urlscan.io logo urlscan.io
SecurityTrails logo

www.euwarmwinter.com Open in urlscan Pro
2606:4700:3033::6815:29d3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://guanjieteng.mobobrother.workers.dev/
Effective URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnj...
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3033::6815:29d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.euwarmwinter.com.
TLS certificate: Issued by GTS CA 1P5 on May 19th 2024. Valid for: 3 months.
This is the only time www.euwarmwinter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3037::ac43:d946 (United States)

ASN13335 (CLOUDFLARENET, US)
guanjieteng.mobobrother.workers.dev
3    3.121.190.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-190-170.eu-central-1.compute.amazonaws.com
me6kid.maxconvtrk.com
5    2606:4700:3033::6815:29d3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.euwarmwinter.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    172.67.151.123 (United States)

ASN13335 (CLOUDFLARENET, US)
www.euwarmwinter.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
www.google.de
1    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
6    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
12 euwarmwinter.com
www.euwarmwinter.com
euwarmwinter.com Failed
1 MB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
6 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
79 KB
3 maxconvtrk.com
me6kid.maxconvtrk.com
4 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8088
126 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
www.google.com — Cisco Umbrella Rank: 5
321 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
409 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
177 KB
1 workers.dev
guanjieteng.mobobrother.workers.dev
493 B
35 10
Domain Requested by
12 www.euwarmwinter.com www.euwarmwinter.com
6 www.facebook.com www.euwarmwinter.com
4 connect.facebook.net www.euwarmwinter.com
connect.facebook.net
3 me6kid.maxconvtrk.com 1 redirects www.euwarmwinter.com
me6kid.maxconvtrk.com
2 www.google.de www.euwarmwinter.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.euwarmwinter.com
www.googletagmanager.com
1 www.google.com www.euwarmwinter.com
1 region1.analytics.google.com www.googletagmanager.com
1 guanjieteng.mobobrother.workers.dev 1 redirects
0 euwarmwinter.com Failed
35 12

This site contains links to these domains. Also see Links.

Domain
me6kid.maxconvtrk.com
Subject Issuer Validity Valid
euwarmwinter.com
GTS CA 1P5		 2024-05-19 -
2024-08-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.maxconvtrk.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-29 -
2024-06-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.de
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Frame ID: 77EBD9885CA6B14CA832BBD44564F82F
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Joint`s Optimizer

Page URL History Show full URLs

  1. https://guanjieteng.mobobrother.workers.dev/ HTTP 302
    https://me6kid.maxconvtrk.com/visit/a4c66381-b920-431e-aae3-4d266f0ee2f2?undefined HTTP 302
    https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

97 %
HTTPS

62 %
IPv6

10
Domains

12
Subdomains

13
IPs

3
Countries

1528 kB
Transfer

2192 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://guanjieteng.mobobrother.workers.dev/ HTTP 302
    https://me6kid.maxconvtrk.com/visit/a4c66381-b920-431e-aae3-4d266f0ee2f2?undefined HTTP 302
    https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.euwarmwinter.com/lp/joins/files/favicon.ico HTTP 301
  • https://euwarmwinter.com/lp/joins/files/favicon.ico

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.euwarmwinter.com/lp/joins/
Redirect Chain
  • https://guanjieteng.mobobrother.workers.dev/
  • https://me6kid.maxconvtrk.com/visit/a4c66381-b920-431e-aae3-4d266f0ee2f2?undefined
  • https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
68 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:29d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.19
Resource Hash
1a6bc8dab7bc0cb801206db8586a7f7ca0b269e69b5099edc88c13824d659b57

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89662b5df851012e-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 20:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FqVuVlDsOd1PwTJOlvgPx2jU3UnDfJy6fgunYBL7BOfc1j%2FgIRvNgQV5pBc7174Mx9U6vHgUpPEPY6UdJMp2HAOXGgxvlHvD%2BgtnkBMHhn5rMGk9HAXEoiv2fVJi6gJHDX3nylqEJg7vYwEXVNWANNLYlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.19

