urlscan.io logo urlscan.io
SecurityTrails logo

europe.winestle.com Open in urlscan Pro
13.52.238.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://europe.winestle.com/
Effective URL: https://europe.winestle.com/
Submission: On December 23 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 5 countries across 33 domains to perform 190 HTTP transactions. The main IP is 13.52.238.177, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is europe.winestle.com.
TLS certificate: Issued by R3 on December 4th 2021. Valid for: 3 months.
This is the only time europe.winestle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 13.52.238.177 16509 (AMAZON-02)
7 192.0.77.37 2635 (AUTOMATTIC)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
30 192.0.77.2 2635 (AUTOMATTIC)
14 2a00:1450:400... 15169 (GOOGLE)
1 139.45.197.234 9002 (RETN-AS)
1 142.250.185.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 139.45.197.237 9002 (RETN-AS)
11 139.45.197.250 9002 (RETN-AS)
6 139.45.197.239 9002 (RETN-AS)
3 139.45.195.8 9002 (RETN-AS)
1 148.69.64.76 12353 (VODAFONE-...)
1 139.45.197.243 9002 (RETN-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.197.163 9002 (RETN-AS)
2 9 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 139.45.195.254 9002 (RETN-AS)
5 188.72.201.86 35415 (WEBZILLA)
2 2a00:1450:400... 15169 (GOOGLE)
3 139.45.197.240 9002 (RETN-AS)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 52.29.77.212 16509 (AMAZON-02)
4 142.250.185.162 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 139.45.197.156 9002 (RETN-AS)
190 36
19    13.52.238.177 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-238-177.us-west-1.compute.amazonaws.com
europe.winestle.com
7    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
15    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2606:4700:20::681a:d76 (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
2    2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
30    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i1.wp.com
i0.wp.com
i2.wp.com
14    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)
bedrapiona.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
dozubatan.com
11    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
pseepsie.com
6    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
toglooman.com
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    148.69.64.76 (Rio Tinto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
1    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
1    2606:4700:3033::ac43:b4cb (United States)

ASN13335 (CLOUDFLARENET, US)
tagcachestaticx.com
1    139.45.197.163 (United Kingdom)

ASN9002 (RETN-AS, GB)
wholenicenews.com
9    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
17    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
tagcachedataxrt.com
5    188.72.201.86 (Netherlands)

ASN35415 (WEBZILLA, NL)
interstitial-07.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)
propeller-tracking.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.29.77.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-77-212.eu-central-1.compute.amazonaws.com
d.agkn.com
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
Apex Domain
Subdomains		 Transfer
39 wp.com
c0.wp.com
stats.wp.com
i1.wp.com
i0.wp.com
i2.wp.com
pixel.wp.com
621 KB
32 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
379 KB
19 winestle.com
europe.winestle.com
257 KB
15 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
110 KB
12 google.com
adservice.google.com
www.google.com
37 KB
11 pseepsie.com
pseepsie.com
56 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
77 KB
6 littlecdn.com
littlecdn.com
167 KB
6 toglooman.com
toglooman.com
129 KB
6 dozubatan.com
dozubatan.com
31 KB
5 interstitial-07.com
interstitial-07.com
159 KB
3 propeller-tracking.com
propeller-tracking.com
4 KB
3 googletagservices.com
www.googletagservices.com
110 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 rtmark.net
my.rtmark.net
2 KB
3 google.co.uk
adservice.google.co.uk
1 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 tagcachedataxrt.com
tagcachedataxrt.com
489 B
2 cleverwebserver.com
scripts.cleverwebserver.com
ui.cleverwebserver.com
52 KB
2 google-analytics.com
www.google-analytics.com
20 KB
1 cdnativepush.com
static.cdnativepush.com
3 KB
1 rubiconproject.com
pixel.rubiconproject.com
463 B
1 openx.net
rtb.openx.net
351 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
d.agkn.com
761 B
1 quantserve.com
cms.quantserve.com
465 B
1 wholenicenews.com
wholenicenews.com
1 tagcachestaticx.com
tagcachestaticx.com
19 KB
1 onmarshtompor.com
onmarshtompor.com
2 KB
1 clevernt.com
sender.clevernt.com
101 B
1 googleadservices.com
partner.googleadservices.com
645 B
1 bedrapiona.com
bedrapiona.com
2 KB
1 iclickcdn.com
iclickcdn.com
24 KB
190 33
Domain Requested by
19 europe.winestle.com 1 redirects europe.winestle.com
17 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 pagead2.googlesyndication.com europe.winestle.com
pagead2.googlesyndication.com
tagcachestaticx.com
googleads.g.doubleclick.net
www.gstatic.com
www.googletagservices.com
tpc.googlesyndication.com
13 i0.wp.com europe.winestle.com
11 pseepsie.com iclickcdn.com
pseepsie.com
europe.winestle.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
europe.winestle.com
googleads.g.doubleclick.net
9 www.google.com 2 redirects europe.winestle.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 i1.wp.com europe.winestle.com
8 i2.wp.com europe.winestle.com
7 www.gstatic.com googleads.g.doubleclick.net
7 c0.wp.com europe.winestle.com
6 littlecdn.com europe.winestle.com
interstitial-07.com
dozubatan.com
6 toglooman.com iclickcdn.com
toglooman.com
6 dozubatan.com iclickcdn.com
dozubatan.com
5 interstitial-07.com toglooman.com
interstitial-07.com
4 cm.g.doubleclick.net europe.winestle.com
googleads.g.doubleclick.net
3 propeller-tracking.com interstitial-07.com
propeller-tracking.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 my.rtmark.net iclickcdn.com
europe.winestle.com
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.co.uk pagead2.googlesyndication.com
2 image6.pubmatic.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 tagcachedataxrt.com tagcachestaticx.com
2 www.google-analytics.com europe.winestle.com
www.google-analytics.com
1 static.cdnativepush.com
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 wholenicenews.com iclickcdn.com
1 tagcachestaticx.com dozubatan.com
1 onmarshtompor.com iclickcdn.com
1 sender.clevernt.com europe.winestle.com
1 ui.cleverwebserver.com europe.winestle.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 bedrapiona.com iclickcdn.com
1 pixel.wp.com europe.winestle.com
1 scripts.cleverwebserver.com europe.winestle.com
1 iclickcdn.com europe.winestle.com
1 stats.wp.com europe.winestle.com
190 43

This site contains no links.

Subject Issuer Validity Valid
europe.winestle.com
R3		 2021-12-04 -
2022-03-04		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-12 -
2022-10-11		 a year crt.sh
bedrapiona.com
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
dozubatan.com
R3		 2021-12-07 -
2022-03-07		 3 months crt.sh
pseepsie.com
R3		 2021-11-04 -
2022-02-02		 3 months crt.sh
toglooman.com
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh
onmarshtompor.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
wholenicenews.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tagcachedataxrt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-09 -
2022-10-09		 a year crt.sh
interstitial-07.com
R3		 2021-10-13 -
2022-01-11		 3 months crt.sh
propeller-tracking.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-22 -
2022-11-06		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
cdnativepush.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://europe.winestle.com/
Frame ID: 831BF0D0C5C6299B8A4646C4FA8D0746
Requests: 110 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 758B8A26B7613E1893056870AE691E6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&adk=1812271804&adf=3025194257&lmt=1640288506&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Feurope.winestle.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288506003&bpp=3&bdt=573&idt=230&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5714528516097&frm=20&pv=2&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=251
Frame ID: D5CCF6202858E26EF96A3B5895895779
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Frame ID: B0437C02E56CAC9875D8189CFF98AA36
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 29F7088E580A646EC1FAF578DB545C69
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 482A5B251C3063212BFB447CE69EEBF0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C9DB9B09A5FD903BB0EA716BBF4BC97E
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Frame ID: 6AC69B99D11E5E222D1111DA9E5207B9
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 216C9B79A67940CA5CE60E55E73F215E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B804704F5228E459AA5AF4FE949A39FE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 4636E0B5C6769E041DB989036C1FDCA6
Requests: 1 HTTP requests in this frame

Frame: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: 38F7A285A48F575605B7458801094DDA
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 248DB47868015C86C2C013FE1E3A044C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 6388E40358235175FB74194A8310E994
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 004861FDB48A180A48824686387A4CD9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C76BAACB7E6C6CFF52922126EBADD3F
Requests: 2 HTTP requests in this frame

Frame: https://littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/01020141423258.png
Frame ID: 0766810ACFF83896A0018AE48EE5C577
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Homepage - Winestle News Europe

Page URL History Show full URLs

  1. http://europe.winestle.com/ HTTP 301
    https://europe.winestle.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

98 %
HTTPS

39 %
IPv6

33
Domains

43
Subdomains

36
IPs

5
Countries

2266 kB
Transfer

4933 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://europe.winestle.com/ HTTP 301
    https://europe.winestle.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 130
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 164
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFwgGLfF9zLEfw9wx6Encq8&google_cver=1&google_push=AYg5qPJZr_yuTS6jDMgKU7UpOy2J8p19TEMxfOPbtghOHuPzRHRKP7QYhaMVD6qR3LbDPTPGLN95otMoFtYequhUeKwMTbjFMa1b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJZr_yuTS6jDMgKU7UpOy2J8p19TEMxfOPbtghOHuPzRHRKP7QYhaMVD6qR3LbDPTPGLN95otMoFtYequhUeKwMTbjFMa1b&google_hm=Q0FFU0VGd2dHTGZGOXpMRWZ3OXd4NkVuY3E4
Request Chain 167
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELAAdXLttuWbmr85wvyQINk&google_cver=1&google_push=AYg5qPIakPctIbyJpUI5gH16KUYJPpqVNzyYy8gFUISjE9dNl5Kdp_lDlgRHeQJYOS6OejMl7sl4mNFhlL9VOfSzH1ifs17-PXQf HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELAAdXLttuWbmr85wvyQINk&google_cver=1&google_push=AYg5qPIakPctIbyJpUI5gH16KUYJPpqVNzyYy8gFUISjE9dNl5Kdp_lDlgRHeQJYOS6OejMl7sl4mNFhlL9VOfSzH1ifs17-PXQf&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3w9dibmjSHOx-truA54yLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIakPctIbyJpUI5gH16KUYJPpqVNzyYy8gFUISjE9dNl5Kdp_lDlgRHeQJYOS6OejMl7sl4mNFhlL9VOfSzH1ifs17-PXQf
Request Chain 168
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLHcJ-lzHx7XtzpikXDx4E&google_cver=1&google_push=AYg5qPIvQbrC9c6TkSjXGnO2vcAdXHXi90hxoBYzFlGjQcWSHr8LB-XDWuOv-9pxjqCexCPRVYj-_7Ls2TExrNdOioWwODzXzX-Kpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKREZESE4tMjMtRjFBRA==&google_push=AYg5qPIvQbrC9c6TkSjXGnO2vcAdXHXi90hxoBYzFlGjQcWSHr8LB-XDWuOv-9pxjqCexCPRVYj-_7Ls2TExrNdOioWwODzXzX-Kpw
Request Chain 169
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_cver=1&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1

