www.wintergreenresort.com Open in urlscan Pro
2606:4700:10::ac43:1b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=...
Submission: On November 10 via manual (November 10th 2022, 12:08:43 am UTC) from US — Scanned from DE

Summary HTTP 320 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 62 IPs in 10 countries across 58 domains to perform 320 HTTP transactions. The main IP is 2606:4700:10::ac43:1b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wintergreenresort.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.

This is the only time www.wintergreenresort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:10:... 2606:4700:10::ac43:1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.125.15.90 199.125.15.90	46089 (AS2-NAVIS) (AS2-NAVIS)
2	2606:4700:10:... 2606:4700:10::6816:227f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.67.75.33 172.67.75.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
10	23.3.109.5 23.3.109.5	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	20.61.56.250 20.61.56.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 20	2606:4700:303... 2606:4700:3038::6815:eb4d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	18.64.78.252 18.64.78.252	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.96.5.142 3.96.5.142	16509 (AMAZON-02) (AMAZON-02)
1 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
14	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	52.239.221.68 52.239.221.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
9	2606:4700:20:... 2606:4700:20::ac43:476d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.18.232.236 2.18.232.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	3.127.128.151 3.127.128.151	16509 (AMAZON-02) (AMAZON-02)
1 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	54.238.220.104 54.238.220.104	16509 (AMAZON-02) (AMAZON-02)
8 9	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	184.86.251.220 184.86.251.220	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	44.207.237.180 44.207.237.180	14618 (AMAZON-AES) (AMAZON-AES)
1	52.48.248.127 52.48.248.127	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.253.119.106 34.253.119.106	16509 (AMAZON-02) (AMAZON-02)
2 2	34.195.237.112 34.195.237.112	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550e:c4e3:3eb9:eebf:6813	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.209.158.131 52.209.158.131	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.124.255.42 3.124.255.42	16509 (AMAZON-02) (AMAZON-02)
1 1	3.127.73.37 3.127.73.37	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	35.213.109.249 35.213.109.249	15169 (GOOGLE) (GOOGLE)
1	107.178.248.96 107.178.248.96	15169 (GOOGLE) (GOOGLE)
1	13.225.78.5 13.225.78.5	16509 (AMAZON-02) (AMAZON-02)
1	124.146.215.52 124.146.215.52	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	35.186.196.148 35.186.196.148	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
320	62

37 2606:4700:10::ac43:1b (United States)

ASN13335 (CLOUDFLARENET, US)

www.wintergreenresort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.125.15.90 (United States)

ASN46089 (AS2-NAVIS, US)
PTR: ncdb.hil.us.thenavisway.com

www.navistechnologies.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:227f (United States)

ASN13335 (CLOUDFLARENET, US)

media.guestdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.75.33 (United States)

ASN13335 (CLOUDFLARENET, US)

snapwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.3.109.5 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-109-5.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.61.56.250 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ui.customsearch.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3038::6815:eb4d (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

www.resortcams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.78.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-78-252.txl50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.96.5.142 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-96-5-142.ca-central-1.compute.amazonaws.com

www.sc.pages08.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pages08.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.221.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

hosteduxprod.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tk.appnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::ac43:476d (United States)

ASN13335 (CLOUDFLARENET, US)

scontent.cdnsnapwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.128.151 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-128-151.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.238.220.104 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-220-104.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 77.243.60.138 (Aalborg, Denmark) 8 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-220.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.237.180 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-237-180.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.248.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-127.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

su.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.119.106 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-119-106.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.237.112 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-237-112.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:c4e3:3eb9:eebf:6813 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.158.131 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-158-131.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.255.42 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-255-42.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.73.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-73-37.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.109.249 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com

y.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.248.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.248.178.107.bc.googleusercontent.com

penta.a.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-5.fra2.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.196.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.196.186.35.bc.googleusercontent.com