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Wed, 19 Jun 2024 20:11:38 GMT
expires
0
location
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive
dtime.js
www.euwarmwinter.com/lp/joins/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.euwarmwinter.com/lp/joins/files/dtime.js
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:29d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vrQRl6rExdWZL8il68Z2H0QGGz6LHitb7Tk8CzyOr8LUDQeJoS2lYhssJuJDwjF9shbR10Cw8z9IkH%2Be8Wq1UIiuMj4a6fbWGPgeI9EiKo%2FEybRoybL2MLgbCzugJTVnaMqGGaic6PPZTT31p994BdMYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
89662b5f99a2012e-AMS
alt-svc
h3=":443"; ma=86400
main.css
www.euwarmwinter.com/lp/joins/files/ 		616 B
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.euwarmwinter.com/lp/joins/files/main.css
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:29d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bea8f55190c3fef61019328b6fe70434d29549f34016396c8f133e901b769df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66716db7-268"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkLuiWXv%2BC3B5nLeAzaN3ThHyLj5sz0DzzJO06jEr7x4veEzoKRWMx9LoyP2%2FGA9TYqPBH446MHFw9CPImGBGoMAx8B8bxT%2FfHSV6UgcEvWZhCVrhywliN%2BoB%2FweEEj88k1hfXqqnQH1xAxd%2FxRjreeuXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
89662b5f99a0012e-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 20 Jun 2024 00:20:49 GMT
jquery.min.js
www.euwarmwinter.com/lp/joins/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.euwarmwinter.com/lp/joins/files/jquery.min.js
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:29d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDlM0qG6hgdZqQ9Gaqd%2FTSOCah%2FXaesq3dv%2BiwdCvGZFb3yGqmYsMhyGrrEsIFyH8jdtwpvcvv3pDp%2BMzyLcsmvZU%2BGb0bMvMSwGx7KX3VJHuQVMD7%2BPuVtVOBv97NRASQA1%2Blp5v8NwVlidNdwov9HpFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
89662b5fc9ca012e-AMS
alt-svc
h3=":443"; ma=86400
jquery.js
www.euwarmwinter.com/lp/joins/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.euwarmwinter.com/lp/joins/files/jquery.js
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:29d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Foh7JBqW9%2FQHzb0tm4P0su603Q08%2FyhtWOtzMES1lsc0tT25Gf%2FrAJPEe3i4w25u40rJ7KLOyhjonQ%2Bk8ol4X3mzw1KHnaAP8yE8zdz1WJfkEV229EEvBWVbx5MCXfGQ9JpuVYhyuOqDK%2BbWV0jz8uMIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
89662b5fc9cb012e-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-90046520-1
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5893ae64ecce0b74ff432de64d7cd9683daa48519fc6af0828766e7621b3cb63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73404
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Jun 2024 20:11:39 GMT
t.js
me6kid.maxconvtrk.com/t/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://me6kid.maxconvtrk.com/t/t.js
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.190.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-190-170.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8db64f18f79b8f057e70ebccc2e3e1ca35aa4ce9bb19191d92bab6c5c260d304

