0;cat=winst0;ord=5339444204256;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6820846.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
adservice.google.com/ddm/fls/z/ Frame 581A 42 B
107 B 175ms
80ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CID2zKnn7_0CFQWRmwodAAsElw;src=10388130;type=newpl0;cat=place00;ord=1;num=3506032370663;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ Frame 1C01 17 KB
6 KB 518ms
127ms Script
text/javascript 3.234.40.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.40.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-40-38.compute-1.amazonaws.com
Software: /
Resource Hash: 29ea81087fea17cbdb5c82e749ddbe94d566aad0c9f937061853466a89ec8836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Mar 2023 15:03:08 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5400
Content-Type: text/javascript

GET
H2 200 dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
adservice.google.com/ddm/fls/z/ Frame C90C 42 B
107 B 166ms
94ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=*;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ35zKnn7_0CFRHQmgodkmsORQ;src=10388130;type=place0;cat=place0;ord=1;num=9014905954306;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4132260.js Show response
js.hs-analytics.net/analytics/1679497200000/ 68 KB
21 KB 386ms
160ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1679497200000/4132260.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e476a0f9afe0bcdd6d065b3c328240b44fb8e603898d6d50a42ab52a5f082a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: XM8SH7K7CSY0AMB0
x-amz-server-side-encryption: AES256
x-amz-id-2: oTj1L5ahLrOlzJavxw6i0JxkCppNT5ORHB9nY5o3t2LKL3xpTivMtVFOOSl8JO2KheKO7L/pKGE=
last-modified: Thu, 02 Mar 2023 23:06:17 GMT
server: cloudflare
etag: W/"50d2d24f1ca4651bff04f8a156cdedd9"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7abf51d52dd13838-FRA
expires: Wed, 22 Mar 2023 15:08:08 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4132260/ 208 KB
64 KB 862ms
641ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4132260/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770f705e32e64462a1d1a49807dc94e93b8550e421f45662de9575e743e9f9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
x-amz-version-id: dxQzxMaBhr1XhrsyYhsx7YpRIjhY_qQn
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: XM8ZAMZXZSGX1FQ4
x-amz-server-side-encryption: AES256
x-amz-id-2: 0xuR1fxRHnsivR38L1XklpgL4n16oGBirKt3ovZdycQFfwZt8LiFI6mf1BciJz/BnbeLn+Nl12s=
last-modified: Fri, 10 Mar 2023 16:17:16 GMT
server: cloudflare
etag: W/"3cb2b1b3c6743cf5ec2f06887c1f5b9a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://newyearseve.winstar.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7abf51d52d2c2bf8-FRA
expires: Wed, 22 Mar 2023 15:08:08 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
21 KB 261ms
36ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5cd0a9d9ccdea72b6a8280e580343d2058ca76e4c000aa811b3e53bca94d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
x-amz-version-id: e0MlK3Gfa7cjEV2xSjny1dd.UgErJUC_
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 497
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12664/bundles/project.js&cfRay=7abf45b20f152c4a-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 08:11:58 UTC
server: cloudflare
etag: W/"6acb13ba81476f9100c354ef5e68e97c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7abf51d529502c53-FRA
x-amz-cf-id: yu-s29paxiruDuaTMNkoZO4atuK3XlP3YMyvCfQfLpIktnUrai4V5g==
x-hs-target-asset: conversations-embed/static-1.12664/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 423ms
199ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
x-amz-version-id: waE9SUXeTvXi6sWFWRT4B49N3dJ8yImu
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js&cfRay=7abf51d52856382f-FRA
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Mar 2023 09:43:53 UTC
server: cloudflare
etag: W/"15b55a577dac25b07b6c519f5d1a3aec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7abf51d52856382f-FRA
x-amz-cf-id: VZBEO3mf3p4VuEFvBSQyjCFZkFc2lJ05PRZyVYbfOf6ptjQJMWsEwA==
x-hs-target-asset: lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js

GET
H/1.1 200
OK validate Show response
pixelconnector.adready.com/ 209 B
578 B 437ms
311ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/validate?id=94820ea4-dcf0-4edb-8324-04ea01d34e0e

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268a0b6dc8101ab696b0fe007013c8f7e0efd82fa6f6fe163ef25977b547b76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:08 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://newyearseve.winstar.com
Connection: keep-alive
CF-RAY: 7abf51d58d448fd6-FRA