190 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
europe.winestle.com/
Redirect Chain
  • http://europe.winestle.com/
  • https://europe.winestle.com/
326 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
e981fe6cc545f5c582b88a68c71694233745fa62fc54024e5d4ac1b259b4df49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
link
<https://europe.winestle.com/wp-json/>; rel="https://api.w.org/" <https://europe.winestle.com/wp-json/wp/v2/pages/39>; rel="alternate"; type="application/json" <https://wp.me/PdqIRP-D>; rel=shortlink
content-encoding
gzip
vary
Accept-Encoding
content-length
32383
date
Thu, 23 Dec 2021 19:41:45 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

content-type
text/html; charset=UTF-8
x-redirect-by
WordPress
location
https://europe.winestle.com/
content-length
0
date
Thu, 23 Dec 2021 19:41:43 GMT
server
LiteSpeed
connection
Keep-Alive
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:41:45 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:41:45 GMT
style.min.css
europe.winestle.com/wp-content/plugins/lets-info-up/frontend/css/ 		3 KB
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/plugins/lets-info-up/frontend/css/style.min.css?ver=1.4.6
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
d2b716c8e60d99ff6f4252f58cb9c9612ea525e421e6d61490e7f49a2c351aba

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Thu, 12 Aug 2021 13:28:14 GMT
server
LiteSpeed
etag
"bf3-611521ee-1d0f665;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
776
expires
Thu, 30 Dec 2021 19:41:45 GMT
style.min.css
europe.winestle.com/wp-content/plugins/lets-live-blog/frontend/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/plugins/lets-live-blog/frontend/css/style.min.css?ver=1.2.0
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
ad293ae72ab30f2459d65c438da017fb944577514c789f2053747d38a7bb4457

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Thu, 12 Aug 2021 13:28:18 GMT
server
LiteSpeed
etag
"25a4-611521f2-1e07f72;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1873
expires
Thu, 30 Dec 2021 19:41:45 GMT
style.min.css
europe.winestle.com/wp-content/themes/zeen/assets/css/ 		356 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/css/style.min.css?ver=4.0.9.3
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
9129c109e29ecd1817d0cb37d1fb3443e3d6a12dae36ff05a275b9ba481ee972

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Fri, 02 Apr 2021 15:31:40 GMT
server
LiteSpeed
etag
"58f14-606738dc-1e08333;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
59379
expires
Thu, 30 Dec 2021 19:41:45 GMT
dark.min.css
europe.winestle.com/wp-content/themes/zeen/assets/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/css/dark.min.css?ver=4.0.9.3
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
8d002423a54c1a6dc121d6afd4cc71a18737362c82eb70c5c379eb78c7c7c37d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 17:34:54 GMT
server
LiteSpeed
etag
"3bd0-60b7c13e-1e08331;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2237
expires
Thu, 30 Dec 2021 19:41:45 GMT
jetpack.css
c0.wp.com/p/jetpack/10.2/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.2/css/jetpack.css
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 19:34:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:41:45 GMT
jquery.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:41:45 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:41:45 GMT
login-with-ajax.js
europe.winestle.com/wp-content/themes/zeen/plugins/login-with-ajax/ 		2 KB
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/plugins/login-with-ajax/login-with-ajax.js?ver=3.1.11
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
ea6ea01b5ab23276a8aeb42c4b56ca515fb0731a80b530b2fc05c34f1a362179

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Sat, 12 Dec 2020 18:16:24 GMT
server
LiteSpeed
etag
"850-5fd508f8-1e08711;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
690
expires
Thu, 30 Dec 2021 19:41:45 GMT
tipi.woff2
europe.winestle.com/wp-content/themes/zeen/assets/css/tipi/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/css/tipi/tipi.woff2?9oa0lg
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
eac7206bbed48c1c84d787ea935299c7e6e8ad459457b67db7e27e998cbeab4d

Request headers

Referer
https://europe.winestle.com/
Origin
https://europe.winestle.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
last-modified
Fri, 05 Mar 2021 10:18:56 GMT
server
LiteSpeed
etag
"3da8-60420590-1e08338;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
15784
expires
Thu, 30 Dec 2021 19:41:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377509529524445
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19c528106b3b64f22ce3e6eff0349438edaa2dbf29370df86eee22825ca1239c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://europe.winestle.com/
Origin
https://europe.winestle.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51806
x-xss-protection
0
server
cafe
etag
1935791069443754771
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 19:41:45 GMT
wp-emoji-release.min.js
europe.winestle.com/wp-includes/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Wed, 09 Jun 2021 01:15:12 GMT
server
LiteSpeed
etag
"4705-60c01620-1e094cd;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4511
expires
Thu, 30 Dec 2021 19:41:45 GMT
photon.min.js
c0.wp.com/p/jetpack/10.2/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.2/_inc/build/photon/photon.min.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:41:45 GMT
functions.min.js
europe.winestle.com/wp-content/plugins/lets-live-blog/frontend/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/plugins/lets-live-blog/frontend/js/functions.min.js?ver=1.2.0
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
756387852aec9c187327bfa587b6a252886dff244a3f1766df571549e81f3c49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Thu, 12 Aug 2021 13:28:18 GMT
server
LiteSpeed
etag
"ed9-611521f2-1e07f8c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1285
expires
Thu, 30 Dec 2021 19:41:45 GMT
gsap.min.js
europe.winestle.com/wp-content/themes/zeen/assets/js/gsap/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/js/gsap/gsap.min.js?ver=3.6
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
d7d3820cac85b4f074f0801e3c87c8c3b37b28730bfadefe6ea9a921bfce34bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Wed, 24 Feb 2021 12:17:18 GMT
server
LiteSpeed
etag
"f396-603643ce-1e086f8;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
23932
expires
Thu, 30 Dec 2021 19:41:45 GMT
ScrollTrigger.min.js
europe.winestle.com/wp-content/themes/zeen/assets/js/gsap/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/js/gsap/ScrollTrigger.min.js?ver=3.6
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
a0ed648b3788cb18d61d64d9ba4e0ca4f9deb73fa45c5d421dddec79c710f091

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Wed, 24 Feb 2021 12:15:24 GMT
server
LiteSpeed
etag
"502c-6036435c-1e086f9;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8814
expires
Thu, 30 Dec 2021 19:41:45 GMT
js.cookie.min.js
europe.winestle.com/wp-content/themes/zeen/assets/js/ 		2 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/js/js.cookie.min.js?ver=2.2.1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
e94d9d4dc2b917019e391f381898fb6a4b74937d274f17001cbaf63ffefcf5df

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Thu, 06 Aug 2020 17:31:30 GMT
server
LiteSpeed
etag
"65f-5f2c3e72-1e086fd;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
772
expires
Thu, 30 Dec 2021 19:41:45 GMT
imagesloaded.pkgd.min.js
europe.winestle.com/wp-content/themes/zeen/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/js/imagesloaded.pkgd.min.js?ver=4.1.4
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
21d86ec39200e69c8758314c29df763ef2f7d362df0a85cb0b104c9647b4ed94

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Thu, 06 Aug 2020 19:04:06 GMT
server
LiteSpeed
etag
"15ca-5f2c5426-1e086ef;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1711
expires
Thu, 30 Dec 2021 19:41:45 GMT
menu-aim.min.js
europe.winestle.com/wp-content/themes/zeen/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/js/menu-aim.min.js?ver=1.9.0
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
077f77c9c36b6609c8aee82deb6ca41f0d4e20dbd30eecd0e77771fd09a87655

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Tue, 14 Jan 2020 18:19:28 GMT
server
LiteSpeed
etag
"119f-5e1e0630-1e086f3;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1336
expires
Thu, 30 Dec 2021 19:41:45 GMT
functions.min.js
europe.winestle.com/wp-content/themes/zeen/assets/js/ 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/wp-content/themes/zeen/assets/js/functions.min.js?ver=4.0.9.3
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
0c7ccdab87edb21d33b1bb6b1b89c0ccb70ed2e7c3041d4fb50c19ca13ebcb72

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Mon, 21 Jun 2021 20:03:26 GMT
server
LiteSpeed
etag
"12e1a-60d0f08e-1e086ff;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
20652
expires
Thu, 30 Dec 2021 19:41:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js?ver=5.8.2
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4273
date
Thu, 23 Dec 2021 18:30:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 20:30:32 GMT
wp-embed.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/wp-embed.min.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 23 Dec 2022 19:41:45 GMT
e-202151.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202151.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr
date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Dec 2022 00:21:22 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6499d7a5acc01d11387b9450ce12336cbadb6846f154263c891be9eea8df6a50

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
nzuchitimes-logo.png
europe.winestle.com/wp-content/uploads/2021/08/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://europe.winestle.com/wp-content/uploads/2021/08/nzuchitimes-logo.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
f45fe0b8842c5ce710f981eea0ec97803f21a3ff7412481a802fd37066aba3cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
content-encoding
gzip
server
LiteSpeed
link
<https://europe.winestle.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13969
expires
Wed, 11 Jan 1984 05:00:00 GMT
tag.min.js
iclickcdn.com/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c6ce7b0c6df1f16a194be60fca2ca5cff0726696f21fca2ae30d63009e221de

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
17374
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
53390ecb99afa51d0572098f296a9076
pragma
no-cache
last-modified
Thu, 23 Dec 2021 13:51:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxvvmKoIFNDssQY%2BGAzpBbqd86dPTHxvZRisp7dGz3%2BZcKmCL0Ub1Thvve1zmB4Ss8%2F5q4m4%2B2qdevmB7%2FVhz5G%2BB0KzNVdZx91XcderTlWMbwIRtwZm48ZS87HIHiAQTT1EOZTMDZU%2Bufs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6c2411ba783183ac-MXP
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Fri, 24 Dec 2021 14:52:11 GMT
world-times.png
europe.winestle.com/wp-content/uploads/2020/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://europe.winestle.com/wp-content/uploads/2020/07/world-times.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
b95f34976e43bddd7338391940a7bc1848d49de7da8b02274a5415d176fa7193