sync.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	youtube.com www.youtube.com — Cisco Umbrella Rank: 94 Failed	5 MB
37	wintergreenresort.com www.wintergreenresort.com	5 MB
32	gstatic.com fonts.gstatic.com www.gstatic.com	364 KB
21	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 static.doubleclick.net — Cisco Umbrella Rank: 421 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	4 KB
20	resortcams.com 5 redirects www.resortcams.com — Cisco Umbrella Rank: 767186	18 KB
19	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 349	121 KB
12	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1362 sync.mathtag.com — Cisco Umbrella Rank: 723	10 KB
10	appnet.com tk.appnet.com	320 KB
10	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	731 KB
9	semasio.net 8 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1916 se.semasio.net — Cisco Umbrella Rank: 24065	5 KB
9	cdnsnapwidget.com scontent.cdnsnapwidget.com — Cisco Umbrella Rank: 272209	706 KB
9	snapwidget.com snapwidget.com — Cisco Umbrella Rank: 46604	29 KB
7	google.com www.google.com — Cisco Umbrella Rank: 17 region1.analytics.google.com — Cisco Umbrella Rank: 3868	57 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1648 k.clarity.ms — Cisco Umbrella Rank: 11359 c.clarity.ms — Cisco Umbrella Rank: 2370	57 KB
7	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1451	43 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	229 B
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 690 ib.adnxs.com — Cisco Umbrella Rank: 313	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	40 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	199 KB
3	impact-ad.jp 2 redirects y.one.impact-ad.jp — Cisco Umbrella Rank: 4902 penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 92391	2 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 900 i6.liadm.com — Cisco Umbrella Rank: 2234	1 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 935	627 B
3	google.de www.google.de — Cisco Umbrella Rank: 3590	674 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 712	763 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 759 d.agkn.com — Cisco Umbrella Rank: 913	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1112	838 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 285	2 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1882 beacon.krxd.net — Cisco Umbrella Rank: 774	501 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 799	1 KB
2	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3069	983 B
2	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2520	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 415	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 407	501 B
2	windows.net hosteduxprod.blob.core.windows.net — Cisco Umbrella Rank: 190915	13 KB
2	pages08.net www.sc.pages08.net — Cisco Umbrella Rank: 98377 www.pages08.net — Cisco Umbrella Rank: 101245	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	159 KB
2	guestdesk.com media.guestdesk.com — Cisco Umbrella Rank: 772856	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 445	556 B
1	fout.jp sync.rfp.fout.jp — Cisco Umbrella Rank: 11970	284 B
1	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1530	727 B
1	adtdp.com ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 8177	802 B
1	navdmp.com sync.navdmp.com — Cisco Umbrella Rank: 14821	186 B
1	addthis.com su.addthis.com — Cisco Umbrella Rank: 4409	95 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 982	699 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2184	486 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 4415	44 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1296	316 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1492	533 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 578	98 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 785	459 B
1	openx.net jp-u.openx.net — Cisco Umbrella Rank: 7685	273 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1407	555 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 483	239 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 993	12 KB
1	customsearch.ai ui.customsearch.ai — Cisco Umbrella Rank: 205753	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 959	33 KB
1	navistechnologies.info www.navistechnologies.info — Cisco Umbrella Rank: 186339	7 KB
320	58

	Domain	Requested by
53	www.youtube.com	www.wintergreenresort.com www.googletagmanager.com www.youtube.com
37	www.wintergreenresort.com	www.wintergreenresort.com static.cloudflareinsights.com
20	www.resortcams.com	5 redirects www.wintergreenresort.com www.resortcams.com static.cloudflareinsights.com
19	jnn-pa.googleapis.com	www.youtube.com
18	www.gstatic.com	cdn.jsdelivr.net www.gstatic.com www.youtube.com
14	fonts.gstatic.com	www.youtube.com
10	tk.appnet.com	www.resortcams.com tk.appnet.com
10	cdn.jsdelivr.net	www.resortcams.com
10	googleads.g.doubleclick.net	3 redirects www.googletagmanager.com www.youtube.com www.wintergreenresort.com
10	pixel.mathtag.com	www.wintergreenresort.com pixel.mathtag.com
9	scontent.cdnsnapwidget.com	snapwidget.com
9	snapwidget.com	www.wintergreenresort.com snapwidget.com static.cloudflareinsights.com
7	static.cloudflareinsights.com	www.wintergreenresort.com snapwidget.com www.resortcams.com
6	www.google.com	www.wintergreenresort.com www.youtube.com
5	se.semasio.net	4 redirects
5	static.doubleclick.net	www.youtube.com
4	uipglob.semasio.net	4 redirects
4	cm.g.doubleclick.net	3 redirects www.wintergreenresort.com
4	www.facebook.com	1 redirects www.wintergreenresort.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com snapwidget.com www.wintergreenresort.com
4	connect.facebook.net	www.wintergreenresort.com connect.facebook.net
3	k.clarity.ms	www.clarity.ms
3	tr.snapchat.com	sc-static.net www.wintergreenresort.com
3	www.google.de	www.wintergreenresort.com
2	c.clarity.ms	1 redirects
2	y.one.impact-ad.jp	2 redirects
2	pixel.tapad.com	1 redirects www.wintergreenresort.com
2	sync.crwdcntrl.net	1 redirects www.wintergreenresort.com
2	i.liadm.com	2 redirects
2	dpm.demdex.net	1 redirects www.wintergreenresort.com
2	sync.search.spotxchange.com	1 redirects www.wintergreenresort.com
2	track.adform.net	2 redirects
2	ads.betweendigital.com	1 redirects www.wintergreenresort.com
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects www.wintergreenresort.com
2	ups.analytics.yahoo.com	1 redirects www.wintergreenresort.com
2	ib.adnxs.com	2 redirects
2	sync.mathtag.com	1 redirects www.wintergreenresort.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	hosteduxprod.blob.core.windows.net	ui.customsearch.ai hosteduxprod.blob.core.windows.net
2	secure.adnxs.com	1 redirects www.wintergreenresort.com
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	www.googletagmanager.com	www.wintergreenresort.com www.googletagmanager.com
2	media.guestdesk.com	www.wintergreenresort.com
1	www.pages08.net
1	c.bing.com	1 redirects
1	sync.rfp.fout.jp	www.wintergreenresort.com
1	tg.socdm.com	www.wintergreenresort.com
1	ad.as.amanad.adtdp.com	www.wintergreenresort.com
1	penta.a.one.impact-ad.jp
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	sync.navdmp.com	www.wintergreenresort.com
1	i6.liadm.com	www.wintergreenresort.com
1	su.addthis.com	www.wintergreenresort.com
1	beacon.krxd.net	www.wintergreenresort.com
1	usermatch.krxd.net	1 redirects
1	ads.stickyadstv.com	www.wintergreenresort.com
1	dsp.adfarm1.adition.com	1 redirects
1	cs.adingo.jp	www.wintergreenresort.com
1	ce.lijit.com	www.wintergreenresort.com
1	sync.go.sonobi.com	www.wintergreenresort.com
1	idsync.rlcdn.com	www.wintergreenresort.com
1	stags.bluekai.com	www.wintergreenresort.com
1	jp-u.openx.net	www.wintergreenresort.com
1	image2.pubmatic.com	www.wintergreenresort.com
1	pixel.rubiconproject.com	www.wintergreenresort.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.sc.pages08.net	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	ui.customsearch.ai	www.wintergreenresort.com
1	code.jquery.com	www.wintergreenresort.com
1	www.navistechnologies.info	www.wintergreenresort.com
320	73