GET
H2 200 fs_mid_blue_dark_blue.png
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/ 110 B
915 B 724ms
723ms Image
image/png 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/fs_mid_blue_dark_blue.png
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4701655ae7ea0774fd51ced0d4e081701c5129b57a2983e9570a70d3286220c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
via: 1.1 d04998a67c7a3fb6819bd5fdd0bbe124.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: 2fOW0LmsXhRWlw_JAHAGigCTqetdzF0W
x-amz-cf-pop: BRU50-C1
x-amz-request-id: Z77F4NSC1FQXF2JM
edge-cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 110
x-amz-id-2: Ab4C90M4YgLVu6fVnkhf4LVUNdYqL5cgwFPfldq8/+zutfaSaOaUbMB6dWoHWAJr6sYKpNc36Eg=
last-modified: Mon, 15 Oct 2018 10:11:39 GMT
server: cloudflare
etag: "12dea73d28f469fb0ee2bfe05815786f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUGz3IYwsTWQd%2Bg993yDdV%2BEH0o4cpVTpgXlL1pke5LXo3f3SUaTCensYFMIOLUIdhTWzXc47gnQkE3oR9QT3Qk9fa3dJlgtUrd3q1lkA6a0xCPc%2BBZd%2FcdCg29i6pITY8yUduLe3YKV9xZl0aY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51d4e88630d8-FRA
x-amz-cf-id: VT0pnFdv0T9W1m6h2ahtl_gQV2PTMMA_sDF4BUKnz20rMIsR1EKbVg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 07-brother1816-regular-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 36 KB
37 KB 936ms
890ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/07-brother1816-regular-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: 6NbhAV9OZi3kM4XCKtQTBqvU8U.GtDR9
x-amz-cf-pop: FRA56-P7
x-amz-request-id: PN80G869WWMQVV2C
edge-cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 36932
x-amz-id-2: af40xq3Gs6ACjCjanUlhcu/Be9Clj+57zBbn2IEz2Ya0DwDTjvIleiUVD0Dl4PIMtzX3uO78QZ0=
last-modified: Mon, 15 Oct 2018 10:22:11 GMT
server: cloudflare
etag: "792f3d6bc7b18b43cf24aba8f071c282"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8x7pHNE6flmbz2PQogpzQ7%2FF4QcvU9eVqF3KbldzLd85Li0YlhHaQNpGbK%2B7rXrAX5Xr%2FLneXAtBF2b%2BFFLFjo1MGmFrdcs8q1SfJdF2qhOf6iObMaPJOWiyKB5Ry3G%2F4BwY1mtUhYQ36MSqi0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51d53a6130ed-FRA
x-amz-cf-id: i6V4YYLN5kydo_gHUkLUwvsOvoNPrrwsePeRdKqDep9hur5zXGQUWA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 fs_blue_dark_blue.png
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/ 110 B
993 B 975ms
974ms Image
image/png 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/fs_blue_dark_blue.png
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e7e6e02ccc18372b8ffc572ed716b7ce25c4ad303dc5b67187be2f3e90bf04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
via: 1.1 a33954238ddc352c152e2314fffad1ae.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: YoPvDj_Jti8vX7Sw96siMvtHne.0ry8h
x-amz-cf-pop: BRU50-C1
x-amz-request-id: Z7704V48Q8E23CPN
edge-cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 110
x-amz-id-2: QRl2Twku5gAByvnwpgpNVKlyiNR+LIaxKlK+BqXCiaalHRJd+7jYebHxwRHNQttF8KPQ1ZRa7Bw=
last-modified: Tue, 16 Oct 2018 13:29:47 GMT
server: cloudflare
etag: "453f24becb272d4ccd8cdef5542a67cb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AHtsriu5KY%2BltTzbqC8LQGCVXMggFcHL5FR4IFHMNvQeUZT5nr38d2G87%2BkUYzvTQkivtl1kSgRxT6TNQr8FEv7%2FrieTaMr9RnfdhTOa7iHpSCokpyfeMGzxva5vTb1iHDaNdE9dIYsQszfDoU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51d4f89730d8-FRA
x-amz-cf-id: i8Ho3-qIvtlS7jM32GO0VdrYAz7lYauS3_G9fjaGDz3S8FIOemjDYA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 11-brother1816-bold-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 35 KB
36 KB 687ms
645ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/11-brother1816-bold-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
via: 1.1 001697182c1fa87cc8749088d508ef8a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: EuuyyAm.a2B9xgoLv8qlux19dQD5xkMQ
x-amz-cf-pop: BRU50-C1
x-amz-request-id: PN81MZA6AG7SG5HE
edge-cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 35480
x-amz-id-2: bC6Oj+QRmhy1247agA+P3S1jsrPi3hGjOOSUnK26J2BEXCURZUUfhBpHUGAXVL4XxleoV/2Ss4w=
last-modified: Mon, 15 Oct 2018 10:25:58 GMT
server: cloudflare
etag: "3353c0c6af922ea10301c175bfa40497"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWyehG2b0yHtbww0Jz3KaOafOXJjprX4Txsk6RvslnYqnF%2BZ1vC1DnvZHY0zIwFUc5iMdF2V14Fv6tMkUu1e9r3vJE6omkGmXgk2EuqsX22hx77scDQCygquhJrl1AfVq6nbanB3ofHjhtoWD0A%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51d53a6a30ed-FRA
x-amz-cf-id: v8_3FdHcCDu4t8k7N3RLPX8rgqh4rLoQqrFoCqGg3irX1LMpswLtyQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 05-brother1816-book-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 36 KB
37 KB 928ms
887ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/05-brother1816-book-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67be5c64cb2ea58e769dbdf3b2fa46c6c1490828fe2a128622b721fd9f43acc

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: KLJIncy6PMsiA6G6I_ufHnkHMR9B.S41
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 1Q6E68FH5DH1NF5S
edge-cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 37248
x-amz-id-2: r5FFn0InVjss7ZyP4REMrmRHLISSkXC1if6CaIOzNMHmkU1ufCdlv9upWq1wXmahdmb8v6Ot/JA=
last-modified: Mon, 15 Oct 2018 10:19:41 GMT
server: cloudflare
etag: "55df6954b7a71f3e2dd0567ab5629249"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwMIey2zpdoc2GQQv1xo0vyvWPAniCfMOHB%2BimHYj4UqIdyPNk%2Bn60egB5VNT%2BWcHymyIdREcTHLvlv37g85tCfGbvz4PZ4t1aFaYmM%2Bwn%2B4P195ej4ftwF%2FspZuDcVDU1KQ%2F4O1hKaE2fYFE%2Bo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51d53a6e30ed-FRA
x-amz-cf-id: 4oCnFtwAULnU0mL7ARK3ylvlD9LJgDsM8-otoFxCW0u4R6t6l-pvDg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 09-brother1816-medium-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 37 KB
38 KB 997ms
960ms Font
application/font-woff2 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/09-brother1816-medium-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
via: 1.1 69154db4091f3dbde5ecf072840fdce0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: ZIy0nGY5MP5b8b5rVBIVvEw2otYxJ83T
x-amz-cf-pop: BRU50-C1
x-amz-request-id: 3J4FEA546A1X67SA
edge-cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 38096
x-amz-id-2: IOb7RiIrcGEl9Vv2lcN+LtRHbmaBEjqZbfmdqBPdZgde/xJPXdzJEtdbPN/7a9EM/yzTn2lv2RE=
last-modified: Mon, 15 Oct 2018 10:24:14 GMT
server: cloudflare
etag: "b0f918f568eb228fdf650756c088878a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siPiBNxWx8Fwh8kiFI8ENuInk6e%2B2Gfc7akutGAfqi7YMW7BgR34LUu5uSURD8CgxhJvFxZChzakO6%2BPO7i1Al5cAjAYCIfE%2FY78AVpLe1Ov2V9WlRmizO9QPEnayBAOJXhnxhisHzesZEt0ZNo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51d53a6530ed-FRA
x-amz-cf-id: 5_uYGt8NinflN_AmKUJK7nbghEXVc_ByeBXcNAkhqBcH1cfzcJ0u_A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 socicon.ttf
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/socicon/ 46 KB
32 KB 945ms
909ms Font
font/ttf 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/socicon/socicon.ttf
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6bbb4c2632625af6166ce6afeb938f4ea69dec1d6d9dcda8d365aa441193077