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
content-encoding
gzip
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=600
x-robots-tag
noindex, nofollow, noarchive
content-length
2906
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 20:11:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Jak9YGV7ijSSFJfUIUhcia+CkJyhAGPKU8sRQizCjsf+yHIqqYLd3pDaQ03Bg6BujOOSl261nAIVSbVT3hMmOw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
header.png
www.euwarmwinter.com/lp/joins/files/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.euwarmwinter.com/lp/joins/files/header.png
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6b7bf9f10f103572cd6ff5197c237f7af5b8ee04f7e795fe248fde1d3262be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:40 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66716db5-18ed2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxGsCXdKzMalN1cKEK1QwWevCmqZ7oIhMHN0CbxSm1FKF%2B4IMxTy3coPK8mK5iDCv4TsJshqIroUQZYHt0BA2H7rvhpzsATis0XrwhhNr9Inj%2FtdDQNY%2BJk6Q3rM%2BcGIl2klJPoT9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
89662b645b1e3721-FRA
alt-svc
h3=":443"; ma=86400
content-length
102098
expires
Thu, 18 Jul 2024 11:33:56 GMT
social.png
www.euwarmwinter.com/lp/joins/files/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.euwarmwinter.com/lp/joins/files/social.png
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42400328c15a7fdff63a22d570a710141fbc5e63870d0baf2b460dfcfe7a1ff5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66716dbb-11a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TY7k4htwBkp%2B7KPX0qvKLhCXQtMVWiZgmVOUKpwb1n2HSuqyMscgoNkZCX%2BJOIge3rHUpnBOaSFEFAE6gJmfaIN%2B35uud4SG0sGs0vgLbdG2h6HUMHwP7hbW9VVUNmY0U80trBEonQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
89662b645b223721-FRA
alt-svc
h3=":443"; ma=86400
content-length
4519
expires
Thu, 18 Jul 2024 11:33:56 GMT
doc1.jpg
www.euwarmwinter.com/lp/joins/files/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.euwarmwinter.com/lp/joins/files/doc1.jpg
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54371c8f047290e4be5cfbf285038ea758242f65e47d24c6633891f0d7c2e9d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66716db5-182ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qK67cn46cgcyCX0Rjjns5LC7Z4zIC3l%2BN7FaeGoePdFEfHZg1iEUye2ER3TieSZwlF0pKxK3JvxHFKmBB8MyXmVt3NNVQLEzbnecmQ2QHnmVbPCa24UiW%2BwKyt5p1U1NzUbzjAkfHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
89662b645b243721-FRA
alt-svc
h3=":443"; ma=86400
content-length
98987
expires
Thu, 18 Jul 2024 11:33:56 GMT
4.jpg
www.euwarmwinter.com/lp/joins/files/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.euwarmwinter.com/lp/joins/files/4.jpg
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc9bb674885e284be840ff4003e779815c52abbd55ecfb8440f3e4947b7b4eef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:40 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66716da6-f226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRFd2ZnP2MpsJVF%2BtKDMrEjEtmXr2FAYjonX%2FGg4k76bGnwyn98DgtadH6a5DraNZINSBQAIpCRv4xlHTrKVErxowmMEbKN20HYrMXIKUmPAc88xNCNcW3ryDJaI9iFIyQzfjK0fQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
89662b645b253721-FRA
alt-svc
h3=":443"; ma=86400
content-length
61990
expires
Thu, 18 Jul 2024 11:33:56 GMT
my-img3.jpg
www.euwarmwinter.com/lp/joins/files/ 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.euwarmwinter.com/lp/joins/files/my-img3.jpg
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82f8af2f630bd41fd177c64d6a33e0681ce3694ac3ed64f0d851ab9ae1a5958