This site contains links to these domains. Also see Links.

Domain
owc.enterprise.earthnetworks.com
www.wintergreenrealestate.com
members.wintergreenresort.com
secure.wintergreenresort.com
www.tripadvisor.com
wintergreenresort.ltibooking.com
www.youtube.com
www.facebook.com
instagram.com
apps.apple.com
play.google.com
www.wtgpoa.org
www.twnf.org
wintergreen-music.org
wintergreenadaptivesports.org
wtgsportingclub.org
www.twitter.com
www.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
ncdb.hil.us.thenavisway.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-11-08`	a year	crt.sh
*.guestdesk.com Go Daddy Secure Certificate Authority - G2	`2022-01-13` - `2023-02-14`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.customsearch.ai Microsoft Azure TLS Issuing CA 06	`2022-09-13` - `2023-09-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.engage8.silverpop.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-02` - `2023-05-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2022-09-22` - `2023-09-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.as.amanad.adtdp.com Amazon	`2022-03-07` - `2023-04-05`	a year	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.rfp.fout.jp RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-08-31`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Frame ID: 3B1632B6A027F6075498BB7E7BEDC793
Requests: 79 HTTP requests in this frame

Frame: https://www.resortcams.com/webcams/wintergreen/iframe/
Frame ID: D557B9A0E523AFDC031EE21CAF021F47
Requests: 10 HTTP requests in this frame

Frame: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
Frame ID: 3B5ED567983C1C1DD2B42EA2B1EAE427
Requests: 10 HTTP requests in this frame

Frame: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
Frame ID: 7F18AD706E2E1838D8230A097871A6E6
Requests: 10 HTTP requests in this frame

Frame: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
Frame ID: 5A7B828B7D534CCFB12B8FD31F1258FF
Requests: 10 HTTP requests in this frame

Frame: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
Frame ID: B77D85F17F8792C4BDDFBD8CB7E7E842
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
Frame ID: 6E23478243A1087C01D9CF388974F59F
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
Frame ID: 183704207DA062A3A0C6623221F69072
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
Frame ID: 98C1CDFC3656E62475C4C6983FAB2747
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
Frame ID: 4BA023DD4D90760960A3A1BD213FEF50
Requests: 34 HTTP requests in this frame

Frame: https://snapwidget.com/embed/308412
Frame ID: FB7C5C76688991BBB787C7FE742D6070
Requests: 20 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
Frame ID: C13DEB3982ED8CF686E18E1F515E8D8E
Requests: 35 HTTP requests in this frame