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
x-amz-version-id: r5Ngcn0PY_qbcWhp3fZjiFNANSXeC_de
x-amz-cf-pop: FRA56-P7
x-amz-request-id: PN81GM4E73PRGCR1
edge-cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-id-2: eCZwUk/viZQ07n9tLuFUWDDC03hlYetWB5PYIQXaEZx6tM32LWiGyShby0BnozrAKLDFIIUlWQPMIt2egL511g==
last-modified: Mon, 15 Oct 2018 10:29:18 GMT
server: cloudflare
etag: W/"89760316f014d1ef335340b1a71b7ba3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2yK%2BQDO0EYowa6z3i2BpPbt7Mbexy6OXw1sOBLPvZtGK9COVT%2Fy7QiTUHdqiCT8lKoezQ2d7otrOEeC0CC1fQR3nj7Rmrq3jrhDc16OkNj63bMHMv406kYAxQNsBMiCLH6nnIlfVEWRsWRt%2BDk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 7abf51d53a6730ed-FRA
x-amz-cf-id: KmfB6jmCdveTfr93aT9p6G1oZ5X85e9ue18ONIt6XxW40oxqnS8Efw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
DATA 200
OK truncated
/ 28 KB
28 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1a7e22aaff8ae13a0e2998dec60d2b1e5195f35269db59f4a9bb7c78a02fd5b

Request headers

Referer
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame BE40 677 B
1 KB 32ms
31ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241907&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506714&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x34 config_version:"unknown" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Wed, 22 Mar 2023 15:03:08 GMT
Expires: Wed, 22 Mar 2023 15:03:07 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 622 a74c1f2 master cdg-pixel-x34 config_version:"unknown"

GET
H2 204 insights.gif
ds.reson8.com/ Frame 1C01 0
96 B 113ms
33ms Image
text/plain 104.18.8.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=1782361728&evkey=101115462

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7abf51d679463aa0-FRA
vary: Accept-Encoding

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
747 B 410ms
208ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=4132260&callback=jsonpHandler

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 1e0d155a-0f65-4f7c-a873-5b26ebaaf6c3
x-trace: 2BDF1FDD7D5E04BAE126272A2FAB4E2453D12CFDF0000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7abf51d78bdd35fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7abf51d78bdd35fa&resource=unknown"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 1C01 0
492 B 35ms
35ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x31 config_version:"unknown" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:08 GMT
Server: MT3 622 a74c1f2 master cdg-pixel-x31 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 22 Mar 2023 15:03:07 GMT

GET
H2 204 insights.gif
ds.reson8.com/ Frame 1C01 0
31 B 30ms
28ms Image
text/plain 104.18.8.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=2994120147&evkey=101115460

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7abf51d689573aa0-FRA
vary: Accept-Encoding

GET
H2 204 insights.gif
ds.reson8.com/ Frame 1C01 0
32 B 34ms
33ms Image
text/plain 104.18.8.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=5394122009&evkey=101115460

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7abf51d6895a3aa0-FRA
vary: Accept-Encoding

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 1C01 78 KB
30 KB 212ms
46ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPTnyqnn7_0CFQHQmgod6qoJTg;src=10388130;type=pagev0;cat=homep0;ord=9099173273512;gtm=45He33k0;auiddc=2090489525.1679497388;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
server: nginx
x-amz-request-id: tx000004b52a83511f9122d-006385e0d4-32940f80-default
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 widget Show response
newyearseve.winstar.com/_hcms/livechat/ 3 KB
4 KB 246ms
245ms XHR
application/json 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/_hcms/livechat/widget?portalId=4132260&conversations-embed=static-1.12664&mobile=false&messagesUtk=ef10be3fb5334600b3172524500913d3&traceId=ef10be3fb5334600b3172524500913d3

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0afca55e35bcedc4ed3d17d5986f96f4d4578edafbc4f641c4377307cdaafc70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:08 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9bfd19c7-5bb7-4733-9249-b05bcae9d6b6
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B58AB81D5C4A3C95EF06DA26109894CEFBE8ED647000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMuWjp%2Fz3eOFapbITlyyH9lW9bZsxRszH%2FIdAMdvEDeTB%2FQKhb05JI1lJaOMzZjK4r%2BSTNSD5zeN%2BMlgZtNyyHs6Qr3VQ0WmDqK59nj%2BA1hLdTs%2F9N0kLo2GnMbA2JLK9zB83xLXk7Eh%2FbH%2FPsdnC%2FoQ06Ju"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7abf51d6984936dd-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 29ms
27ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727075671205102&ev=Microdata&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&rl=&if=false&ts=1679497388639&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewyearseve.winstar.com%2F404%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679497387990.496896968&it=1679497387805&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Mar 2023 15:03:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame BE40 0
492 B 72ms
72ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241907&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x32 config_version:"unknown" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241907&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:08 GMT
Server: MT3 622 a74c1f2 master cdg-pixel-x32 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 22 Mar 2023 15:03:07 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ Frame 1C01 65 B
292 B 118ms
117ms Stylesheet
text/css 3.234.40.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.40.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-40-38.compute-1.amazonaws.com
Software: /
Resource Hash: 2712f872a8662d4be24e5714ae1ef301eb55eec7937a5fe8510ccc30c778d0e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Mar 2023 15:03:08 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ Frame 1C01 0
881 B 455ms
118ms Fetch
image/jpeg 3.234.40.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.40.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-40-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Mar 2023 15:03:09 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

POST
H/1.1 200
OK update Show response
pixelconnector.adready.com/ 22 B
370 B 139ms
138ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/update?s=flip.js

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 22 Mar 2023 15:03:08 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://newyearseve.winstar.com
Connection: keep-alive
CF-RAY: 7abf51d7afee8fd6-FRA
Content-Length: 22

GET
H2 200 ef10be3fb5334600b3172524500913d3 Show response
app.hubspot.com/conversations-visitor/4132260/threads/utk/ Frame 34BA 53 KB
19 KB 170ms
169ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4132260/threads/utk/ef10be3fb5334600b3172524500913d3?uuid=2930a6279dee4e7ba1e791337d5dd848&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=newyearseve.winstar.com&inApp53=false&messagesUtk=ef10be3fb5334600b3172524500913d3&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

358757a51baa321e224b7a54b46f768d49138a91b43172a04a36b3065f39f50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1340
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7abf51d83ce135fa-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.15116/html/index.html&cfRay=7abf51d83ce135fa&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4132260%2Fthreads%2Futk%2Fef10be3fb5334600b3172524500913d3%3Fuuid%3D2930a6279dee4e7ba1e791337d5dd848%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dnewyearseve.winstar.com%26inApp53%3Dfalse%26messagesUtk%3Def10be3fb5334600b3172524500913d3%26url%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dtrue&referrer=https%3A%2F%2Fnewyearseve.winstar.com%2F&cfenv=prod&pdt=2023-03-22&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 15:03:08 GMT
etag: W/"167a4940755fb007c841056839d4faca"
last-modified: Tue, 21 Mar 2023 08:11:58 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7abf51d83ce135fa&resource=conversations-visitor-ui/static-1.15116/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-amz-cf-id: bKiytdKoWACQdFsX3fu2y0m0DuqT-Nv9P5yZWfIH21iz4nu4OcAwUA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: NzlZL4_2..VYqwwbz576CRoj8wKcD3Ya
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.15116/html/index.html
x-hs-worker-debug-mode: false

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/ Frame 1C01
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=311449918465&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=311449918465&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bd...