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66716dba-4bcb9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwOVsY0Z1UD%2FCSgQh2jqLQf3XrGtvwpH3W7Ra3VPhLwyJmoxMbyq7oWrss%2FdYh8I9eMxTLHUoGDtNqVyxCXr8mDJxSR6A84CXp64RgbyqhpuAqjZMEheFXcBEfTgrgrDnINt6Vii3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
89662b645b283721-FRA
alt-svc
h3=":443"; ma=86400
content-length
310457
expires
Thu, 18 Jul 2024 11:33:56 GMT
my-img4.jpg
www.euwarmwinter.com/lp/joins/files/ 		566 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.euwarmwinter.com/lp/joins/files/my-img4.jpg
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
718632aa29e5a1c147b83023a27c3a56fc843f67e31041f79960c1dbba612cc4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66716dba-8d600"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYOqt37afZpHOHbylrEQDzepxKqoPc0tPnR71xryqMDW4y8P7CbMoWHhET9z%2FhjG8xSOX6diubDtto5J%2BEOG7P1X0xMGQXSVV4XnIYr3ojEDTzdXYMk44qHVJ%2F2K60MF6O5HUl2tlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
89662b645b293721-FRA
alt-svc
h3=":443"; ma=86400
content-length
579072
expires
Thu, 18 Jul 2024 11:33:56 GMT
my-img5.jpg
www.euwarmwinter.com/lp/joins/files/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.euwarmwinter.com/lp/joins/files/my-img5.jpg
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af318004a15528595cfeef26560a541daf2c3b5d5abe053d16448a0664be2eb1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 11:21:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66716dba-16d31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iL%2FCxkMk%2FmRvG1Xj10PzXYe407SC9y%2BusvhiVp0VDvIybh4wO6qG7a%2FdqnTR%2FfL5mTfxDcFGAen9fBQrkSbu23ATs6ferVnSYw6bnJc%2BXdHNGA4MKYKNuq6AypHO7pggJyp05FWhyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
89662b645b2a3721-FRA
alt-svc
h3=":443"; ma=86400
content-length
93489
expires
Thu, 18 Jul 2024 11:33:56 GMT
js
www.googletagmanager.com/gtag/ 		319 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-79V0BPD6ZS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90046520-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f87f64abc3855e8cb788e4b656e6617707ae8abdd67917923225d1df5032185a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 20:11:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107551
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Jun 2024 20:11:39 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90046520-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Jun 2024 19:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1836
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 19 Jun 2024 21:41:03 GMT
346844421064894
connect.facebook.net/signals/config/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/346844421064894?v=2.9.158&r=stable&domain=www.euwarmwinter.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da42ea67f34ae29d2f4b5a17e94b06d1bd435f36e2381d2fb67342e086dae05d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 20:11:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=63, mss=1297, tbw=63563, tp=-1, tpl=-1, uplat=77, ullat=0
pragma
public
x-fb-debug
nO8YZ8w3Gf2Kwfz/Pl4cmEDJFLAbzIgEgeOmRtOaZIm/qH3Rrr8Z8VM2TEo4u6XAMruIVFBJMvGp80/yaYqO4g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
log
me6kid.maxconvtrk.com/visit/ 		285 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://me6kid.maxconvtrk.com/visit/log?pl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D
Requested by
Host: me6kid.maxconvtrk.com
URL: https://me6kid.maxconvtrk.com/t/t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.121.190.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-190-170.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
33e92a91688b9c1bd39496d4155f7954aba426ba9c58c3e7cd333be9e2b77314