Frame: https://www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668038400
Frame ID: 8292B29536AED04D9255FFEE9E45642D
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=71cc2b07-77b6-4b49-9478-51a6654d08c4&u_scsid=eac6c23d-f8e3-4e26-8a05-ffbbb44f37af&u_sclid=9c239e7b-721e-4dea-997d-0d8256b66347
Frame ID: 365B23D9D9CE921C09A6FF735A2EBC9D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df406bca53b7c18%2526domain%253Dwww.wintergreenresort.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.wintergreenresort.com%25252Ff1b64ce8af1c3cc%2526relation%253Dparent.parent%26container_width%3D0%26height%3D540%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWintergreenResort%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D500
Frame ID: 8932ABCE0B37F1E827805DE70B9F871C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wintergreen Resort, Premier Blue Ridge Mountain Virginia Vacation and Ski Resort

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Glyphicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

320
Requests

86 %
HTTPS

37 %
IPv6

58
Domains

73
Subdomains

62
IPs

10
Countries

13069 kB
Transfer

32372 kB
Size

82
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://owc.enterprise.earthnetworks.com/OnlineWeatherCenter.aspx?aid=7184

Search URL Search Domain Scan URL

URL: https://www.wintergreenrealestate.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://members.wintergreenresort.com/
Title: Membership

Search URL Search Domain Scan URL

URL: https://secure.wintergreenresort.com/SpaRequest/Default.aspx
Title: Spa Reservation Request

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/Hotel_Review-g58322-d116021-Reviews-Wintergreen_Resort-Wintergreen_Virginia.html

Search URL Search Domain Scan URL

URL: https://wintergreenresort.ltibooking.com/purchase-path/product-details/15740?sessionGUID=4bc4675a-cb06-87eb-82c9-7369edd58044&_ga=2.127166029.1746087592.1667834805-1257373555.1612367759&webSyncID=a8bc8cc7-d9e0-ba09-ae64-e975ad53b87a&sessionGUID=612bc615-68a2-1d33-8306-3921ca89ec84&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Title: Buy Your Quad Pack Now

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/WintergreenResortVA
Title: YouTube channel

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WintergreenResort

Search URL Search Domain Scan URL

URL: https://instagram.com/wintergreenresortva/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/wintergreen-resort/id1489657849?ls=1
Title: Apple Download

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.resortstapped.WINTERGREEN
Title: Android Download

Search URL Search Domain Scan URL

URL: https://www.wtgpoa.org/hike
Title: Hike Wintergreen

Search URL Search Domain Scan URL

URL: https://www.twnf.org/
Title: The Nature Foundation at Wintergreen

Search URL Search Domain Scan URL

URL: https://wintergreen-music.org/
Title: Wintergreen Performing Arts

Search URL Search Domain Scan URL

URL: https://wintergreenadaptivesports.org/
Title: Wintergreen Adaptive Sports

Search URL Search Domain Scan URL

URL: https://wtgsportingclub.org/
Title: Wintergreen Sporting Club

Search URL Search Domain Scan URL

URL: https://www.wtgpoa.org/home
Title: Wintergreen Community

Search URL Search Domain Scan URL

URL: https://www.twitter.com/WintergreenVA

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wtg664/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wintergreenresortva/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.resortcams.com/embed.php?cam=wintergreen HTTP 301
https://www.resortcams.com/webcams/wintergreen/iframe/

Request Chain 43

https://www.resortcams.com/embed.php?cam=wintergreen-stony-creek-golf HTTP 301
https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/

Request Chain 44

https://www.resortcams.com/embed.php?cam=wintergreen-devils-knob-golf HTTP 301
https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/

Request Chain 45

https://www.resortcams.com/embed.php?cam=wintergreen-slopeside HTTP 301
https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/

Request Chain 46

https://www.resortcams.com/embed.php?cam=wintergreen-blue-ridge-express HTTP 301
https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/

Request Chain 63

https://secure.adnxs.com/seg?add=2890493&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2

Request Chain 152

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 154

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 156

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 165

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=drpjbED0SwC1RRxG-cioQQ HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESELyLgEfQjvaUBlJsZXWmdyc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=drpjbED0SwC1RRxG-cioQQ

Request Chain 278

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8598202313157639348

Request Chain 280

https://ups.analytics.yahoo.com/ups/55938/sync?uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55938/sync?uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_origin=1&verify=true

Request Chain 283

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&C=1

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESENJ5BtXz2qZFR0Q5rs15rjI&google_cver=1

Request Chain 289

https://x.bidswitch.net/sync?dsp_id=80&user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&expires=30 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=36e51811-dc16-4164-a6bb-5b3b7b0d6acb HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=36e51811-dc16-4164-a6bb-5b3b7b0d6acb&crf=1