609 B
1 KB

104ms
103ms

Script
text/javascript

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=311449918465&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPTnyqnn7_0CFQHQmgod6qoJTg%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D9099173273512%3Bgtm%3D45He33k0%3Bauiddc%3D2090489525.1679497388%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9b511f6463d3155644be8d92f3c433fc4053b510421a9d8fc38b3f76cbbe0cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 536
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=311449918465&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPTnyqnn7_0CFQHQmgod6qoJTg%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D9099173273512%3Bgtm%3D45He33k0%3Bauiddc%3D2090489525.1679497388%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.292/ Frame 34BA 44 KB
16 KB 80ms
35ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.292/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/ef10be3fb5334600b3172524500913d3?uuid=2930a6279dee4e7ba1e791337d5dd848&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=newyearseve.winstar.com&inApp53=false&messagesUtk=ef10be3fb5334600b3172524500913d3&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4354ecdec55d8fd39c011ac18bbc55330078e4ed25ce8e389ecddf76ec65389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
x-amz-version-id: A2khgkFw3U8K_N9noGY0lvKeFmCLlf_a
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 520177
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 Mar 2023 13:49:50 GMT
server: cloudflare
etag: W/"dff71d3ebb65e39156ee27aa5a13f6e4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmDGJOa%2BMFDEZJmGu82i2GSWALQ4qUXSt66cCfXvMYbaN2kCYmuTfQBtRiqq7%2FDRPtBcI7KuZRMzhL6NTIlAJW7mbQGjr8J8RTOOx85eZNK2QRkwY7GXB8jyy3y4FqI9G5Xd11xRWZzFyrm5JQQBPL9B%2Br0%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7abf51d99dac3816-FRA
x-amz-cf-id: AFG3kHEKwnyHO-tkqaFfUGGXickwUUB1vFDaGuvKJmGwxeeSlenBsQ==
expires: Thu, 21 Mar 2024 15:03:09 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/ Frame 34BA 20 KB
4 KB 80ms
36ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
x-amz-version-id: eTttM9S_vWGkXsa3G13R54bOHuRyRlPL
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C1
age: 1346305
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 22:24:16 GMT
server: cloudflare
etag: W/"8b2053a9d9199e217c1f3e61d80f5d90"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVSChGYosz%2BcoYMWOxLX1MBTjC0hFIgUFZ2lcCS6sAQvODhanxAJqrY%2F6%2BFLTVScz6cCXiBtBy7Cuw22l6tGUaYwrVyuNyZihX9zh8D7AG2LsJYnDChsX%2Fv8aTq6Mq732ZD6PMesmD5vpxub4aTqhEHKnxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7abf51d999592c57-FRA
x-amz-cf-id: wKj5nWOeceW4faTuyOKl0ecR0Sxrzo9DvoSxn8nVQRJd6WYEVcDrtA==
expires: Thu, 21 Mar 2024 15:03:09 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.376/ Frame 34BA 294 KB
94 KB 78ms
33ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.376/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0300214e11b240e10522e4f1ad62ec169cc2aaf02d2baf2da0a549684fd9a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
x-amz-version-id: a6ZTSsHVt9l6.9nsUWaYQP1mG4R5Ivop
via: 1.1 52f91163dc9b412469bf709634e4afca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: PHL51-P1
age: 1373456
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 16:47:40 GMT
server: cloudflare
etag: W/"55586520536599ca305d3b7b5396a562"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkD45PCru2%2B7cBQqV1RYaGPCthN3J1VsPKO1BrR%2FUbTGo9hDNStHOeZPPWufMME35n7IAGV6uRv6PrwMIHjXMkAkLaB2NX%2BSxgelIKk6LWOnSSdD92u66mbN5lzSD69phIVIhA4e7HVj5BHPej%2Fn9wth6is%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7abf51d99dae3816-FRA
x-amz-cf-id: B33qwuMDnraqn7QQ-1SEeXJS3zbiKRkid5KR2huzC3-6zuvgicervg==
expires: Thu, 21 Mar 2024 15:03:09 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15116/bundles/ Frame 34BA 607 KB
178 KB 78ms
34ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15116/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a489afde8eed87c9677b973486044d861c34dc7d530b29adc088eadbfcafd9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
x-amz-version-id: Vbxiw0xMbgco27aZQTJjjifvCbrLVLLy
via: 1.1 c33ccd454bf1796b79f9f9af880e2882.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ATL58-P1
age: 67856
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Mar 2023 15:59:58 GMT
server: cloudflare
etag: W/"10da960161d27f70d38269110157d674"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzU0hZoSYprmWJ55PrWjDKwXbngtAGeBmTZH19jleBEtjA6YR182UYYAYlnpEKRPSTX2UQ%2FjCzet5fwS10u13Zje2CHf9VNCvgvPYL1pv0tsGDHDRUBp1Fb3VW7czbXN6YrlROHDrU4YsyjZPOHNZ%2BHVA1Y%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7abf51d99db03816-FRA
x-amz-cf-id: t0QiHIkU4vlx5zlvULFJggS6W8dXQVg8IkLB_1w9E8HIUfIpj4WS1w==
expires: Thu, 21 Mar 2024 15:03:09 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 39ms
39ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=169455141&t=pageview&_s=1&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDACEABBAAAAGAAI~&jid=1531556564&gjid=1031734789&cid=282959067.1679497388&tid=UA-28262588-1&_gid=145404646.1679497388&_r=1&_slc=1&z=931605737

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 15:03:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 44ms
43ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28262588-1&cid=282959067.1679497388&jid=1531556564&gjid=1031734789&_gid=145404646.1679497388&_u=aHDACEABBAAAAGAAI~&z=1234998111