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.euwarmwinter.com/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 20:11:39 GMT
content-encoding
gzip
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-max-age
600
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
noindex, nofollow, noarchive
content-length
199
expires
0
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2146535397&t=pageview&_s=1&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&ul=de-de&de=UTF-8&dt=Joint%60s%20Optimizer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=799001131&gjid=280560258&cid=1195467309.1718827900&tid=UA-90046520-1&_gid=1266998765.1718827900&_r=1&gtm=457e46h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1241714901
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 20:11:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.euwarmwinter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
953639239446785
connect.facebook.net/signals/config/ 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/953639239446785?v=2.9.158&r=stable&domain=www.euwarmwinter.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0c49a00ed110dc8274805135e2663416a6dce4e662f7233b57a905863cc8e396
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 20:11:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4328, tp=9, tpl=0, uplat=140, ullat=0
pragma
public
x-fb-debug
Jq+/LTbpYsQA8aWZDhgL6Cz7OXcwttdHr6O3QzrpZqWSOnBdr4UowrmJVKOGzipQ/Zl8Y3vyN8O2KL7Ewu7OsA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90046520-1&cid=1195467309.1718827900&jid=799001131&gjid=280560258&_gid=1266998765.1718827900&npa=1&_u=YEBAAUAAAAAAACAAI~&z=190620521
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 20:11:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.euwarmwinter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-79V0BPD6ZS&gtm=45je46h0v896467567za200&_p=1718827899482&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1195467309.1718827900&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718827900&sct=1&seg=0&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&dt=Joint%60s%20Optimizer&en=page_view&_fv=1&_ss=1&tfd=2105&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79V0BPD6ZS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 20:11:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.euwarmwinter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-79V0BPD6ZS&cid=1195467309.1718827900&gtm=45je46h0v896467567za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79V0BPD6ZS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 20:11:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.euwarmwinter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-79V0BPD6ZS&cid=1195467309.1718827900&gtm=45je46h0v896467567za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1337911954
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 20:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90046520-1&cid=1195467309.1718827900&jid=799001131&npa=1&_u=YEBAAUAAAAAAACAAI~&z=404819207
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 20:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90046520-1&cid=1195467309.1718827900&jid=799001131&npa=1&_u=YEBAAUAAAAAAACAAI~&z=404819207
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 20:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
500878937889932
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/500878937889932?v=2.9.158&r=stable&domain=www.euwarmwinter.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
5612d42c7bd1bff66bc0263f22d0fcccd96aabd503d4a7ffe46ff60ffc5759e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 20:11:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=27, mss=1232, tbw=9752, tp=16, tpl=0, uplat=65, ullat=0
pragma
public
x-fb-debug
tSaK2X+NLtHRPG4aM0xzmPeMgg4x+nw5Z2LB+SYH5ahV7xI2wR8CHh3ZMdzsARPbliSL0HAOk+V1yDh6JfcHzA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=346844421064894&ev=PageView&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&rl=&if=false&ts=1718827900243&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718827900240.18317206625757840&ler=empty&cdl=API_unavailable&it=1718827899727&coo=false&rqm=GET
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=3170, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 20:11:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=346844421064894&ev=PageView&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&rl=&if=false&ts=1718827900243&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718827900240.18317206625757840&ler=empty&cdl=API_unavailable&it=1718827899727&coo=false&rqm=FGET
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9961688991f66a95","source_keys":["1","2"]},{"key_piece":"0xe28514839a89011a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 20:11:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382309619725016573", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=16, mss=1297, tbw=3358, tp=-1, tpl=-1, uplat=131, ullat=0
pragma
no-cache
x-fb-debug
xRm76Bf/LvQSIjRAcBogc9cmPqODIFnfh6NDOkfWuwWg8OwYsp6I9AvK48u4kYmHewO8IAF7gTUC5uSueYgkZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382309619725016573"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=953639239446785&ev=PageView&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&rl=&if=false&ts=1718827900244&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718827900240.18317206625757840&ler=empty&cdl=API_unavailable&it=1718827899727&coo=false&rqm=GET
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2883, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 20:11:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=953639239446785&ev=PageView&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&rl=&if=false&ts=1718827900244&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718827900240.18317206625757840&ler=empty&cdl=API_unavailable&it=1718827899727&coo=false&rqm=FGET
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa7a70908438463c7","source_keys":["1","2"]},{"key_piece":"0x78245c1c086f575c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 20:11:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382309619536172726", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=16, mss=1297, tbw=6556, tp=-1, tpl=-1, uplat=191, ullat=0
pragma
no-cache
x-fb-debug
xtzVEhcBDLLG1nW39myiys9t1O7Q9GTFnIBREsvv03/KYdIErehu2cC90YtLw7axqrknxVU9cLHT1Q+T60sjPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382309619536172726"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=500878937889932&ev=PageView&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&rl=&if=false&ts=1718827900247&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718827900240.18317206625757840&ler=empty&cdl=API_unavailable&cs_est=true&it=1718827899727&coo=false&rqm=GET
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=3170, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 20:11:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=500878937889932&ev=PageView&dl=https%3A%2F%2Fwww.euwarmwinter.com%2Flp%2Fjoins%2Findex.php%3Fcity%3D%26region%3D%26mc_attr%3Dc%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D&rl=&if=false&ts=1718827900247&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718827900240.18317206625757840&ler=empty&cdl=API_unavailable&cs_est=true&it=1718827899727&coo=false&rqm=FGET
Requested by
Host: www.euwarmwinter.com
URL: https://www.euwarmwinter.com/lp/joins/index.php?city=&region=&mc_attr=c%3Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%3Dlxm9r2fnjruu80dqh7ydkolxuy..d%3D0-0-0-0-1..l%3D17188278983..e%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.euwarmwinter.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x363027726b7c9bad","source_keys":["1","2"]},{"key_piece":"0x6e01a9a5b1876bc5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 20:11:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382309618807616536", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=16, mss=1297, tbw=7826, tp=-1, tpl=-1, uplat=290, ullat=0
pragma
no-cache
x-fb-debug
B5jf3w4QZx0CflneIwJEkrmSzEjfrrGxpih1Di423w8PHGzVsUKfJrGeFxwvayNlhYGek13rCTwQxv5lM7IKng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382309618807616536"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
euwarmwinter.com/lp/joins/files/
Redirect Chain
  • https://www.euwarmwinter.com/lp/joins/files/favicon.ico
  • https://euwarmwinter.com/lp/joins/files/favicon.ico
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
euwarmwinter.com
URL
https://euwarmwinter.com/lp/joins/files/favicon.ico