Request Chain 291

https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=76ba636c-40f4-4b00-b545-1c46f9c8a841&sInitiator=external HTTP 302
https://uipglob.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=76ba636c-40f4-4b00-b545-1c46f9c8a841&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=76ba636c-40f4-4b00-b545-1c46f9c8a841&sInitiator=external&gdpr=&gdpr_consent= HTTP 302
https://track.adform.net/serving/cookie/match/?party=1008&gdpr=&gdpr_consent= HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6513508622110358324&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=6513508622110358324&gdpr=&gdpr_consent=&sInitiator=internal HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=&gdpr_consent= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=8598202313157639348&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QkUzNjlBRjgzN0Y2QkRBRQ&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEESWyYZGKCi79RsGGvQ8AQs&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEESWyYZGKCi79RsGGvQ8AQs&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent= HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=&gdpr_consent= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7164172601277413516&sInitiator=internal&gdpr=&gdpr_consent=

Request Chain 292

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&__user_check__=1&sync_id=d33e5936-608b-11ed-855d-1e5bf6c20306

Request Chain 294

https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath

Request Chain 296

https://dpm.demdex.net/ibs:dpid=269&dpuuid=76ba636c-40f4-4b00-b545-1c46f9c8a841 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=76ba636c-40f4-4b00-b545-1c46f9c8a841

Request Chain 298

https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841 HTTP 303
https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_li_chk=true&previous_uuid=2e3c414d8483492fb07c3c9828d13729 HTTP 303
https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841

Request Chain 299

https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=76ba636c-40f4-4b00-b545-1c46f9c8a841 HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=76ba636c-40f4-4b00-b545-1c46f9c8a841&ct=y

Request Chain 301

https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=76ba636c-40f4-4b00-b545-1c46f9c8a841 HTTP 302
https://d.agkn.com/pixel/10751/?che=1668038918266&ip=217.114.215.131&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D HTTP 302
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=

Request Chain 302

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=76ba636c-40f4-4b00-b545-1c46f9c8a841 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=76ba636c-40f4-4b00-b545-1c46f9c8a841

Request Chain 303

https://y.one.impact-ad.jp/cs?d=288&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&r=no HTTP 302
https://y.one.impact-ad.jp/ul_cb/cs?d=288&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&r=no HTTP 302
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

Request Chain 310

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df406bca53b7c18%26domain%3Dwww.wintergreenresort.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.wintergreenresort.com%252Ff1b64ce8af1c3cc%26relation%3Dparent.parent&container_width=0&height=540&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWintergreenResort&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df406bca53b7c18%2526domain%253Dwww.wintergreenresort.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.wintergreenresort.com%25252Ff1b64ce8af1c3cc%2526relation%253Dparent.parent%26container_width%3D0%26height%3D540%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWintergreenResort%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D500

Request Chain 311

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=04FBEE52CEDF43189589E6C834FADEDE&RedC=c.clarity.ms&MXFR=3C7EBDD09E786BF10C40AF889A786552 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=04FBEE52CEDF43189589E6C834FADEDE&MUID=1EEBD853052B6F341497CA0B04876E91

320 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wintergreenresort.com/ 37 KB
11 KB 1138ms
976ms Document
text/html 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852f7fab2f7fe6848a715f7dd841b00a23d77e7b1dd595f0e7180a1eebb0fbb7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 767a8d853c6d91db-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 10 Nov 2022 00:08:18 GMT
expires: -1
pragma: no-cache
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by

GET
H2 200 bootstrap.min.css
www.wintergreenresort.com/css/ 97 KB
17 KB 15538ms
15532ms Stylesheet
text/css 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/css/bootstrap.min.css

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

275662a54acdf50df65202f98c3987434b68145874bf8568b336c6e3d784edff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 31 May 2018 03:04:55 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public
cf-ray: 767a8d8b7c3191db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 glyphicons.css
www.wintergreenresort.com/css/ 37 KB
7 KB 951ms
947ms Stylesheet
text/css 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/css/glyphicons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b834d0adf85a6efb491a67e3bb4520e3fc7bb5e0602499c081721ca5d994c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 28 Jun 2016 20:25:50 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public
cf-ray: 767a8d8b7c3291db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 custom.css
www.wintergreenresort.com/css/ 46 KB
8 KB 947ms
943ms Stylesheet
text/css 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/css/custom.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd852c2d57ce17da10bca22467e3a6686f6b53c6a23d5b966fa0ea6a52d7594

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 Jun 2018 17:00:39 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public
cf-ray: 767a8d8b7c3391db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 respond.js Show response
www.wintergreenresort.com/js/ 4 KB
2 KB 657ms
654ms Script
application/x-javascript 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/js/respond.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb602c15a149c572f857d5e7b163b6551e162539a11fe97d592e217bcd4e5846

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 05 Jan 2014 15:57:14 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 767a8d8b7c3591db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK js.aspx Show response
www.navistechnologies.info/JavascriptPhoneNumber/ 24 KB
7 KB 899ms
360ms Script
text/javascript 199.125.15.90
AS2-NAVIS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.navistechnologies.info/JavascriptPhoneNumber/js.aspx?account=14777&jspass=1we1cqtb5kuqpued6hln&dflt=8556991858