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:45 GMT
last-modified
Thu, 12 Aug 2021 13:29:54 GMT
server
LiteSpeed
etag
"1316-61152252-1e08d48;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4886
expires
Thu, 30 Dec 2021 19:41:45 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=178780176&t=pageview&_s=1&dl=https%3A%2F%2Feurope.winestle.com%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20Winestle%20News%20Europe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1203210052&gjid=555358680&cid=1673382888.1640288506&tid=UA-187610894-4&_gid=1630765453.1640288506&_r=1&_slc=1&z=196037901
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js?ver=5.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://europe.winestle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
c8dd7a14e66bf6d8ca157d32253bb801.js
scripts.cleverwebserver.com/ 		132 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/c8dd7a14e66bf6d8ca157d32253bb801.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ac8ca9d08a9ccb93f4d1767734fe2cff8906dbac8399c93fb1a3d153607bf2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Dec 2021 00:28:11 GMT
server
cloudflare
x-amz-request-id
NMAN9VHMADAEP24W
etag
W/"0c7c9c55cc02bf1e33816946b59b5d5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
t01C0w5tjXPEuQLabWFGICcjEANTmztA
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6c2411bb3d9459d1-MXP
x-amz-id-2
waYCWIsUm1nTV3njHvg6DfUQLUUgRFOhOu2CnUKeONp6Xjqq2s6wqMK2+ddwW7n1aD1GD8LzPFM=
expires
Thu, 23 Dec 2021 20:11:46 GMT
2431.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/08/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/08/2431.jpg?w=1200&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6900806e24d334109c2b38dcdf7acfc9ef8a60675d76d13b934df6e4b50482b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Oct 2021 01:19:37 GMT
server
nginx
etag
"c0a4353f568f87bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/08/2431.jpg>; rel="canonical"
content-length
173426
expires
Sat, 07 Oct 2023 13:19:37 GMT
parents-of-the-walking-dead-star-alicia-witt-died-of-suspected-hypothermia-officials-say.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/parents-of-the-walking-dead-star-alicia-witt-died-of-suspected-hypothermia-officials-say.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3b19af5e78dc234c16c43eb8deabb95f93e974378950e11572b04f335c00cbdf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 4
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"5cdc6127afeb9de2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/parents-of-the-walking-dead-star-alicia-witt-died-of-suspected-hypothermia-officials-say.jpg>; rel="canonical"
content-length
23866
expires
Sun, 24 Dec 2023 07:41:46 GMT
earth-science-the-matterhorn-in-the-alps-moves-gently-back-and-forth-about-once-every-two-seconds.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/earth-science-the-matterhorn-in-the-alps-moves-gently-back-and-forth-about-once-every-two-seconds.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5aae0369c76bc55281bebc71084898e4bf09bec7be004078ee5d116382e5a14c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"7c67d5da24310902"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/earth-science-the-matterhorn-in-the-alps-moves-gently-back-and-forth-about-once-every-two-seconds.jpg>; rel="canonical"
content-length
23328
expires
Sun, 24 Dec 2023 07:41:46 GMT
michelle-heaton-shows-off-her-muscular-physique-as-she-hits-the-gym-with-husband-hugh-hanley.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/michelle-heaton-shows-off-her-muscular-physique-as-she-hits-the-gym-with-husband-hugh-hanley.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
294dbecb399c41d34b8780845d7612c56bedbf9458a662c2ad33b3fe355c0c9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 8
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"3b6694c87820a034"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/michelle-heaton-shows-off-her-muscular-physique-as-she-hits-the-gym-with-husband-hugh-hanley.jpg>; rel="canonical"
content-length
13896
expires
Sun, 24 Dec 2023 07:41:46 GMT
norway-royals-release-their-annual-christmas-card.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/norway-royals-release-their-annual-christmas-card.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
15a5a046d73a9f420931ffbd778efb57ff9a9911314acb0588087d80961dbd85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"96f10604bb9c0144"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/norway-royals-release-their-annual-christmas-card.jpg>; rel="canonical"
content-length
27944
expires
Sun, 24 Dec 2023 07:41:46 GMT
fear-of-spiders-may-be-triggered-by-aversion-to-scorpions-study-says.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/fear-of-spiders-may-be-triggered-by-aversion-to-scorpions-study-says.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ddfdfffe35ef08b04d1e71e6b0b8dd2d7e5a00f3ad06ab9f6401aa7b6edd3309
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 8
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"cd0c24f70ed6bbe1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/fear-of-spiders-may-be-triggered-by-aversion-to-scorpions-study-says.jpg>; rel="canonical"
content-length
28008
expires
Sun, 24 Dec 2023 07:41:46 GMT
daily-covid-cases-hit-new-record-of-119789-as-hospitalisations-rise.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/daily-covid-cases-hit-new-record-of-119789-as-hospitalisations-rise.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0cff4b4602b8f8efd78f65a9200f91f118896b4d73e9ce9ab6d767c448cd8b31
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"59431601b65be4c5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/daily-covid-cases-hit-new-record-of-119789-as-hospitalisations-rise.jpg>; rel="canonical"
content-length
13306
expires
Sun, 24 Dec 2023 07:41:46 GMT
chelsea-are-weighing-up-a-move-for-barcelona-defender-sergino-dest-as-cover-for-ben-chilwell.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/chelsea-are-weighing-up-a-move-for-barcelona-defender-sergino-dest-as-cover-for-ben-chilwell.jpg?resize=306%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5bb69098cd037129dc08fe8283af51b4c474815004b9da491a088f1af510d3cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 5
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"a4da725546d29c24"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/chelsea-are-weighing-up-a-move-for-barcelona-defender-sergino-dest-as-cover-for-ben-chilwell.jpg>; rel="canonical"
content-length
12198
expires
Sun, 24 Dec 2023 07:41:46 GMT
david-harewood-gushes-over-andi-peters-rippling-muscles.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/david-harewood-gushes-over-andi-peters-rippling-muscles.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
285a65887586bdd916135d1327678721175c06423f3c7aa73b21961abc5c335d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 1
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"f6f98c1c4790af0e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/david-harewood-gushes-over-andi-peters-rippling-muscles.jpg>; rel="canonical"
content-length
14686
expires
Sun, 24 Dec 2023 07:41:46 GMT
video-hugo-the-cockapoo-barks-at-a-festive-hoover-preventing-him-from-attacking-an-xmas-tree.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/video-hugo-the-cockapoo-barks-at-a-festive-hoover-preventing-him-from-attacking-an-xmas-tree.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
874f7e70f236990583595f2b63c9fde5902b619e2187d439bd5e76b49adb7065
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 4
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"77fa87d8bee8fc39"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/video-hugo-the-cockapoo-barks-at-a-festive-hoover-preventing-him-from-attacking-an-xmas-tree.jpg>; rel="canonical"
content-length
14212
expires
Sun, 24 Dec 2023 07:41:46 GMT
covid-cases-in-south-africas-ground-zero-fall-rapidly-one-month-after-its-outbreak.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/covid-cases-in-south-africas-ground-zero-fall-rapidly-one-month-after-its-outbreak.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e0da26d17f1f36babb962551c8f1fe9e41c560e948ca2516e16fd8a05bcbb27f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 17:41:15 GMT
server
nginx
etag
"e5668c04cdd01116"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/covid-cases-in-south-africas-ground-zero-fall-rapidly-one-month-after-its-outbreak.jpg>; rel="canonical"
content-length
23364
expires
Sun, 24 Dec 2023 05:41:15 GMT
us-hits-second-daily-highest-average-diagnoses-rate-since-pandemic-began.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/us-hits-second-daily-highest-average-diagnoses-rate-since-pandemic-began.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c65b2e7467c44e0e93f814b06c1dfc4d5ea9869971f8981cda95f9eeb279ff80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 3
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"f6bc598d8fe84cdf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/us-hits-second-daily-highest-average-diagnoses-rate-since-pandemic-began.jpg>; rel="canonical"
content-length
14906
expires
Sun, 24 Dec 2023 07:41:46 GMT
acas-senior-executive-fired-for-sexual-harrassment-of-young-women-who-were-30-years-younger-than-him.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/acas-senior-executive-fired-for-sexual-harrassment-of-young-women-who-were-30-years-younger-than-him.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
9c6dc7e2354a599e7d0fc65ca8a8d5901ccca1ef34b7fcb0779e2fc71fc24e24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 17:51:09 GMT
server
nginx
etag
"7a9fcc2bde530001"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/acas-senior-executive-fired-for-sexual-harrassment-of-young-women-who-were-30-years-younger-than-him.jpg>; rel="canonical"
content-length
6848
expires
Sun, 24 Dec 2023 05:51:09 GMT
madison-cawthorns-wife-cristina-28-admits-there-were-difficulties-in-their-marriage.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/madison-cawthorns-wife-cristina-28-admits-there-were-difficulties-in-their-marriage.jpg?resize=306%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
2c3ef33b0f8830caf193597123cf9c253c08d4005c5bc01e9c7e961415111516
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 8
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"2a17075d62e62e7a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/madison-cawthorns-wife-cristina-28-admits-there-were-difficulties-in-their-marriage.jpg>; rel="canonical"
content-length
11800
expires
Sun, 24 Dec 2023 07:41:46 GMT
line-of-duty-stars-daughter-madeleine-gives-birth-to-her-first-child.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/line-of-duty-stars-daughter-madeleine-gives-birth-to-her-first-child.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
21f7159f779abc6832ee237b5177c3ae661c0c013fede28aa58988cd86fe7066
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 1
date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:47 GMT
server
nginx
etag
"b7c9f96959e1d63b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/line-of-duty-stars-daughter-madeleine-gives-birth-to-her-first-child.jpg>; rel="canonical"
content-length
8662
expires
Sun, 24 Dec 2023 07:41:47 GMT
uk-fails-to-hit-1m-covid-booster-jabs-a-day-target-again.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/uk-fails-to-hit-1m-covid-booster-jabs-a-day-target-again.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b5b0eae002464780e0eb96e80438bf26f9d5144f52690beaa028bdaa26d40538
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 1
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"fb3ee3608d2defb0"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/uk-fails-to-hit-1m-covid-booster-jabs-a-day-target-again.jpg>; rel="canonical"
content-length
8048
expires
Sun, 24 Dec 2023 07:41:46 GMT
the-pope-lectures-cardinals-about-showing-humility-in-christmas-address.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/the-pope-lectures-cardinals-about-showing-humility-in-christmas-address.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d80a5cefcc2aac1af68dcba0cf738b876d971257868cf60096d2639c79ec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 8
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"3fde52614c594afd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/the-pope-lectures-cardinals-about-showing-humility-in-christmas-address.jpg>; rel="canonical"
content-length
18506
expires
Sun, 24 Dec 2023 07:41:46 GMT
childrens-books-may-encourage-gender-stereotypes-study-finds.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/childrens-books-may-encourage-gender-stereotypes-study-finds.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5be3505d270ca2036db8778991368eae54a67ce1f56f2dc9d11458517135d11d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"a52d52c803ed4586"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/childrens-books-may-encourage-gender-stereotypes-study-finds.jpg>; rel="canonical"
content-length
20522
expires
Sun, 24 Dec 2023 07:41:46 GMT
medical-examiner-says-nfl-wide-receiver-vincent-jackson-had-cte-died-of-chronic-alcohol-abuse.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/medical-examiner-says-nfl-wide-receiver-vincent-jackson-had-cte-died-of-chronic-alcohol-abuse.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
83221a748408810f43334ad990f0f84bb9c44188800ee458b0e454c40d9f0980
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 1
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"0657e60ef2ae5809"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/medical-examiner-says-nfl-wide-receiver-vincent-jackson-had-cte-died-of-chronic-alcohol-abuse.jpg>; rel="canonical"
content-length
15266
expires
Sun, 24 Dec 2023 07:41:46 GMT
lila-moss-channels-lookalike-mother-kate-after-landing-new-fashion-campaign.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/lila-moss-channels-lookalike-mother-kate-after-landing-new-fashion-campaign.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
a4d7d11ec63a4511fe2b76a9071d788d60363b0e15351cfa1c36fe87f0e5c9da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 5
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"7c71f0d3487ce59a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/lila-moss-channels-lookalike-mother-kate-after-landing-new-fashion-campaign.jpg>; rel="canonical"
content-length
9612
expires
Sun, 24 Dec 2023 07:41:46 GMT
father-of-four-boys-killed-in-london-house-fire-leaves-heartbreaking-note-among-sea-of-tributes.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/father-of-four-boys-killed-in-london-house-fire-leaves-heartbreaking-note-among-sea-of-tributes.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e83464359fc9771abd9ebaed81b4c33d0ba270400d7fb88b0dd8cb2acc368e40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"38d497259ceb17b7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/father-of-four-boys-killed-in-london-house-fire-leaves-heartbreaking-note-among-sea-of-tributes.jpg>; rel="canonical"
content-length
17086
expires
Sun, 24 Dec 2023 07:41:46 GMT
duke-and-duchess-of-cambridge-will-not-spend-christmas-with-the-queen.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/duke-and-duchess-of-cambridge-will-not-spend-christmas-with-the-queen.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
92f0dfe0e084827c6252cdce35159ec1e95d96f073f3840f711c1138f0cb4c33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 1
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"b99ae943bd4c70c8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/duke-and-duchess-of-cambridge-will-not-spend-christmas-with-the-queen.jpg>; rel="canonical"
content-length
16400
expires
Sun, 24 Dec 2023 07:41:46 GMT
cailtin-close-triple-stabbing-man-charged-with-murder-following-incident-at-whalan.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/cailtin-close-triple-stabbing-man-charged-with-murder-following-incident-at-whalan.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0db1307f6a0b0835f3e626c59fce69d45728dd851233448e7b5f6f0dccac8966
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 1
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"6a302787925ac257"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/cailtin-close-triple-stabbing-man-charged-with-murder-following-incident-at-whalan.jpg>; rel="canonical"
content-length
11812
expires
Sun, 24 Dec 2023 07:41:46 GMT
dimitar-berbatov-says-edinson-cavani-has-been-treated-unfairly-by-man-united-after-ronaldos-return.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/dimitar-berbatov-says-edinson-cavani-has-been-treated-unfairly-by-man-united-after-ronaldos-return.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e24e0055308d3a238cf0824312d0bdc7a57d9f0d8163aadb8caeb3ceaef48f19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 8
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"036f580d20615603"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/dimitar-berbatov-says-edinson-cavani-has-been-treated-unfairly-by-man-united-after-ronaldos-return.jpg>; rel="canonical"
content-length
9696
expires
Sun, 24 Dec 2023 07:41:46 GMT
simon-cowell-is-forced-to-delay-the-release-of-his-childrens-book-series.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/simon-cowell-is-forced-to-delay-the-release-of-his-childrens-book-series.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
4628e1cab08e4343853e1f926514283e9f614872ec09169547a6c663f2ce3258
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:47 GMT
server
nginx
etag
"0fd9b4eb8c9c4450"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/simon-cowell-is-forced-to-delay-the-release-of-his-childrens-book-series.jpg>; rel="canonical"
content-length
15518
expires
Sun, 24 Dec 2023 07:41:47 GMT
kim-potter-jurors-reach-trial-outcome-on-day-four-of-deliberations.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/kim-potter-jurors-reach-trial-outcome-on-day-four-of-deliberations.jpg?resize=370%2C247&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
685b5d51c4619493b1b2ddce77f0b2e15af1e6a3970f0f1bc80dfcdbebc9d05e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:47 GMT
server
nginx
etag
"7bc58548711906c9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/kim-potter-jurors-reach-trial-outcome-on-day-four-of-deliberations.jpg>; rel="canonical"
content-length
8928
expires
Sun, 24 Dec 2023 07:41:47 GMT
cailtin-close-triple-stabbing-man-charged-with-murder-following-incident-at-whalan.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/cailtin-close-triple-stabbing-man-charged-with-murder-following-incident-at-whalan.jpg?resize=100%2C100&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
a5296f7bbfc59cf09652bb10123dfb52146d06572c4d84307824e8364a70d05a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 1
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"035676b396e57cda"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/cailtin-close-triple-stabbing-man-charged-with-murder-following-incident-at-whalan.jpg>; rel="canonical"
content-length
2244
expires
Sun, 24 Dec 2023 07:41:46 GMT
dimitar-berbatov-says-edinson-cavani-has-been-treated-unfairly-by-man-united-after-ronaldos-return.jpg
i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/europe.winestle.com/wp-content/uploads/2021/12/dimitar-berbatov-says-edinson-cavani-has-been-treated-unfairly-by-man-united-after-ronaldos-return.jpg?resize=100%2C100&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0ddb76640523c6ba9b797e889a6211e64092ce1be052a17fd4fe8be5fba39e72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 8
date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
etag
"9bb34cdbd8928f57"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/dimitar-berbatov-says-edinson-cavani-has-been-treated-unfairly-by-man-united-after-ronaldos-return.jpg>; rel="canonical"
content-length
2220
expires
Sun, 24 Dec 2023 07:41:46 GMT
simon-cowell-is-forced-to-delay-the-release-of-his-childrens-book-series.jpg
i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/europe.winestle.com/wp-content/uploads/2021/12/simon-cowell-is-forced-to-delay-the-release-of-his-childrens-book-series.jpg?resize=100%2C100&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
a8d4dde7272bb3b69bb966b8aa5f05e5b909243163fa7ed373ec0b7be40bafc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:47 GMT
server
nginx
etag
"27ea9b4de6a2537a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/simon-cowell-is-forced-to-delay-the-release-of-his-childrens-book-series.jpg>; rel="canonical"
content-length
2994
expires
Sun, 24 Dec 2023 07:41:47 GMT
kim-potter-jurors-reach-trial-outcome-on-day-four-of-deliberations.jpg
i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/europe.winestle.com/wp-content/uploads/2021/12/kim-potter-jurors-reach-trial-outcome-on-day-four-of-deliberations.jpg?resize=100%2C100&ssl=1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
67954b0dbfc2117745b94a760df5826b5c28e5274d58249f5cbea6018c81e5c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
MISS lhr 2
date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 19:41:47 GMT
server
nginx
etag
"eaec515f36f5200e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://europe.winestle.com/wp-content/uploads/2021/12/kim-potter-jurors-reach-trial-outcome-on-day-four-of-deliberations.jpg>; rel="canonical"
content-length
2216
expires
Sun, 24 Dec 2023 07:41:47 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2&blog=198461369&post=39&tz=3&srv=europe.winestle.com&host=europe.winestle.com&ref=&fcp=2556&rand=0.3475566426654868
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 19:41:46 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377509529524445
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101736
x-xss-protection
0
server
cafe
etag
6975236974516728872
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 19:41:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 758B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377509529524445
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 18:36:45 GMT
expires
Thu, 06 Jan 2022 18:36:45 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
3901
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
bedrapiona.com/5/4296372/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/4296372/?oo=1&js_build=2
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fdc682321387a92ca85967bca90d9487129f17cf20fbb09f8f7847eda9acf9ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
e2817992004e1aab8466a6427bca38e8
pragma
no-cache, no-cache
date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://europe.winestle.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=europe.winestle.com&callback=_gfp_s_&client=ca-pub-7377509529524445
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
145fad24eb7918d9f4fbac0067d2a345916cf8a165daf1193c51f384aa9365ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=europe.winestle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=europe.winestle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D5CC 		254 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&adk=1812271804&adf=3025194257&lmt=1640288506&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Feurope.winestle.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288506003&bpp=3&bdt=573&idt=230&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5714528516097&frm=20&pv=2&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dae79ee46843cbcfeea7e54857ea947eb0fa56b9b3e6acea86b27e1d4f3f9e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 19:41:46 GMT
server
cafe
content-length
64515
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 19:41:46 GMT
cache-control
private
4296369
dozubatan.com/400/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/400/4296369
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7c7f4e853cee25c7356502ebc22d61182aab77f01d031546a39ad179a2f94ff3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
3995f1ca89f94f0312e715624b027c38
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
pseepsie.com/pfe/current/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/pfe/current/tag.min.js?z=4296371
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5cd98d4fd7eb36d9950c28c106e094a5a1ad19d484c53765995a0534168cae22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 09:37:58 GMT
server
nginx
etag
W/"61c1a076-3c3d"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
1
toglooman.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/1?z=4296370
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
93283ea9ddd3e6ef8f4917f48fd7a8c82c99c284aa3d485d93377199b9a7e6b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
4eab2d8c95362d8a565889f749fa3f11
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-sc
Pc7u1htYXNY9vYLc30xY41wkbguCzq8FZm7-ycKKAuswFf3CjSO1xRBYU5G__VnMRQuwTMZJfqdtsP1R4WP32_uOGHM=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=93c482bf2b19427b8e18803ea124f0cb
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
efe3371c57b87c730e49d04336ab4d97d6025910e08c15d46e1e71af5f296829
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://europe.winestle.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
ui.cleverwebserver.com/ 		144 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce18cdb2853cee920e0eba3183e7644402ed7ce950c6fb560afb1d95331c7c1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6c2411bdfe1c59d1-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
52740.php
sender.clevernt.com/transporter/ 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sender.clevernt.com/transporter/52740.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly9ldXJvcGUud2luZXN0bGUuY29tLw%3D%3D&ruri=&r=238750248&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.005&cc=1&iv=-1
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.69.64.76 Rio Tinto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
are.clevernt.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
content-type
image/gif
/
onmarshtompor.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/?rb=mh7JhyBGqfMB2Mw0JB9eR_EKoLVuSCjhZopJmXzIGM7tW-3oFwoFeL6CSg0FBmaqFuce4J0wNu_uPIrditu3d6MOumSTizXFHU3G73Svn1d1O-h0x7KlS2TPmh0cZiQYQzW1zmVu5xRKeJNx-_gMxaY90TxqOsYEm5PVB-v6Lm8VlM6Rday5edCpBCtCLXVT9SDkCID0qHZ3b1p01VN0QcWTacUe26Yr2NESl-9cq13kliZaxOUIK9APDGe20PaQIAb4JysgMBXY2dTWKAam5eJ8aeqMZHiU&request_ab2=0&zoneid=4296372&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Feurope.winestle.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&os=other&os_version=other&bs=d1cbec96-534b-41a4-902f-f4f859b03bc6&userId=93c482bf2b19427b8e18803ea124f0cb&m=link
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7ac5b1667a5fe513dde2bf2d22b91aefc421f80bfb45d89b037b2a0b962b9bf3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-max-age
86400
x-trace-id
8931e9877b5f265f3e273ce5e7bf893b
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://europe.winestle.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
27c03f0fa2d4e3f08359be655ccb85fe
toglooman.com/27/ 		381 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/27/27c03f0fa2d4e3f08359be655ccb85fe
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=4296370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
845f3bd26c45d4513054f9f1a9da06bfb0f3d2ebdf3feb3f346ef698f9577297
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Dec 2021 05:23:46 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
cache-control
max-age:290304000, public
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Thu, 22 Jan 2082 05:23:46 GMT
38
toglooman.com/42/ 		0
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/42/38?z=4296370
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=4296370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
8c25734764a877f3cfbbfcae3135ab21
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:46 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag.js
tagcachestaticx.com/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagcachestaticx.com/tag.js
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4296369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04eb2fa3eec44d66354f42914a9a2685eb18df4fa7e39070670e5cd5033f99c6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 21:44:11 GMT
server
cloudflare
age
4438
etag
W/"61b9102b-cb22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvZcJ916L2xRz04T%2BDUBeHNlwJuti3SQNZra0D7ykvtrv6QKXvryYVD%2FpJeeRbTH4tlygC4T%2F8Fne3DNtxAJlCwX1v5aq5vG6d24dq1tRQiZy6EXC7v0L7FOD8eX0M8BsN6JaKrWJUhpV%2Fbl9Xw%2B8d%2B5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c2411c00872375c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
4296369
dozubatan.com/500/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4296369?excludes=&oaid=93c482bf2b19427b8e18803ea124f0cb&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Feurope.winestle.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4296369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a9fc248e9ffbe418ae1be410a180cbada0b56d27218735fbba9c09edcfd209c5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
24aad94651d0785e8aac5b21dd57fd74
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://europe.winestle.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
4296369
dozubatan.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4296369?excludes=&oaid=93c482bf2b19427b8e18803ea124f0cb&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Feurope.winestle.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 23 Dec 2021 19:41:47 GMT
content-length
0
allow
GET, OPTIONS
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
https://europe.winestle.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials
true
access-control-max-age
600
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
favicon.ico
wholenicenews.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wholenicenews.com/favicon.ico
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.163 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=60
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 19:41:47 GMT
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=60
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54388
x-xss-protection
0
server
cafe
etag
7489837695308457557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 19:41:47 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=europe.winestle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=europe.winestle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B043 		90 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6eb5afa08cc6d6e825b8c4183ee6a556a452c65702fe583fdbcbda57840da2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 19:41:48 GMT
server
cafe
content-length
31932
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 19:41:48 GMT
cache-control
private
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagcachestaticx.com
URL: https://tagcachestaticx.com/tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51804
x-xss-protection
0
server
cafe
etag
14566761869323998522
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 19:41:47 GMT
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Dec 2021 19:41:47 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Dec 2021 19:41:49 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Dec 2021 19:41:47 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Dec 2021 19:41:47 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Dec 2021 19:41:47 GMT
01020141423258.png
littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/01020141423258.png
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9411bba13ac9d988cf2adddd933602dd8923d1cb8afb0241e4daa7a914d1ff1b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
cf-cache-status
HIT
age
1198
content-length
67442
last-modified
Wed, 19 Aug 2020 15:30:58 GMT
server
cloudflare
etag
"5f3d45b2-10772"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6c2411c3d92059e3-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=europe.winestle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=europe.winestle.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 29F7 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 18:38:26 GMT
expires
Thu, 06 Jan 2022 18:38:26 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
3801
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 482A 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 18:38:26 GMT
expires
Thu, 06 Jan 2022 18:38:26 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
3801
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 29F7 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:07:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 19:41:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 19:41:47 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 29F7 		205 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 00:02:38 GMT
x-content-type-options
nosniff
age
157149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 22 Dec 2022 00:02:38 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 29F7 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 16:33:47 GMT
x-content-type-options
nosniff
age
11280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 23 Dec 2022 16:33:47 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 29F7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 18:58:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 482A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLkYu-tDEYciQFZeKtwfqhoroA_Tg0JZni9rekoUP8a_6s88sEAEgyOGwM2C7hoCA0AqgAcSOhtMByAECqQIX2w7GGX62PqgDAcgDyQSqBIkCT9CTpT72L4_tSds3CnphN1kXISaz69a1x3uO1MMGqALehKW31YTrRUAKDRbPqBlBpaRn5wFg7x_wNjRkizFfUAO5Rz-0bWmV_h7W6u7ozCX0P_BLlMgakFm4d4DuS-zUw4rdKjukbUx4yj5axh6D_vgMaltxIpQyXlSoi5ChIxtQuYKVcBGDaR57Ja35K0zrIlBr02UH9Hw6g4-UvArhEokvWNtTS8LzpU16JOHrIKPt-uBRNnL1sIcManlBOwWpjrTZAAIuF3nTaWZfOqTKIQGk3R-XwcpQ_glWrrG4POn5E5XQVP8bmVC1Lfnxvi-OALfZVMsmBwYVmahJ0wMrElLFyBbhBxJOPsAEvriI4vYDkgUECAQYAZIFBAgFGASgBgKAB6Tx-awCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQm5qAAdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03Mzc3NTA5NTI5NTI0NDQ1GAA&sigh=ZAHzRdOE_eU&uach_m=[UACH]
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 19:41:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 23 Dec 2021 19:41:47 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 482A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 482A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 482A 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 19:41:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 482A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:34:08 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 482A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 13:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11415
x-xss-protection
0
server
cafe
etag
3382072337847676073
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 13:45:19 GMT
13943462016890542132
tpc.googlesyndication.com/daca_images/simgad/ Frame 482A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/13943462016890542132
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b45dd854dac0d396b334aeb078088fa525794004e0a3e6f8f55fa029cfea75ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25524
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 16:12:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Dec 2022 19:41:47 GMT
zone
pseepsie.com/ 		666 B
955 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/zone?pub=0&zone_id=4296371&is_mobile=false&domain=europe.winestle.com&var=&ymid=&var_3=
Requested by
Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4296371
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e2b5a2e5a81f01797b0d6ad7c6d9f4d391a95fb4b12fa365495ac8180969fc41
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
fdfd3ec0374d6f676fad416b7a80c6b7
date
Thu, 23 Dec 2021 19:41:47 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
666
universal.min.js
pseepsie.com/pfe/current/ 		126 KB
48 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/pfe/current/universal.min.js?v=3.1.349
Requested by
Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4296371
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
22108cdb9905bd42dc68a722b926941604990f4f83c9879b6d74051e2cbc0c4f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 09:37:58 GMT
server
nginx
etag
W/"61c1a076-1f923"
content-type
application/javascript
access-control-allow-origin
https://europe.winestle.com
cache-control
no-cache
access-control-allow-credentials
true
s
googleads.g.doubleclick.net/pagead/drt/ Frame C9DB 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 19:04:48 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9
toglooman.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=4296370&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Feurope.winestle.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&sah=1200&drf=&hil=1&ist=0
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/27c03f0fa2d4e3f08359be655ccb85fe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
23f26fcb58cf04a9261617db86591540b56bd9e4e18f3344c29531d9af9e612d