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Mar 2023 15:03:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14996/ Frame 34BA 776 B
872 B 30ms
29ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14996/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15116/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99bab4b1541e206ab32cf8350e893eb7d1cb8d0edf36bd6ddc1066354cef2747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
x-amz-version-id: bFsI9hlKDHvsURQ_j88lekjNwl3z5qdB
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1012130
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 20:06:59 GMT
server: cloudflare
etag: W/"0a0ee213fac387634f85872a3f472d5c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPRzFJyqLeM%2Fn2hF%2FLkR8IoWczW39%2FyHa9dHUZ5O7v%2FRyEcdZST%2FKNkJ2k%2FjvaXpKop254vYg7f9vG1jfR42FA4XLcqy77RUa1N%2FOcI8Jl90s93UzUJhdte%2FNowoNRbDKsBHJ8wkaDghBz%2FMZrWjpBYa%2B10%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7abf51daffd23816-FRA
x-amz-cf-id: DNIAc6ksT3LvaPTDZx-qEJMsJ2ltj-DRgzXWcr0tqTJ4BGuaNbcuCQ==
expires: Thu, 21 Mar 2024 15:03:09 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ Frame 1C01 94 B
410 B 113ms
112ms XHR
text/plain 3.234.40.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=ChdOtDwyeASK-MAAz1kfjg&is_js=true&landing_url=https%3A%2F%2Fnewyearseve.winstar.com%2F%3F&t=&tip=gmacBQAgTF0Da6l6NVg6OKL7FbW0SDv9qtl-lyPYbKw&host=https://10388130.fls.doubleclick.net&sa-user-id-v2=s%253AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ&sa-user-id=s%253A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%252Faga9C1DPqZMyOs
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.40.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-40-38.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:09 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://10388130.fls.doubleclick.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 winbot%20(1).png
f.hubspotusercontent10.net/hub/4132260/hubfs/ Frame 34BA 7 KB
7 KB 278ms
213ms Image
image/png 2606:4700::6810:d6ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent10.net/hub/4132260/hubfs/winbot%20(1).png?width=108&height=108

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d6ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f971e9199df3c405a613ab627eb68c2ee8ed44267b7d86add46f20ce7ccf2490

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-50759716711,P-4132260,FLS-ALL
content-length: 6910
cf-resized: internal=ok/m q=0 n=294+0 c=2+11 v=2023.3.3 l=6910
last-modified: Wed, 14 Jul 2021 03:17:17 GMT
cf-bgj: imgq:99,h2pri
server: cloudflare
etag: "cfuavY1YIDRxAdxmCCKTIvO6gFm9vgTOLORC04iu3DDQ:baa51713239a333391cb5adb3d216074"
vary: Accept, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7abf51dc1f179a30-FRA

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 34BA 0
1 KB 150ms
150ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15116

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15116/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/ef10be3fb5334600b3172524500913d3?uuid=2930a6279dee4e7ba1e791337d5dd848&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=newyearseve.winstar.com&inApp53=false&messagesUtk=ef10be3fb5334600b3172524500913d3&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6898ad51-98d2-48f1-be6d-282571688d99
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ka046CnWcWu32blVvdXSeh493UoK9ooqZppcXY85LHD8K%2FlMvPwy8cRvZ0tvlQLERSHrpAMfJWvWgjnq9EVV5B0qVsom02A2Ec62lXEJPGKHcgihmVAnLNfBLbCe6L9JC0zdWz7kNvbBTY9SEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 7abf51dbba2835fa-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1154912/ Frame 34BA 1 KB
1 KB 182ms
182ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1154912/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15116&conversations-visitor-ui=static-1.15116&traceId=ef10be3fb5334600b3172524500913d3&sessionId=AMOaWbJtP38evQG2WwXjL9e-uNLptYyYxgB1Mmd4N0a6ukAkVTomlYf0PZTIbYSFi1JjPoaE6QnFFSkmBSAxYH6qnAHDNQI9rQ9MZjgINCreKkUwowD2Dgb_-B_nfEmAG4ePkwWs38nb7Ho0tLOXm8eI-BRKrdNlsBh6PE__bMN6phN8EJeeUBs

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.292/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab1e234f4529e8191c46812321a92eca0baae093d77c4ae91cbd07e942535669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/ef10be3fb5334600b3172524500913d3?uuid=2930a6279dee4e7ba1e791337d5dd848&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=newyearseve.winstar.com&inApp53=false&messagesUtk=ef10be3fb5334600b3172524500913d3&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0cbee2c0-4402-43e9-b5b5-f38d3cf5ef2d
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BB9E747842D97EA908CDB48EA7165D9A051AEC54A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLye8P2f5qLTUoXWjqiuTBspLSr9aJoahgh1Mxw%2BBwE3iFQin22gLu4P5dj%2BSplMWC%2FHxp2kePgcHwenzGnpabZ2Fo55N6OkDtC7IEIiGZFPK12HnKIAbQMhVcR5GQTQKz97BAi0jNJcxCLoKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 7abf51dbca3935fa-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame F2D4 1 KB
1 KB 107ms
106ms Document
text/html 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1489258101&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPTnyqnn7_0CFQHQmgod6qoJTg%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d9099173273512%3bgtm%3d45He33k0%3bauiddc%3d2090489525.1679497388%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2d2a2a76bb8a87c37f4cc221efde6cc4a525d977fc0b1a7dcae7ddb87036901e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 15:03:09 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame F2D4 1 KB
2 KB 48ms
48ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506424&mt_adid=241848&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1489258101&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPTnyqnn7_0CFQHQmgod6qoJTg%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d9099173273512%3bgtm%3d45He33k0%3bauiddc%3d2090489525.1679497388%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x34 config_version:"unknown" /
Resource Hash: 899f537658745eb86f9fa87a42ade9f809d21f98314865dc623c4d5322178dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:09 GMT
Server: MT3 622 a74c1f2 master cdg-pixel-x34 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1439
Expires: Wed, 22 Mar 2023 15:03:08 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame FA19 677 B
1 KB 33ms
32ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241848&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506424&mt_adid=241848&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x33 config_version:"unknown" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Wed, 22 Mar 2023 15:03:09 GMT
Expires: Wed, 22 Mar 2023 15:03:08 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 622 a74c1f2 master cdg-pixel-x33 config_version:"unknown"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame F2D4 0
492 B 32ms
31ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1489258101&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPTnyqnn7_0CFQHQmgod6qoJTg%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d9099173273512%3bgtm%3d45He33k0%3bauiddc%3d2090489525.1679497388%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x35 config_version:"unknown" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:09 GMT
Server: MT3 622 a74c1f2 master cdg-pixel-x35 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 22 Mar 2023 15:03:08 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame FA19 0
492 B 32ms
32ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241848&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 622 a74c1f2 master cdg-pixel-x12 config_version:"unknown" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=a48d641b-18ac-4200-8889-e4884ede9c1b&no_iframe=1&mt_adid=241848&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:03:09 GMT
Server: MT3 622 a74c1f2 master cdg-pixel-x12 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 22 Mar 2023 15:03:08 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
437 B 141ms
139ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=4132260&ct=standard-page&ccu=https%3A%2F%2Fnewyearseve.winstar.com%2F404&lvc=en&pu=https%3A%2F%2Fnewyearseve.winstar.com%2F&cts=1679497389682&vi=97683e552085fa8b24db48c130678956&nc=true&u=40036989.97683e552085fa8b24db48c130678956.1679497389678.1679497389678.1679497389678.1&b=40036989.1.1679497389678&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 84ba0abc-7a20-4e0f-994a-1f064adc1b99
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyjvRqYnD%2Be1sq2dQqtIpmtfxWtLtiy6dkqRmaG5PXDX891dV5As9BhLw8J6FwDue%2Bhei3gmxsjK7LjOE9CeLpcuXngb5qIEigYq%2BCgPjPhJOuGpGuMGZ0x14IVU9GH9s4ZcJ7UnAPqYpxSg6B43"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7abf51dd9cc835fa-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 220 B
1 KB 481ms
429ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4132260&utk=97683e552085fa8b24db48c130678956&__hstc=40036989.97683e552085fa8b24db48c130678956.1679497389678.1679497389678.1679497389678.1&__hssc=40036989.1.1679497389678&contentId=null&currentUrl=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6995671a1c960d6be8e2741e979c679bf3f1204ab47d2870165c8a9e70f69501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3d62f308-4f44-4db8-b74d-a13b1a343122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://newyearseve.winstar.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XW%2FxBYP%2FscFfJrs5tsajnYtfi4IeLxwE0iJlX1ceiFrPTr%2FQn5FRG8waigSGXcSUdAsYZsGNm9Z9wz6VmD5onEmeX1nhtmcdE6y5397qJZBsRUK1d2I%2BXBXMvPz%2BM%2Fa4q6EsW6ngfx5jj14ED74V"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7abf51ddfd4a5bf1-FRA