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.125.15.90 , United States, ASN46089 (AS2-NAVIS, US),

Reverse DNS

ncdb.hil.us.thenavisway.com

Software

Microsoft-IIS/7.5 / ASP.NET

Resource Hash

9d8a1a868ca337fa47d505f005ae82a146f60ad4567698efbcacb80580c769d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 6490

GET
H2 200 bundle.js Show response
media.guestdesk.com/sites/guestdesk/ 3 KB
1 KB 106ms
31ms Script
application/javascript 2606:4700:10::6816:227f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.guestdesk.com/sites/guestdesk/bundle.js
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:227f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f13fa14c729bb410b224bc89c353fbbd1cf691126413b9ec0929fdc120f9a81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:18 GMT
x-amz-version-id: 20HL.ZM_jCJR3l.VhNw8XPMdj2qq5RAX
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: NSAN60DG4EJEMN40
age: 3063
cf-polished: origSize=3999
x-amz-id-2: 0Zm3dKS7KIatUjNJvbsuoyegnC/0jiSZUQI9mScDRA2wu4TBi5xZUt44bliBaZ6VFx8shBMV4W8=
cf-bgj: minify
last-modified: Fri, 14 Oct 2022 18:59:56 GMT
server: cloudflare
etag: W/"94a815a9434394c9ed32dbb039494d58"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767a8d8be9a39b7d-FRA

GET
H2 200 gd5-screen.css
media.guestdesk.com/sites/wintergreenresort_com/css/ 322 B
408 B 309ms
234ms Stylesheet
text/css 2606:4700:10::6816:227f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.guestdesk.com/sites/wintergreenresort_com/css/gd5-screen.css
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:227f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080501e9b51e97cfeb997791067fc28a98deea2bf5595460630b8802ec548f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:18 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 28 Oct 2020 00:12:18 GMT
server: cloudflare
x-amz-request-id: CAYV07ZHX8HF6GDH
cf-polished: origSize=404
etag: W/"eb33d841d1a25af5fcbadcc8b00e7b97"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 767a8d8be9a09b7d-FRA
x-amz-id-2: slaFCHVoEklYpztOKcEcdYBi8go4phCschhBopUwY0PsHcS6TPezLWNvQWLtRXKJCKcR6nJ5HMU=

GET
H2 200 WebResource.axd
www.wintergreenresort.com/ 4 KB
1 KB 636ms
634ms Stylesheet
text/css 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/WebResource.axd?d=JxofuWNmobp6K6ut4guVDwTn-vA0Tvo5SmRhjrAZYoVl4_HIJ5u_HPJ1eEx4S13whqETkHWWcHsPi6m3iu59oPvzCDCLmW2-lY6iziB4PhXuVqm2rNEz5EXz8FSaSLmCDa-8m74I7osqCyhRnpAGRg2&t=635376413413569668

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b05ae26a8d65eb1827894ff229a72854332ec25328a93740240c28b76814d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 06 Jun 2014 15:49:01 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public
cf-ray: 767a8d8b7c3491db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Nov 2023 00:08:37 GMT

GET
H3 200 Fall-color-o-meter_red.png
www.wintergreenresort.com/img/ 673 KB
673 KB 34ms
33ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Fall-color-o-meter_red.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

665d05b73109d12ef1f9e4bde7dff34eb9584f48e2734503ebb7932ad3f1f484

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:20 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3063
cf-polished: origSize=688942
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 688884
cf-bgj: imgq:100,h2pri
last-modified: Fri, 05 Oct 2018 22:55:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8d962d6768f8-FRA

GET
H3 200 checkerberry-white.png
www.wintergreenresort.com/img/ 3 KB
3 KB 45ms
45ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/checkerberry-white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

137b614899438ca293d8fb2f8e3ba20add19113d07079402be2a33bde12d6fbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:20 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3063
cf-polished: origSize=54620
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2982
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Nov 2014 18:38:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8d972f0568f8-FRA

GET
H3 200 WintergreenResort-3c-logo.png
www.wintergreenresort.com/img/ 9 KB
10 KB 31ms
31ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/WintergreenResort-3c-logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c98d25c1edd8e3e7e8ee7adca44f5b29adb0228c65618f76429d5be6ba6b88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:20 GMT
cf-cache-status: HIT
x-aspnet-version
age: 4792
cf-polished: origSize=11904
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9588
cf-bgj: imgq:100,h2pri
last-modified: Fri, 21 Mar 2014 13:33:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8d977f8a68f8-FRA

GET
H3 200 fall%20drive.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 979 KB
980 KB 1118ms
1118ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/fall%20drive.jpg?n=9800