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
3ebccca58b9b230f6a15db2be1b58768
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://europe.winestle.com
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
toglooman.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=4296370&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Feurope.winestle.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&sah=1200&drf=&hil=1&ist=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 23 Dec 2021 19:41:47 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://europe.winestle.com
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate, max-age=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
de974e0de653beaf8b7a147538108e14.js
www.gstatic.com/mysidia/ Frame 6AC6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 13:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 23 Mar 2022 13:32:44 GMT
4c162666b480f9d25b4d1657ab76b19c.js
www.gstatic.com/mysidia/ Frame 6AC6 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
422322a5b664a67b41d5548903029f24d41665edf71afa39bc31dc5b03c668c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 19:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4817
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 19:06:42 GMT
css
fonts.googleapis.com/ Frame 6AC6 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:09:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 19:41:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 19:41:47 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6AC6 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:39:35 GMT
e485ffd488b44fd3558b39d314f67b09.js
www.gstatic.com/mysidia/ Frame 6AC6 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e485ffd488b44fd3558b39d314f67b09.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd2002cdf21b9a1c068b3b6f24ece6d21d00ecdf3b14de9b37372425e8045e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 19:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2354
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 19:06:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 6AC6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6AC6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AC6 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 19:41:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6AC6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:25 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 6AC6 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 14:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:37:35 GMT
truncated
/ Frame 482A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e857ec16640c6c2388f25bcb088fe3fd9957df937e7c081af96fc0aebfc28085