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| maxconv function| fbq function| _fbq function| random number| nums object| mydate number| year number| day number| month number| daym object| dayarray object| montharray function| showCliamLayer function| hideCliamLayer function| hideFooter function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

9 Cookies

Domain/Path Name / Value
me6kid.maxconvtrk.com/ Name: mc_attr
Value: c%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r2fnjruu80dqh7ydkolxuy..d%253D0-0-0-0-1..l%253D17188278983..e%253D
.maxconvtrk.com/ Name: mc_clid
Value: lxm9r2fnjruu80dqh7ydkolxuy
.euwarmwinter.com/ Name: _gid
Value: GA1.2.1266998765.1718827900
.euwarmwinter.com/ Name: _gat_gtag_UA_90046520_1
Value: 1
.euwarmwinter.com/ Name: mc_vret
Value: %7B%22domain%22%3A%22me6kid.maxconvtrk.com%22%2C%22campaign_id%22%3A%22a4c66381-b920-431e-aae3-4d266f0ee2f2%22%2C%22click_id%22%3A%22lxm9r3l0qpmp3rdhuj4glilqa9%22%2C%22mc_attr%22%3A%22c%253Da4c66381-b920-431e-aae3-4d266f0ee2f2..m%253Dlxm9r3l0qpmp3rdhuj4glilqa9..l%253D17188278998..e%253D%22%2C%22mc_tid%22%3A%220-0-0-0-1%22%2C%22tokens%22%3A%5B%5D%7D
.euwarmwinter.com/ Name: mc_clid
Value: lxm9r3l0qpmp3rdhuj4glilqa9
.euwarmwinter.com/ Name: _ga_79V0BPD6ZS
Value: GS1.1.1718827900.1.0.1718827900.60.0.0
.euwarmwinter.com/ Name: _ga
Value: GA1.1.1195467309.1718827900
.euwarmwinter.com/ Name: _fbp
Value: fb.1.1718827900240.18317206625757840

3 Console Messages

Source Level URL
Text
network error URL: https://www.euwarmwinter.com/lp/joins/files/dtime.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.euwarmwinter.com/lp/joins/files/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.euwarmwinter.com/lp/joins/files/jquery.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
euwarmwinter.com
guanjieteng.mobobrother.workers.dev
me6kid.maxconvtrk.com
region1.analytics.google.com
stats.g.doubleclick.net
www.euwarmwinter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
euwarmwinter.com
142.250.185.228
157.240.0.6
172.217.18.3
172.67.151.123
2001:4860:4802:34::36
2606:4700:3033::6815:29d3
2606:4700:3037::ac43:d946
2a00:1450:4001:80f::2008
2a00:1450:4001:81c::200e
2a00:1450:400c:c0b::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.121.190.170
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0c49a00ed110dc8274805135e2663416a6dce4e662f7233b57a905863cc8e396
1a6b7bf9f10f103572cd6ff5197c237f7af5b8ee04f7e795fe248fde1d3262be
1a6bc8dab7bc0cb801206db8586a7f7ca0b269e69b5099edc88c13824d659b57
33e92a91688b9c1bd39496d4155f7954aba426ba9c58c3e7cd333be9e2b77314
42400328c15a7fdff63a22d570a710141fbc5e63870d0baf2b460dfcfe7a1ff5
4bea8f55190c3fef61019328b6fe70434d29549f34016396c8f133e901b769df
54371c8f047290e4be5cfbf285038ea758242f65e47d24c6633891f0d7c2e9d1
5612d42c7bd1bff66bc0263f22d0fcccd96aabd503d4a7ffe46ff60ffc5759e1
5893ae64ecce0b74ff432de64d7cd9683daa48519fc6af0828766e7621b3cb63
718632aa29e5a1c147b83023a27c3a56fc843f67e31041f79960c1dbba612cc4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8db64f18f79b8f057e70ebccc2e3e1ca35aa4ce9bb19191d92bab6c5c260d304
a82f8af2f630bd41fd177c64d6a33e0681ce3694ac3ed64f0d851ab9ae1a5958
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af318004a15528595cfeef26560a541daf2c3b5d5abe053d16448a0664be2eb1
bc9bb674885e284be840ff4003e779815c52abbd55ecfb8440f3e4947b7b4eef
da42ea67f34ae29d2f4b5a17e94b06d1bd435f36e2381d2fb67342e086dae05d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f87f64abc3855e8cb788e4b656e6617707ae8abdd67917923225d1df5032185a