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e420efbb7bcb16df652226e36313cb5dc557ebcb47fce11d9ac113b9f4b0d582

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:21 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 18:37:46 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8d97afe468f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1002699

GET
H3 200 salon%202.jpg
www.wintergreenresort.com/uploadedImages/Spa/ 280 KB
280 KB 1103ms
1103ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Spa/salon%202.jpg?n=132

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce9881fbcef45fc4854b5c8fcf34585b47906deb4dec98464161bfa9383e8238

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:23 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 22 Apr 2022 17:10:15 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8da2ae4868f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 286388

GET
H3 200 fall%20golf.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 866 KB
867 KB 924ms
924ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/fall%20golf.jpg?n=176

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27618ddf34dd30b6111ec4fb701406f0788230a961fc8dcf042aaef94a9d134d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:24 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 18:26:35 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dab89fc68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 887047

GET
H3 200 carousel-pickleball-overview.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 212 KB
212 KB 919ms
919ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/carousel-pickleball-overview.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7eacd40daf45b0deabf98b1d96e81304c139f6289b6533e431222001378119c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:26 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 16 Sep 2022 22:16:27 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8db53e4368f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 217029

GET
H3 200 fall%20rudge.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 557 KB
557 KB 1088ms
1088ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/fall%20rudge.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7ed8fbdd5c6308795b9938239afdf2c32280d3a2c5ebef99a17ec31b76f1a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:27 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 21 Sep 2022 19:36:39 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dbca8ba68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 570126

GET
H3 200 Carousel-salmon-dish.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 65 KB
65 KB 991ms
990ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/Carousel-salmon-dish.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

040f70f05f8a25fd0b7d0acee014f0882ff3dc28438c1452248dc249668cb68e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:28 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 16 Sep 2022 22:20:03 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dc63d4e68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66375

GET
H3 200 trip-advisor-transparent.png
www.wintergreenresort.com/img/ 13 KB
13 KB 36ms
35ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/trip-advisor-transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab84d1608c06680a82404cfc847478b146965692830ac01ac7b6c24669de5c95

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:28 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3065
cf-polished: origSize=14805
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12841
cf-bgj: imgq:100,h2pri
last-modified: Wed, 08 Nov 2017 22:19:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dcc7d7b68f8-FRA

GET
H3 200 wintergreen-advantage-logo.png
www.wintergreenresort.com/img/ 20 KB
20 KB 33ms
32ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/wintergreen-advantage-logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8de0fa498271c338cb3dad9f8ce9a9e7fa18266fab4a6691ed7e8ba443381dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:28 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3068
cf-polished: origSize=21544
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20062
cf-bgj: imgq:100,h2pri
last-modified: Wed, 08 Nov 2017 22:22:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dccbdc868f8-FRA

GET
H3 200 Promo-Boxes-THANKSGIVING.jpg
www.wintergreenresort.com/uploadedImages/Site_SetUp/Home_Page/ 213 KB
213 KB 946ms
946ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Site_SetUp/Home_Page/Promo-Boxes-THANKSGIVING.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa91b17fbb03cd969d686e7bb0dfb9b1f25d7d8cf97813f06da55f29568cfd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:29 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Nov 2020 15:45:50 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dccfe4568f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 218234

GET
H3 200 Promo-Boxes-MF2019(1).jpg
www.wintergreenresort.com/uploadedImages/Site_SetUp/Home_Page/ 237 KB
238 KB 1049ms
1048ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Site_SetUp/Home_Page/Promo-Boxes-MF2019(1).jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4542886bf37f721dba30c5b4e6ca5adf63a9d68b74d549ddf8b897ed2cf8ff33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:31 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 20 Oct 2021 16:52:29 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dd4a8d968f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 243082

GET
H3 200 Fuel%20up%20on%20fun%20fall%202.jpg
www.wintergreenresort.com/uploadedImages/Site_SetUp/Home_Page/ 147 KB
147 KB 928ms
928ms Image
image/jpeg 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Site_SetUp/Home_Page/Fuel%20up%20on%20fun%20fall%202.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

074b234cdb476fd006481dabfc6eea8cf1ed61b4aacfe03a6a6aab23e2043ac0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:32 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 16 Sep 2022 16:49:59 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 767a8ddd0c1168f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150221

GET
H3 200 FB-f-Logo__blue_50.png
www.wintergreenresort.com/img/Social%20Icons/ 1 KB
2 KB 630ms
629ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/FB-f-Logo__blue_50.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee40cae491f4cdb28c99895c58d236b8d7c31b5aa371c4fcc05c76bec6820d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:33 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 27 Sep 2013 13:20:00 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8de49eb868f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1403