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame C9DB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 19:41:48 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 19:41:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 19:41:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
pagead2.googlesyndication.com/bg/ Frame 216C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
188574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:18:53 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B804 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 19:04:48 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
add
tagcachedataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagcachedataxrt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 23 Dec 2021 19:42:02 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://europe.winestle.com
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagcachedataxrt.com/log/ 		12 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagcachedataxrt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tagcachestaticx.com
URL: https://tagcachestaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 23 Dec 2021 19:42:02 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://europe.winestle.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AC6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChwIASoYbGFyZ2UtYmFubmVyLXJkYS12YW5pbGxhCgoIAioGc2VydmVyCjQIBCowbXlzaWRpYV9hbmFseXRpY3NfZXhwMixwZXJmX3ZpZGVvX2djYWNoZV9jb250cm9sCg0QKyEAAAAAAAAiQDAECg0QAyEAAAAAAGBkQDAECg0QDSEAAAAAoJm5PzAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAKEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAEBP0UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAZmZ-cEAwBBIaQ01mMV8tM1ctdlFDRlJmRjdRb2Rhb01DUFEiGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B804
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 19:41:48 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 19:41:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 19:41:48 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
pagead2.googlesyndication.com/bg/ Frame 4636 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
188575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:18:53 GMT
custom
pseepsie.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 23 Dec 2021 19:41:48 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
pseepsie.com/ 		39 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/custom
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
2d9125760c6f566ef3a0b42753e18769
date
Thu, 23 Dec 2021 19:41:48 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
sw.js
europe.winestle.com/ 		66 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://europe.winestle.com/sw.js
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.52.238.177 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-238-177.us-west-1.compute.amazonaws.com
Software
LiteSpeed /
Resource Hash
cb5dd7aa31cd86683d07ff55c70f3c9f834e6d243f04e81ec1e6c02b6ebb0228

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
content-encoding
gzip
server
LiteSpeed
link
<https://europe.winestle.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13948
expires
Wed, 11 Jan 1984 05:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=ca034578d3d34b7ab05f73f22a6c48a0
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
11
toglooman.com/ 		0
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/11?rnd=584641701&z=4296370&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=ZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ=&ruid=ea555671-c504-4a6d-89a7-aa58002c916b&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Feurope.winestle.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&sah=1200&drf=&hil=1&ist=0&ot=380
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/27c03f0fa2d4e3f08359be655ccb85fe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
e6bdb8c1310c4ad1ccea7faa324c274a
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://europe.winestle.com
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
interstitial-07.com/ Frame 38F7 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/27c03f0fa2d4e3f08359be655ccb85fe
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.201.86 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
7f780246b0441bd5682dd343c3ae875df8001facd9c7e838c98192a07d7be375