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 124ms
43ms Script
text/javascript 2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e883e2f7756a89ffc5c6762792b18e8f3e92316c7e2e1fd92f487a9acfabf53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: XeQrim4dk9MkkbNLmy.58peQe_oovwl8
Content-Encoding: gzip
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Date: Wed, 22 Mar 2023 14:43:26 GMT
Age: 1184
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 09 Mar 2023 23:45:41 GMT
Server: AmazonS3
Etag: W/"19ec07fb842a6e7506aa17575241300d"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: WgrqeCwHe18p-UG3D9Z1qN7Xf-pzC_41ZGDQr46z-upJrW8jDlh8Nw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/2EXMERFAKVBCLKX2AY3NF3/ 42 B
799 B 25ms
25ms Script
application/javascript 2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/2EXMERFAKVBCLKX2AY3NF3/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: MQGNULw7XoIBYVTu8kawS8VvFFdBUhB2
Date: Tue, 21 Mar 2023 23:48:50 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 54860
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 42
Last-Modified: Thu, 02 Mar 2023 00:12:19 GMT
Server: AmazonS3
Etag: "2ff5e20519778d0385c77e7f6e12de10"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ENJEeujSU30ma4bfoQ-mrrrTt2118_tc_cqu5Qf9kpo6yNfzz7Kkkg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

30ms
27ms

Script
application/javascript

2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Tue, 21 Mar 2023 22:24:19 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 59932
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZJnE2FaMsLLpQTQVxApbBCoklGC6NpXvDAEHXaMzB1oomzjizSlr-A==

Redirect headers

Date: Wed, 22 Mar 2023 02:59:09 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 43439
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: UJPrG3vYMpynwGbH45XvE1isd-c069ODusTrOfJpCEYJZBf9RKZ0Ww==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/ 0
809 B 69ms
21ms Script
text/javascript 2600:9000:225e:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: B0Cavvm9.50Jxvpxr8P7X81X77uhQQsC
Date: Wed, 22 Mar 2023 14:34:16 GMT
Via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
Age: 1734
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 18 Mar 2023 23:07:57 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 9fibt7kFfKKl082RPVFDy-ccpYUA1zIR24aniBgrhpeCsTkRJcr_xg==

GET
H2 200 2EXMERFAKVBCLKX2AY3NF3 Show response
d.adroll.com/consent/check/ 466 B
559 B 164ms
49ms Script
application/javascript 2a05:d018:cc3:fe05:55e3:fad:f8b3:1da2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2EXMERFAKVBCLKX2AY3NF3?pv=7765324983.766098&arrfrr=https%3A%2F%2Fnewyearseve.winstar.com%2F&_s=16546c9a9575efad11a8bdb16d922e1c&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:55e3:fad:f8b3:1da2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 9b7a1f43b932f31920467132d66cbbc21fe0ed6a83e2f6a72a3816b041fe613d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:03:10 GMT
server: nginx/1.22.1
content-length: 466
content-type: application/javascript

POST
H3 200 perf Show response
newyearseve.winstar.com/_hcms/ 2 B
599 B 424ms
424ms XHR
text/plain 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/_hcms/perf