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

Server
nginx
Date
Thu, 23 Dec 2021 19:41:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.24
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding
gzip
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AC6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChwIASoYbGFyZ2UtYmFubmVyLXJkYS12YW5pbGxhCgoIAioGc2VydmVyCjQIBCowbXlzaWRpYV9hbmFseXRpY3NfZXhwMixwZXJmX3ZpZGVvX2djYWNoZV9jb250cm9sCg0QFCEAAAAAQJPSQDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAABmZsZzQDAEEhpDTWYxXy0zVy12UUNGUmZGN1FvZGFvTUNQUSIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame B043 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:20:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 19:41:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 19:41:48 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B043 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:39:35 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame B043 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B043 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B043 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 19:41:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B043 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 19:37:25 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B043 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cl5mk-9DEYZWiDeH0tOUPiLiz-A3b6rCoZ8jVjbv9DtvZHhABIMjhsDNgu4aAgNAKoAGVzKPNAsgBCakC3XHCmhb4sj6oAwHIA8sEqgT5AU_Q6mnsQyHTU1ZWftkILZqcKTn-0KdUxF2oD-tO4mAA9kclVY6ycKSmdWMflCePSiJIg2cvFL67sFRJT3RxgiB2fM8sv0MD-oGI9n89vr0JuyR5kL0HDxprFUxDC_62JbGatiNmKkSzZMh-oWUaxDigWmsmdRpMaPV_gFdorGn1cBV1lQbK8P_TLdgJ5NxIj1d_qkwrTQBg_ae2ggOIaPFbxkJHvEPK5dgkuUvi1-ZrvoMuI_0JoETV5ZwTeCBCwlKF5s6bW7j3_3rfrlZXrPh0PE3P08CfBfyHbbpSYW3-CFVvXXlNRS-r559oZp8P1hIlwO_UigQZkMAE1rWm7uYDkgUECAQYAZIFBAgFGASgBi6AB9Oz3LIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiNBv0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03Mzc3NTA5NTI5NTI0NDQ1GAA&sigh=vSeV5rq76MQ&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 19:41:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame B043 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe-xaGMDz_EoxsFkG1jbEpp0IyGc1eWMVSHXUF8fqfQWwntZKjKgwrP2o9APmxUnDLXH0yH5Pb_jrf9N5AeN5Hwcj1hA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame B043 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 14:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:37:35 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17417911349043153147/ Frame B043 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17417911349043153147/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0daed66217e6263737af4bd6233c747e72c2a22260902a65700d042cb1cc86f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:10:05 GMT
x-content-type-options
nosniff
age
88303
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8789
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 16:18:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Dec 2022 19:10:05 GMT
truncated
/ Frame B043 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a8e0a7c46f9beaa3434c9e0214920e30c9ff27147f070229538f05cafb46eeb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 248D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 05:53:44 GMT
expires
Fri, 24 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
49684
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B043 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
103c69d4216ec4ee90d9bac8eb20fd496a6bd0f631c94206e3f3ef43a5cd4afd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B043 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:17:51 GMT
x-content-type-options
nosniff
age
541437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 13:17:51 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B043 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 18:21:26 GMT
x-content-type-options
nosniff
age
264022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 20 Dec 2022 18:21:26 GMT
fv.js
propeller-tracking.com/ Frame 38F7 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/fv.js?t=72747&cb=201513114
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-trace-id
e0ec5d4172a3b12cabd18c846649d0ac
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 38F7 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
content-encoding
br
cf-cache-status
HIT
age
6546
last-modified
Mon, 01 Nov 2021 10:28:07 GMT
server
cloudflare
etag
W/"617fc137-30c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
cf-ray
6c2411c9ff7259e3-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 38F7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
cf-cache-status
HIT
age
1651
content-length
3429
last-modified
Mon, 13 Dec 2021 15:18:23 GMT
server
cloudflare
etag
"61b7643f-d65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6c2411cb6ae759e3-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
0100657458245.jpeg
interstitial-07.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 38F7 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-07.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.201.86 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 19:41:48 GMT
Last-Modified
Thu, 31 Jan 2019 11:14:34 GMT
Server
nginx
ETag
"5c52d89a-d0e0"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
53472
0933414948049.jpeg
interstitial-07.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 38F7 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-07.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.201.86 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 19:41:49 GMT
Last-Modified
Mon, 26 Mar 2018 13:01:51 GMT
Server
nginx
ETag
"5ab8ef3f-393b"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
14651
0350025199145.jpeg
interstitial-07.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 38F7 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-07.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.201.86 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 19:41:49 GMT
Last-Modified
Tue, 17 Jul 2018 10:46:08 GMT
Server
nginx
ETag
"5b4dc8f0-8b17"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
35607
01289039865190.jpeg
interstitial-07.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 38F7 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-07.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.201.86 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 19:41:49 GMT
Last-Modified
Thu, 31 Jan 2019 11:14:34 GMT
Server
nginx
ETag
"5c52d89a-c502"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
50434
player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 38F7 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:49 GMT
cf-cache-status
HIT
age
4544
content-length
28527
last-modified
Mon, 01 Nov 2021 10:28:07 GMT
server
cloudflare
etag
"617fc137-6f6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6c2411cdc95a59e3-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
script.js
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 38F7 		1 KB
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by
Host: interstitial-07.com
URL: https://interstitial-07.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D615530621%26z%3D4296370%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DZF6MizrixppSSAcpbchmWdCMSKJMxUZxI5MFt4rera9FLEg4iPRugN2JU-V68fg_hSKuWv03cO5LOP_1MA1UqMPbrx-URUgyU8l2uh207OY8a9UBALgM7flSJgIzbew90o4IsJQPYwfwk9cW7bDrFYjjKa3bKT1yNgzSFWi-KtTnjIRCOoBbqRfJVwxkUZ2OMln1SVZIaJszRxCePAfUKbQj6g8WiPgMZ6m7mqHtW6ZSEkLmV9TVFVNwXBYDDpCGgQOoLGdaj-lDkcN-vz6w3RfCUvKVcfGoWyEmkGLfveQ%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dea555671-c504-4a6d-89a7-aa58002c916b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Feurope.winestle.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D5%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
content-encoding
br
cf-cache-status
HIT
age
6546
last-modified
Mon, 01 Nov 2021 10:28:07 GMT
server
cloudflare
etag
W/"617fc137-58b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
cf-ray
6c2411ca98c659e3-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
dpixel
cms.quantserve.com/ Frame 248D 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFOFJNDB8153wXmM-mxr-pw&google_cver=1&google_push=AYg5qPJ2_tnEV30YowVsmSrk4U1Da4J_lWANVqWAr6FW9DlX8Agh0khQeWvHn2zVkkgpjMFKw8AWPlGK3St4xziZX36kut65uAZV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 248D
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFwgGLfF9zLEfw9wx6Encq8&google_cver=1&google_push=AYg5qPJZr_yuTS6jDMgKU7UpOy2J8p19TEMxfOPbtghOHuPzRHRKP7QYhaMVD6qR3LbDPTPGLN95otMoFtYequhUeKwMTbjFMa1b
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJZr_yuTS6jDMgKU7UpOy2J8p19TEMxfOPbtghOHuPzRHRKP7QYhaMVD6qR3LbDPTPGLN95otMoFtYequhUeKwMTbjFMa1b&google_hm=Q0FFU0VGd2dHTGZGOXpMR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJZr_yuTS6jDMgKU7UpOy2J8p19TEMxfOPbtghOHuPzRHRKP7QYhaMVD6qR3LbDPTPGLN95otMoFtYequhUeKwMTbjFMa1b&google_hm=Q0FFU0VGd2dHTGZGOXpMRWZ3OXd4NkVuY3E4
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 19:41:48 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJZr_yuTS6jDMgKU7UpOy2J8p19TEMxfOPbtghOHuPzRHRKP7QYhaMVD6qR3LbDPTPGLN95otMoFtYequhUeKwMTbjFMa1b&google_hm=Q0FFU0VGd2dHTGZGOXpMRWZ3OXd4NkVuY3E4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 248D 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFvpAqbBrpqFnBZ2_L2djoM&google_push=AYg5qPJGLqi-Cm-aDeoI7ilKh2uvbc9yNIj3y4ycKlTuLrE29nIDtiGR5875OnS8nWTLlrqjlEAOJHVGVIrOPEEpLgFsbJ_7d6WFmA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 248D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDtK_H2ybRgS7pCgfsG8VaQ&google_cver=1&google_push=AYg5qPI5Z7mml7vREueocBU60DlTb2RrpEc313M-5x4kGT8bn9ImJf_P2EmY7Mn1aEVTX5kl1TklzvG6sZw2CVPPZxAeFBY-p7UKqQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
7h5u7qdm0nc3hq6ossjef32p0b97dfc2
pixel
cm.g.doubleclick.net/ Frame 248D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3w9dibmjSHOx-truA54yLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3w9dibmjSHOx-truA54yLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIakPctIbyJpUI5gH16KUYJPpqVNzyYy8gFUISjE9dNl5Kdp_lDlgRHeQJYOS6OejMl7sl4mNFhlL9VOfSzH1ifs17-PXQf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3w9dibmjSHOx-truA54yLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIakPctIbyJpUI5gH16KUYJPpqVNzyYy8gFUISjE9dNl5Kdp_lDlgRHeQJYOS6OejMl7sl4mNFhlL9VOfSzH1ifs17-PXQf
date
Thu, 23 Dec 2021 19:41:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 248D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLHcJ-lzHx7XtzpikXDx4E&google_cver=1&google_push=AYg5qPIvQbrC9c6TkSjXGnO2vcAdXHXi90hxoBYzFlGjQcWSHr8LB-XDWuOv-9pxjqCexCPRVYj...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKREZESE4tMjMtRjFBRA==&google_push=AYg5qPIvQbrC9c6TkSjXGnO2vcAdXHXi90hxoBYzFlGjQcWSHr8LB-XDWuOv-9pxjqCexCPRVYj-_7Ls2TExrNdOioWwODzXzX-Kpw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKREZESE4tMjMtRjFBRA==&google_push=AYg5qPIvQbrC9c6TkSjXGnO2vcAdXHXi90hxoBYzFlGjQcWSHr8LB-XDWuOv-9pxjqCexCPRVYj-_7Ls2TExrNdOioWwODzXzX-Kpw
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKREZESE4tMjMtRjFBRA==&google_push=AYg5qPIvQbrC9c6TkSjXGnO2vcAdXHXi90hxoBYzFlGjQcWSHr8LB-XDWuOv-9pxjqCexCPRVYj-_7Ls2TExrNdOioWwODzXzX-Kpw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 248D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36V...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 248D 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K64iotMUzNBXmt4iR6OzIBD1_8td87y8Np033WcPF5ZbEfSXz_WaFMOpoO1JSsJE5mj2-k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
custom
pseepsie.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 23 Dec 2021 19:41:48 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
pseepsie.com/ 		39 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/custom
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
f59808e85b2f3b02de5bfe03eff48987
date
Thu, 23 Dec 2021 19:41:48 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=7f8df5df0b9e4270a03dd1dca3f2220f&zoneId=4296371&checkDuplicate=true&ymid=&var=
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
efe3371c57b87c730e49d04336ab4d97d6025910e08c15d46e1e71af5f296829
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:48 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://europe.winestle.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
pagead2.googlesyndication.com/bg/ Frame 6388 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&h=280&adk=3363353524&adf=3492474119&pi=t.aa~a.1251354328~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1640288507&rafmt=1&to=qs&pwprc=9554993468&psa=0&format=1200x280&url=https%3A%2F%2Feurope.winestle.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640288507063&bpp=5&bdt=1633&idt=5&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D231682c2aa49d91f-2243bf710ecd0035%3AT%3D1640288506%3ART%3D1640288506%3AS%3DALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ&prev_fmts=0x0&nras=2&correlator=5714528516097&frm=20&pv=1&ga_vid=1673382888.1640288506&ga_sid=1640288506&ga_hid=178780176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063859&oid=2&pvsid=2758169898160521&pem=514&tmod=210&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9zSe4w8NJ4&p=https%3A//europe.winestle.com&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
188575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:18:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 482A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJCJ1IUjFobbsN9iWdF54r5Mbf--huJtjt8hvHTbg4mTwWPO-Z75dE-dTT9B9573hcSqjRfTCc4b2SqVmLBye2kx50ns5Ms49XRmcVdrYmhYX7u0kYUQ&sai=AMfl-YQ4Swlo-Z1QXHVaZnuXz3SvCe-6oXyJjRkql-pCtJut4hOrkkfolvE7DqUQah9mIKNZsw4NJixj60ih&sig=Cg0ArKJSzHcHehtezcUlEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=196,817,1001,1001,1001&tos=196,621,184,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640288507315&rpt=459&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vctx
propeller-tracking.com/ Frame 38F7 		0
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vctx?t=72747
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=201513114
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://interstitial-07.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
5686b1cd6ec5ac2dab6f04e427a2d661
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:49 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://interstitial-07.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
vbl
propeller-tracking.com/ Frame 38F7 		0
494 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vbl?t=72747&bid=undefined&aid=undefined
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=201513114
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://interstitial-07.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-trace-id
1c172773b2d91b99ba055fc0a7da66da
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:49 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://interstitial-07.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
event
pseepsie.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 23 Dec 2021 19:41:49 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
event
pseepsie.com/ 		94 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/event
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ce57e81cda80ca67eca9e884c973781f1a65802fc2d3292987249f5ab834812d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
90db4a0ef0355407fb1ccf557bcb6a19
date
Thu, 23 Dec 2021 19:41:49 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
94
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe48e7e190ddae760c590392618332005f772e86656605b1cbfde40d2888374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 19:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8452
x-xss-protection
0
custom
pseepsie.com/ 		39 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/custom
Requested by
Host: europe.winestle.com
URL: https://europe.winestle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
5c059e9d35c878f085b875e3c542b938
date
Thu, 23 Dec 2021 19:41:49 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
pseepsie.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 23 Dec 2021 19:41:49 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://europe.winestle.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7377509529524445&plah=europe.winestle.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Thu, 23 Dec 2021 19:41:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0048 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Thu, 23 Dec 2021 19:36:51 GMT
expires
Fri, 23 Dec 2022 19:36:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4C76 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0c698e1e4cdd04f02cbd8543c6ff22b27d9be893e5f6debb103dfc82abb02bde
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E5Tg7erPNTEtrDQ7BbkwEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 23 Dec 2021 19:41:51 GMT
date
Thu, 23 Dec 2021 19:41:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-E5Tg7erPNTEtrDQ7BbkwEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
pagead2.googlesyndication.com/bg/ Frame 0048 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
188578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:18:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=2758169898160521&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2758169898160521&bg=!8fKl8rbNAAZKWFskSlg7ACkAdvg8WrT8s74VNHyIL7XyfKsM6pTk1m6JKaiZYHtmDIHCcMVDdhOewwIAAABEUgAAAAhoAQeZAqSTagpvnLgAHPwjSZM-SFctFozbwCWGwW6-9r3MGoKKMVwIiyiUzQ56-Zr5qMwWoIwcXAnhkre4B5GeeCvpDvxLtAIaMYgx3E1amPH0EJHUWdeKRcvlByPtWxandah7VZC3uK1Kbp2RIsCni8rgqQkTcBL5hWPoYtCyXe7P1bIbAPeq8HJ0c1nb4DdIlAZ7bzA1DdpkRL3DuAB1yYb-pgmJFZubKayqO2ozE37s8RUKg5_eXLEiC1iVKhiiH8ZWPgRYh6mec6J5QievSULWgRaEp0VLAKBSm2O6Vh4l6ol7NJYijw5Qt98QvCCbcPuU10l-5p1Nj5FvwTS-SEp3G7F-sNpozaR9efM7sEOJbWkZ8O23XT_eymRWgDUteKerR1PsdMU8CnSXE3Sgsk7PaRpwP2zr5jHd5aOdZFESqa6WP_lzvekKH7gUMqS69dRVX7v9GGf6mwwqu4NDyINJZrJeKCsf1dm_EGwTp6CKYYwUsoOIEQlXXi9IQB1U0QGs4E2EijLGK1ZCXSKWltezoZRjFrulP7_3cJ2RY6s1glb-gDfExDAo1v6Txq5Lv9iOZbBeoIDyTWTEd6W-xwZW4NYpWqKT1pPDQewE6UXHi30flYosOatz6e63dm78Zlb5TgH-3llK0DlWPp8C_hUTIF6FyGTfH-xgQW7OVwXIN7V-ZLjWPHDIV6_pmBNuemsCBBwbjCGY8RCoBjypbmetWIOeleEb0Wlxu5SUGV_OH9MZs4TqS_qtPtGuLK4VeNEXoZ8tZOVXLzYoQ1ZJb1RNKLqkAUkLcl7ldsRVYoRrqF3uk0jLBwS98hmYqMXAUDWW5AJsGdN902nOalcQd45vJamMxvVOoKZsfLP3To_A-buXnHmhWtuCMDz2R4Krf46IVCKjcfDi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 19:41:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OLNDNgTO6C1NwpzVzY7GSGP-wt0aOTpLxhpOx2uAcrPbHJU71lbRdxrNv5MfntGwy-XLpMJEKN7CRHaSqPoHxjPQZ7vC_ej8gjLCmddVwbEWnAJHiA0d3HtAn5Hiil6yfqWeKtaSMfoRpywI2pC49Mao9-IvMOsfR2RL3bn8YYhjf8HvaSnN5TFU6i3wQ_79cMGyq...
dozubatan.com/impression/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dozubatan.com/impression/OLNDNgTO6C1NwpzVzY7GSGP-wt0aOTpLxhpOx2uAcrPbHJU71lbRdxrNv5MfntGwy-XLpMJEKN7CRHaSqPoHxjPQZ7vC_ej8gjLCmddVwbEWnAJHiA0d3HtAn5Hiil6yfqWeKtaSMfoRpywI2pC49Mao9-IvMOsfR2RL3bn8YYhjf8HvaSnN5TFU6i3wQ_79cMGyq6EXlLm-jz0_E8ZmtTaivmKZmAOMeWgNkRuMuEz7bBFRvA_iwV1En-WIFNMJXABhe3BkxEJvtKpN8njO4LPW1ukgzNYFvXj6VjDNIhf98ZZ9uPgjnYk9jGnJ60wHdC3Yg8T30wOvArcv59NgcK-tOvjGqw448dZ7vGZnXsbru9HrHyuuAbPV3aqpp5pqgTuC70-s15Y=?_z=4296369&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Feurope.winestle.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
34979c18ee5247160ea9c7567be7c6d9
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:51 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
content-length
43
expires
Tue, 11 Jan 1994 10:00:00 GMT
01020141423258.png
littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/ Frame 0766 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/01020141423258.png
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4296369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9411bba13ac9d988cf2adddd933602dd8923d1cb8afb0241e4daa7a914d1ff1b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 19:41:51 GMT
cf-cache-status
HIT
age
1202
content-length
67442
last-modified
Wed, 19 Aug 2020 15:30:58 GMT
server
cloudflare
etag
"5f3d45b2-10772"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6c2411de1c7159e3-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
4296369
dozubatan.com/500/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4296369?excludes=6718185&oaid=93c482bf2b19427b8e18803ea124f0cb&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Feurope.winestle.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4296369
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dedc4066f47c8e0d8342e416eb3577a813c4499680177c4460a71ca193f4eb9e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://europe.winestle.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
45d60e67f5af8e2d57d97b241432f010
pragma
no-cache
date
Thu, 23 Dec 2021 19:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://europe.winestle.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
4296369
dozubatan.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4296369?excludes=6718185&oaid=93c482bf2b19427b8e18803ea124f0cb&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Feurope.winestle.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://europe.winestle.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 23 Dec 2021 19:41:51 GMT
content-length
0
allow
GET, OPTIONS
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
https://europe.winestle.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials
true
access-control-max-age
600
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://europe.winestle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 19:41:52 GMT
Last-Modified
Thu, 08 Apr 2021 14:22:06 GMT
Server
nginx
ETag
"606f118e-932"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
2354