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 22 Mar 2023 15:03:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4ee22cfb-d508-4605-836f-608938e70e50
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
server: cloudflare
x-trace: 2B92EFEE7130B98611586DF72546F536091BCC9346000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lf7c0u8HgEgRogpdE9ABobVOdIy4lZPHUDhXKLic7fvkWCMZrNUNSbm1ePlhJHv%2FeamlYZBowP9j8UsV55vJoRNMAsVJHGN1MNzGcUQ3edP1PKfH%2BlE3Koim835KQLL0A4D%2Fb3oM5VrrU0Gdt92y40VxoOB"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
cf-ray: 7abf51f04c4b36dd-FRA
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newyearseve.winstar.com/	1970-01-20 10:31:39	Name: __cf_bm Value: dcQXigj_.5MDQNBHZQskgoxxD9Em6uvBjKnOs5bh1E0-1679497387-0-ATxLIRSf1NtI4T8l7/QVeNPxWfbDDYaccsNLUm14t2+peLv7Peu3e8wJJIDwElbRwZW4c5xk9cZmfb6SnovjTS0=
.newyearseve.winstar.com/	1969-12-31 23:59:59	Name: __cfruid Value: bc262da0ab74ed11ee1188f93d6a3e656513df95-1679497387
.winstar.com/	1970-01-20 12:41:13	Name: _gcl_au Value: 1.1.2090489525.1679497388
.winstar.com/	1970-01-20 10:33:03	Name: _gid Value: GA1.2.145404646.1679497388
.winstar.com/	1970-01-20 10:31:37	Name: _dc_gtm_UA-28262588-1 Value: 1
.winstar.com/	1970-01-20 20:07:37	Name: _ga_1LWDFVQ2YJ Value: GS1.1.1679497387.1.0.1679497387.60.0.0
.winstar.com/	1970-01-20 20:07:37	Name: _ga_M62JR698ND Value: GS1.1.1679497387.1.0.1679497387.0.0.0
.winstar.com/	1970-01-20 19:17:13	Name: calltrk_referrer Value: direct
.winstar.com/	1970-01-20 19:17:13	Name: calltrk_landing Value: https%3A//newyearseve.winstar.com/
.winstar.com/	1970-01-20 12:41:13	Name: _fbp Value: fb.1.1679497387990.496896968
.doubleclick.net/	1970-01-20 19:53:13	Name: IDE Value: AHWqTUk08VdUMdgvTjPNmDyMkDqSIk9W-Qye78CslkaHjomOVwdd6qkSnooVrOCh2cw
.simpli.fi/	1970-01-20 19:18:39	Name: suid Value: 173E3A654CCD4EB0BCB2CD0333DD45DC
newyearseve.winstar.com/	1969-12-31 23:59:59	Name: ga_events Value: %5B%7B%22clientId%22%3A%22282959067.1679497388%22%2C%22trackingId%22%3A%22UA-28262588-1%22%2C%22name%22%3A%22gtm2%22%7D%5D
newyearseve.winstar.com/	1969-12-31 23:59:59	Name: ga_gtm Value: %5B%7B%22measurementId%22%3A%22G-1LWDFVQ2YJ%22%7D%5D
.mathtag.com/	1970-01-20 19:57:32	Name: uuid Value: a48d641b-18ac-4200-8889-e4884ede9c1b
tags.srv.stackadapt.com/	1970-01-20 19:17:13	Name: sa-user-id Value: s%3A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%2Faga9C1DPqZMyOs
tags.srv.stackadapt.com/	1970-01-20 19:17:13	Name: sa-user-id-v2 Value: s%3AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
.srv.stackadapt.com/	1970-01-20 19:17:13	Name: sa-user-id-v2 Value: s%3AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
.mathtag.com/	1970-01-20 11:14:49	Name: mt_misc Value: mt_bt:1
.hubspot.com/	1970-01-20 10:31:39	Name: __cf_bm Value: oFS1ixX4_oeatFlRZmiZIZ5DGf6CqI2B9blOvsBpfRk-1679497388-0-AXLKE3nzwwdTIhNdtdZuTfcKwm6Ql0WkV+yaJ9EKGq6KZSX+WzNoj4hZpE58S5t/cThFqPbNLkRlXOkI0IR/3Zs=
.winstar.com/	1970-01-20 20:07:37	Name: _ga Value: GA1.2.282959067.1679497388
.winstar.com/	1970-01-20 10:31:37	Name: _gat Value: 1
.adform.net/	1970-01-20 11:16:12	Name: C Value: 1
.adform.net/	1970-01-20 11:57:57	Name: uid Value: 1855677811564604733
.newyearseve.winstar.com/	1970-01-20 14:50:49	Name: messagesUtk Value: ef10be3fb5334600b3172524500913d3
.winstar.com/	1970-01-20 14:50:49	Name: __hstc Value: 40036989.97683e552085fa8b24db48c130678956.1679497389678.1679497389678.1679497389678.1
.winstar.com/	1970-01-20 14:50:49	Name: hubspotutk Value: 97683e552085fa8b24db48c130678956
.winstar.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.winstar.com/	1970-01-20 10:31:39	Name: __hssc Value: 40036989.1.1679497389678