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| _wpemojiSettings undefined| $ function| jQuery object| LWA function| ga object| letsLiveBlogJs object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| ScrollTrigger function| Cookies function| EvEmitter function| imagesLoaded object| zeenJS object| zeen object| _gsap function| _scrollTop function| _scrollLeft object| zenscroll object| zeen_23831 object| zeen_97518 object| zeen_29486 object| zeen_58944 object| zeen_58944_2 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| wp object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| zvuyat9a4d object| zfgformats function| onClickTrigger boolean| zfgloadedpopup function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| CleverCore number| CleverCoreRegistryLoaded boolean| zfgloadednative string| dt5i3wv4zpc object| webpushlogs object| google_llp number| google_lpabyc object| __ds3dcV__ object| regeneratorRuntime function| _retranber object| googletag object| sdk boolean| installOnFly object| _nps boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode number| ryq8olab9xp object| GoogleGcLKhOms object| google_image_requests

29 Cookies

Domain/Path Name / Value
toglooman.com/42 Name: OAID
Value: ca034578d3d34b7ab05f73f22a6c48a0
toglooman.com/42 Name: oaidts
Value: 1640288506
.winestle.com/ Name: _ga
Value: GA1.2.1673382888.1640288506
.winestle.com/ Name: _gid
Value: GA1.2.1630765453.1640288506
.winestle.com/ Name: _gat
Value: 1
bedrapiona.com/ Name: OAID
Value: 93c482bf2b19427b8e18803ea124f0cb
bedrapiona.com/ Name: oaidts
Value: 1640288506
.winestle.com/ Name: __gads
Value: ID=231682c2aa49d91f-2243bf710ecd0035:T=1640288506:RT=1640288506:S=ALNI_Mbj1JUN23A_p2k4r-PdNFXINUGbHQ
my.rtmark.net/ Name: ID
Value: 93c482bf2b19427b8e18803ea124f0cb
toglooman.com/ Name: scm
Value: 1
toglooman.com/ Name: oaidts
Value: 1640288506
europe.winestle.com/ Name: prefetchAd_4296372
Value: true
onmarshtompor.com/ Name: OAID
Value: 93c482bf2b19427b8e18803ea124f0cb
onmarshtompor.com/ Name: oaidts
Value: 1640288506
onmarshtompor.com/ Name: syncedCookie
Value: true
dozubatan.com/ Name: OAID
Value: 93c482bf2b19427b8e18803ea124f0cb
.doubleclick.net/ Name: DSID
Value: NO_DATA
toglooman.com/ Name: OAID
Value: 93c482bf2b19427b8e18803ea124f0cb
.doubleclick.net/ Name: IDE
Value: AHWqTUk6Sex6Xqx-rvcSOxzJfp5SYJxBY5DhJgK3flJ_MREd6COAigyTA4Mj1xF7tBs
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.quantserve.com/ Name: d
Value: ED4BCQGDJYEA
.quantserve.com/ Name: mc
Value: 61c4d0fc-96581-f99a2-3b4ad
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DF0F5D89-B9A3-4873-B1FA-DAEE039E322F
.casalemedia.com/ Name: CMID
Value: YcTQ-FdZNeiAppKiwZOTVAAA
.casalemedia.com/ Name: CMPS
Value: 701
.casalemedia.com/ Name: CMPRO
Value: 331
.casalemedia.com/ Name: CMST
Value: YcTQ-GHE0PwA
.agkn.com/ Name: ab
Value: 0001%3AfZjFrv1MvCTR5K%2FeIYvWRqZnnRqaD6ix
.agkn.com/ Name: u
Value: C|0CEApV418KVeNfAAAAAAAAQ13AQCAAQpAAAAAAA

5 Console Messages

Source Level URL
Text
network error URL: https://europe.winestle.com/wp-content/uploads/2021/08/nzuchitimes-logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://tagcachestaticx.com/tag.js
Message:
RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
network error URL: https://europe.winestle.com/sw.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcTQ_FdZNeiAppKiwZOTVAAAAUsAAAIB&google_gid=CAESEPpMZNYzxSyHjii_cCUMLyc&google_push=AYg5qPIeB0wUI1U1cSZQSlx0hPOoT8XDm-Bi2U_qvc3PTpLh36VIyt6u_WNEmsjtaqJ483DEkHqNj72zSuS_Gpu7W0O5hQ3Y3wKI7Q&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
bedrapiona.com
c0.wp.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dozubatan.com
europe.winestle.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
iclickcdn.com
image6.pubmatic.com
interstitial-07.com
littlecdn.com
my.rtmark.net
odr.mookie1.com
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
propeller-tracking.com
pseepsie.com
rtb.openx.net
scripts.cleverwebserver.com
sender.clevernt.com
static.cdnativepush.com
stats.wp.com
tagcachedataxrt.com
tagcachestaticx.com
toglooman.com
tpc.googlesyndication.com
ui.cleverwebserver.com
wholenicenews.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
13.52.238.177
139.45.195.254
139.45.195.8
139.45.197.156
139.45.197.163
139.45.197.234
139.45.197.237
139.45.197.239
139.45.197.240
139.45.197.243
139.45.197.250
142.250.185.162
142.250.185.66
148.69.64.76
185.64.190.78
188.72.201.86
192.0.76.3
192.0.77.2
192.0.77.37
2606:4700:10::6816:1974
2606:4700:20::681a:d76
2606:4700:3033::ac43:b4cb
2606:4700::6812:18f6
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
34.98.67.61
35.227.252.103
52.29.77.212
69.173.144.138
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
04eb2fa3eec44d66354f42914a9a2685eb18df4fa7e39070670e5cd5033f99c6
077f77c9c36b6609c8aee82deb6ca41f0d4e20dbd30eecd0e77771fd09a87655
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c698e1e4cdd04f02cbd8543c6ff22b27d9be893e5f6debb103dfc82abb02bde
0c7ccdab87edb21d33b1bb6b1b89c0ccb70ed2e7c3041d4fb50c19ca13ebcb72
0cff4b4602b8f8efd78f65a9200f91f118896b4d73e9ce9ab6d767c448cd8b31
0daed66217e6263737af4bd6233c747e72c2a22260902a65700d042cb1cc86f2
0db1307f6a0b0835f3e626c59fce69d45728dd851233448e7b5f6f0dccac8966
0ddb76640523c6ba9b797e889a6211e64092ce1be052a17fd4fe8be5fba39e72
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
103c69d4216ec4ee90d9bac8eb20fd496a6bd0f631c94206e3f3ef43a5cd4afd
12ac8ca9d08a9ccb93f4d1767734fe2cff8906dbac8399c93fb1a3d153607bf2
145fad24eb7918d9f4fbac0067d2a345916cf8a165daf1193c51f384aa9365ac
15a5a046d73a9f420931ffbd778efb57ff9a9911314acb0588087d80961dbd85
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c528106b3b64f22ce3e6eff0349438edaa2dbf29370df86eee22825ca1239c
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
21d86ec39200e69c8758314c29df763ef2f7d362df0a85cb0b104c9647b4ed94
21f7159f779abc6832ee237b5177c3ae661c0c013fede28aa58988cd86fe7066
22108cdb9905bd42dc68a722b926941604990f4f83c9879b6d74051e2cbc0c4f
23f26fcb58cf04a9261617db86591540b56bd9e4e18f3344c29531d9af9e612d
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
285a65887586bdd916135d1327678721175c06423f3c7aa73b21961abc5c335d
294dbecb399c41d34b8780845d7612c56bedbf9458a662c2ad33b3fe355c0c9e
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2c3ef33b0f8830caf193597123cf9c253c08d4005c5bc01e9c7e961415111516
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3b19af5e78dc234c16c43eb8deabb95f93e974378950e11572b04f335c00cbdf
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
422322a5b664a67b41d5548903029f24d41665edf71afa39bc31dc5b03c668c1
4628e1cab08e4343853e1f926514283e9f614872ec09169547a6c663f2ce3258
4ce18cdb2853cee920e0eba3183e7644402ed7ce950c6fb560afb1d95331c7c1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5aae0369c76bc55281bebc71084898e4bf09bec7be004078ee5d116382e5a14c
5bb69098cd037129dc08fe8283af51b4c474815004b9da491a088f1af510d3cc
5be3505d270ca2036db8778991368eae54a67ce1f56f2dc9d11458517135d11d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cd98d4fd7eb36d9950c28c106e094a5a1ad19d484c53765995a0534168cae22
5fe48e7e190ddae760c590392618332005f772e86656605b1cbfde40d2888374
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6499d7a5acc01d11387b9450ce12336cbadb6846f154263c891be9eea8df6a50
67954b0dbfc2117745b94a760df5826b5c28e5274d58249f5cbea6018c81e5c9
685b5d51c4619493b1b2ddce77f0b2e15af1e6a3970f0f1bc80dfcdbebc9d05e
6900806e24d334109c2b38dcdf7acfc9ef8a60675d76d13b934df6e4b50482b3
6eb5afa08cc6d6e825b8c4183ee6a556a452c65702fe583fdbcbda57840da2fa
756387852aec9c187327bfa587b6a252886dff244a3f1766df571549e81f3c49
7ac5b1667a5fe513dde2bf2d22b91aefc421f80bfb45d89b037b2a0b962b9bf3
7c7f4e853cee25c7356502ebc22d61182aab77f01d031546a39ad179a2f94ff3
7f780246b0441bd5682dd343c3ae875df8001facd9c7e838c98192a07d7be375
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
83221a748408810f43334ad990f0f84bb9c44188800ee458b0e454c40d9f0980
845f3bd26c45d4513054f9f1a9da06bfb0f3d2ebdf3feb3f346ef698f9577297
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
874f7e70f236990583595f2b63c9fde5902b619e2187d439bd5e76b49adb7065
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8a8e0a7c46f9beaa3434c9e0214920e30c9ff27147f070229538f05cafb46eeb
8d002423a54c1a6dc121d6afd4cc71a18737362c82eb70c5c379eb78c7c7c37d
9129c109e29ecd1817d0cb37d1fb3443e3d6a12dae36ff05a275b9ba481ee972
92f0dfe0e084827c6252cdce35159ec1e95d96f073f3840f711c1138f0cb4c33
93283ea9ddd3e6ef8f4917f48fd7a8c82c99c284aa3d485d93377199b9a7e6b5
9411bba13ac9d988cf2adddd933602dd8923d1cb8afb0241e4daa7a914d1ff1b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6ce7b0c6df1f16a194be60fca2ca5cff0726696f21fca2ae30d63009e221de
9c6dc7e2354a599e7d0fc65ca8a8d5901ccca1ef34b7fcb0779e2fc71fc24e24
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ed648b3788cb18d61d64d9ba4e0ca4f9deb73fa45c5d421dddec79c710f091
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d7d11ec63a4511fe2b76a9071d788d60363b0e15351cfa1c36fe87f0e5c9da
a5296f7bbfc59cf09652bb10123dfb52146d06572c4d84307824e8364a70d05a
a8d4dde7272bb3b69bb966b8aa5f05e5b909243163fa7ed373ec0b7be40bafc7
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
a9fc248e9ffbe418ae1be410a180cbada0b56d27218735fbba9c09edcfd209c5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad293ae72ab30f2459d65c438da017fb944577514c789f2053747d38a7bb4457
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b45dd854dac0d396b334aeb078088fa525794004e0a3e6f8f55fa029cfea75ff
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5b0eae002464780e0eb96e80438bf26f9d5144f52690beaa028bdaa26d40538
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b95f34976e43bddd7338391940a7bc1848d49de7da8b02274a5415d176fa7193
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c65b2e7467c44e0e93f814b06c1dfc4d5ea9869971f8981cda95f9eeb279ff80
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
cb5dd7aa31cd86683d07ff55c70f3c9f834e6d243f04e81ec1e6c02b6ebb0228
cd2002cdf21b9a1c068b3b6f24ece6d21d00ecdf3b14de9b37372425e8045e90
ce57e81cda80ca67eca9e884c973781f1a65802fc2d3292987249f5ab834812d
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d2b716c8e60d99ff6f4252f58cb9c9612ea525e421e6d61490e7f49a2c351aba
d7d3820cac85b4f074f0801e3c87c8c3b37b28730bfadefe6ea9a921bfce34bc
d80a5cefcc2aac1af68dcba0cf738b876d971257868cf60096d2639c79ec5e1b
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dae79ee46843cbcfeea7e54857ea947eb0fa56b9b3e6acea86b27e1d4f3f9e7e
dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a
ddfdfffe35ef08b04d1e71e6b0b8dd2d7e5a00f3ad06ab9f6401aa7b6edd3309
dedc4066f47c8e0d8342e416eb3577a813c4499680177c4460a71ca193f4eb9e
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e0da26d17f1f36babb962551c8f1fe9e41c560e948ca2516e16fd8a05bcbb27f
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e24e0055308d3a238cf0824312d0bdc7a57d9f0d8163aadb8caeb3ceaef48f19
e2b5a2e5a81f01797b0d6ad7c6d9f4d391a95fb4b12fa365495ac8180969fc41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83464359fc9771abd9ebaed81b4c33d0ba270400d7fb88b0dd8cb2acc368e40
e857ec16640c6c2388f25bcb088fe3fd9957df937e7c081af96fc0aebfc28085
e94d9d4dc2b917019e391f381898fb6a4b74937d274f17001cbaf63ffefcf5df
e981fe6cc545f5c582b88a68c71694233745fa62fc54024e5d4ac1b259b4df49
ea6ea01b5ab23276a8aeb42c4b56ca515fb0731a80b530b2fc05c34f1a362179
eac7206bbed48c1c84d787ea935299c7e6e8ad459457b67db7e27e998cbeab4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe3371c57b87c730e49d04336ab4d97d6025910e08c15d46e1e71af5f296829
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f45fe0b8842c5ce710f981eea0ec97803f21a3ff7412481a802fd37066aba3cd
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
fdc682321387a92ca85967bca90d9487129f17cf20fbb09f8f7847eda9acf9ed
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914