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newyearseve.winstar.com/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10388130.fls.doubleclick.net
6820846.fls.doubleclick.net
a2.adform.net
action.dstillery.com
action.media6degrees.com
adservice.google.com
app.hubspot.com
cdn.callrail.com
cdn.calltrk.com
cdn2.hubspot.net
connect.facebook.net
d.adroll.com
ds.reson8.com
f.hubspotusercontent10.net
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.usemessages.com
newyearseve.winstar.com
pixel.mathtag.com
pixelconnector.adready.com
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
s2.adform.net
static.hsappstatic.net
stats.g.doubleclick.net
tag.simpli.fi
tags.srv.stackadapt.com
track.hubspot.com
tracker.adreadyclick.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.18.5.236
104.18.8.110
142.250.185.98
142.250.186.70
18.66.112.81
18.66.112.82
185.167.164.37
2.18.233.201
2001:4860:4802:32::36
2001:4860:4802:34::36
2600:9000:225e:ca00:6:9280:1080:93a1
2606:2c40::c73c:67e1
2606:4700:20::ac43:4ae4
2606:4700:4400::ac40:9a55
2606:4700::6810:d6ed
2606:4700::6811:47b0
2606:4700::6811:9d2
2606:4700::6811:d4cc
2606:4700::6811:eacc
2606:4700::6811:edcc
2606:4700::6811:f2cc
2606:4700::6812:16ea
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe05:55e3:fad:f8b3:1da2
3.234.40.38
34.90.223.176
37.157.6.236
0300214e11b240e10522e4f1ad62ec169cc2aaf02d2baf2da0a549684fd9a4d1
06f7242553004cc6f2bf0b6c731973cae16385d93af76f9aab745a275bbe0b52
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0afca55e35bcedc4ed3d17d5986f96f4d4578edafbc4f641c4377307cdaafc70
0cffef7e9bd43b63fd99014a053a6bc856ab6b8b6f53ae4e0831df562d8bd8d7
0e3fb5b38a0738a68fe363f835acd6291a6da3227077d22c72dd4f401a364763
12836c9d1bd93e83ff19fccb8531be65e2885305703d2e7311040bc698211a6a
16b2bd1012e3f875671efff1ac63034c8895ed0157ef22b4c0d8bc8cde314efa
18e476a0f9afe0bcdd6d065b3c328240b44fb8e603898d6d50a42ab52a5f082a
1e883e2f7756a89ffc5c6762792b18e8f3e92316c7e2e1fd92f487a9acfabf53
23d8306bd4ee9c279fe3fde6fa7492d96bbfcea6885ab14585b23bbdaf4dec10
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
268a0b6dc8101ab696b0fe007013c8f7e0efd82fa6f6fe163ef25977b547b76c
2712f872a8662d4be24e5714ae1ef301eb55eec7937a5fe8510ccc30c778d0e1
29ea81087fea17cbdb5c82e749ddbe94d566aad0c9f937061853466a89ec8836
2d2a2a76bb8a87c37f4cc221efde6cc4a525d977fc0b1a7dcae7ddb87036901e
34d4be36c17e8e93b4aeebc9641afe9bb677cb06f157e33e20c08e485c4a13c8
3522c88ce5bdd64ccdd98bb9a4f857492a404caf6837f902cb4cb0a2d1e2cc5f
358757a51baa321e224b7a54b46f768d49138a91b43172a04a36b3065f39f50f
36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66
3a5d0d8b771e48a0ba79e62ac22f72bfe276e344269d357265cdf7e881772e24
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56
42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d
4ba688650b4ecfebfd260cfff27e2f7f490e1b0ab9ffb4c9edfac5a9388789b7
54b92b2b1bf35aa9222c80300713b56dc6ea35151d7844e10de92d55389fa019
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59fc74ed90be0e8b1d4b1373abfbfa0f073b68a77b123f0ede06f440eb030c33
5dcb960d6bdee6d0ab0404ef26ad1cbf28123fe83cf740ff1d6c665f4552984f
619a66c6578804076873b784af0ca94ae10caa2836883e3777bab7a230c293e4
644cd051e1a99703736b2f4a00b68031af230af72b5ee80137b7146e676802a6
6995671a1c960d6be8e2741e979c679bf3f1204ab47d2870165c8a9e70f69501
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7649adfc612321d734d9a455897d0e9583f67df1a82cf6163ec2e4afed9b0833
770f705e32e64462a1d1a49807dc94e93b8550e421f45662de9575e743e9f9f8
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7c37e3627758ae8eee1bc7eae847d199e83c32ae218d84ad29c7bdd336b1a866
82262aacb94b381a117602983f76746d67fc69619d96f0df36a3e7dc58b51f3f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
899f537658745eb86f9fa87a42ade9f809d21f98314865dc623c4d5322178dcf
8aa47cfb176e0b8f1e4ac5ca452888fb45222a802e555a3368460b70c3b8d065
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8dc781ef4d0b5bdd66aaf381627a9af48dbb71d7ba1d67074b5f4cd2ea83c7bc
9293649926b2fefcc745d0745f7069515068d051a0e5da1a8af0099fcbc2a285
984b134a9134ac38373d66422300eaf42b8c3c1c6dd77f00c1a95651a35bcaed
99bab4b1541e206ab32cf8350e893eb7d1cb8d0edf36bd6ddc1066354cef2747
9b511f6463d3155644be8d92f3c433fc4053b510421a9d8fc38b3f76cbbe0cea
9b7a1f43b932f31920467132d66cbbc21fe0ed6a83e2f6a72a3816b041fe613d
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a489afde8eed87c9677b973486044d861c34dc7d530b29adc088eadbfcafd9b6
a6bbb4c2632625af6166ce6afeb938f4ea69dec1d6d9dcda8d365aa441193077
aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb
aa11682b5c2802e18d528764795a15a0439bf72e16522b90b92d78f2732c44f5
ab1e234f4529e8191c46812321a92eca0baae093d77c4ae91cbd07e942535669
ab8a2d1550f03c4243fca644a5edbe0a99a1bca8154c09c3476d734ab4c9496d
ac5cd0a9d9ccdea72b6a8280e580343d2058ca76e4c000aa811b3e53bca94d9f
ae99a31c8e61a3f9366b1ea00ccea113f6a9a3999c8256c3eb4b23f5ee1b7b90
aebc2f19db59d3749ca5ee57a902efd314811600d814e78528c0d10411dbdbb7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b622bee1109736d0daccea46195fb72dc39651d33b5055d88b37c6f1babb3d5e
b9a2ceff9fb1938f6a9a7199ac741bd480d0f1c256582f498c5721b4e962b393
bf6c5a41e84fdb09a39c5e8b6b2266226978cd99f686d28f5095494fb688f6e1
c1a7e22aaff8ae13a0e2998dec60d2b1e5195f35269db59f4a9bb7c78a02fd5b
c25cc32f42fd9b9e9026d7361bb2ffe2578957c27765dd25335739a05ee32b67
c4f475146a0fcff8471ca0cae826dcd90da49b3deed8066db05e4fcc28e726b2
c67be5c64cb2ea58e769dbdf3b2fa46c6c1490828fe2a128622b721fd9f43acc
ce985f900e99d5767a359e6fe93df21a186f81c838ccc6f7fe30b87fe83e0165
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790
d7fc7e6f55c0557187e771053814d3308b9c7c5407ad4f4c2a00379e208578e7
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd73e14b3a25c8e9146f1b32027d7248e6611e9f6326217f839abe7daaaeeb03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4354ecdec55d8fd39c011ac18bbc55330078e4ed25ce8e389ecddf76ec65389
e5d2c9a20e53aef32b8920baf56170e2eee95e352dc42bba73dcabbc3a5e89b8
e6e7e6e02ccc18372b8ffc572ed716b7ce25c4ad303dc5b67187be2f3e90bf04
e9d957237d81e87709bfd818c28ece38bcc35f71c16ed0b70c4eace4d755cc28
ea143bf0d3e9b50d179009f140a80d5d5dc9bfac245bbf3543ce275ddb5c6819
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4701655ae7ea0774fd51ced0d4e081701c5129b57a2983e9570a70d3286220c
f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9
f971e9199df3c405a613ab627eb68c2ee8ed44267b7d86add46f20ce7ccf2490
fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fce0755677e0c97a66300b8346a0882e8a01df4f54147a6ef6e494cff162796a
fcf824312f02027d0465d66db66e2a162385246064153e2b63a439233feafccd
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

newyearseve.winstar.com Open in urlscan Pro 2606:2c40::c73c:67e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

96 %HTTPS

71 %IPv6

31 Domains

41 Subdomains

38 IPs

7 Countries

1416 kBTransfer

4003 kBSize

29 Cookies

91 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newyearseve.winstar.com Open in urlscan Pro
2606:2c40::c73c:67e1 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

96 %
HTTPS

71 %
IPv6

31
Domains

41
Subdomains

38
IPs

7
Countries

1416 kB
Transfer

4003 kB
Size

29
Cookies

119 HTTP transactions
1 data transactions