GET
H3 200 Instagram_Icon_Large.png
www.wintergreenresort.com/img/Social%20Icons/ 6 KB
6 KB 664ms
664ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/Instagram_Icon_Large.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf126f0c7e8d37222eb7d47dd5a97039e00530881a9b62c042c4b345e6c1f91a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 10 Aug 2015 18:22:04 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8de88c7b68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6321

GET
H2 200 snapwidget.js Show response
snapwidget.com/js/ 22 KB
7 KB 91ms
28ms Script
application/javascript 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/js/snapwidget.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:19 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2388698
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 20 Sep 2022 13:55:11 GMT
server: cloudflare
etag: W/"6329c63f-560f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY0I7bn2sMG17axcIG157%2FD1N%2Bpa7SwCsFY7SGyrLz0ZyU4WRNhvceeAsRbrpSi4f%2FO2Vas4%2FRwN5Pj8uosXIvidXb%2BI6ZozeTRvuAAaj55QaV4vLiMkR%2F4s32y8nmaz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 767a8d91df189013-FRA

GET
H3 200 fb.png
www.wintergreenresort.com/img/Social%20Icons/ 280 B
536 B 30ms
30ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/fb.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c9315506901b104a86245f379abc8948eea7d976276207c43951362d6b20df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3071
cf-polished: origSize=1187
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280
cf-bgj: imgq:100,h2pri
last-modified: Fri, 04 Apr 2014 16:00:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec89f168f8-FRA

GET
H3 200 twitter.png
www.wintergreenresort.com/img/Social%20Icons/ 650 B
907 B 32ms
31ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/twitter.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923529a15b96e0ea01f67d0ff6d7ccf6f7edc4689e97596d8772c4af477352c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3071
cf-polished: origSize=1764
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 650
cf-bgj: imgq:100,h2pri
last-modified: Fri, 04 Apr 2014 16:17:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec99fb68f8-FRA

GET
H3 200 pinterest.fw.png
www.wintergreenresort.com/img/Social%20Icons/ 1 KB
1 KB 32ms
30ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/pinterest.fw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82805b76781e4deff3eed7121776c87f8bb2abc60022865e92ca62fb8e99480f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3068
cf-polished: origSize=66282
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
cf-bgj: imgq:100,h2pri
last-modified: Fri, 04 Apr 2014 17:54:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec9a0068f8-FRA

GET
H3 200 instagram.png
www.wintergreenresort.com/img/Social%20Icons/ 462 B
719 B 28ms
26ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/instagram.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ba8c07f616dec48045e3710d41b3cab40d431f05002567a8b3c78d3eccb6ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3068
cf-polished: origSize=1517
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 462
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Jan 2015 16:05:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec9a0168f8-FRA

GET
H3 200 trip-advisor-green-icon.png
www.wintergreenresort.com/img/Social%20Icons/ 2 KB
2 KB 36ms
34ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/trip-advisor-green-icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad42b7df37f1e212ae38ab9cc20a4d594467a48e6fd1795f2c145e7c549af531

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3068
cf-polished: origSize=2927
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2028
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 May 2016 16:37:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec9a0268f8-FRA

GET
H3 200 youtube.png
www.wintergreenresort.com/img/Social%20Icons/ 1 KB
1 KB 36ms
35ms Image
image/png 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/youtube.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c869a0b19521d4604c45a0603dd4a378b83b421a51d77dd77adf015d3302665

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
x-aspnet-version
age: 3068
cf-polished: origSize=1768
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1036
cf-bgj: imgq:100,h2pri
last-modified: Fri, 04 Apr 2014 17:27:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec9a0468f8-FRA

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 86ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:19 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-1762a"
vary: Accept-Encoding
x-hw: 1668038899.dop054.fr8.t,1668038899.cds209.fr8.hn,1668038899.cds280.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H3 200 bootstrap.min.js Show response
www.wintergreenresort.com/js/ 27 KB
8 KB 38ms
37ms Script
application/x-javascript 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Jan 2014 15:35:40 GMT
server: cloudflare
x-aspnet-version
age: 3062
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 767a8d92b87f68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 504ms
259ms Script
text/javascript 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=660713&mt_adid=114781&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x20 config:1.0.0 /
Resource Hash: 5171c6a672502f61f86fd1e43066d135e1b4b70b168123cf8b723f136c937787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:20 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x20 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1493
Expires: Thu, 10 Nov 2022 00:08:19 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 99ms
56ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.wintergreenresort.com/
Origin: https://www.wintergreenresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 767a8decdd669bc4-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
85 KB 92ms
41ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75b9a6dfe9835b2ad60489eacee491ad9ab4768c1c0bf774dcd4336243d31226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Nov 2022 00:08:34 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 72ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3061a83293d00af87027c67ab904673b68c7e5a038fdb6d2463daf00f3d2d524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 00:08:34 GMT
content-md5: u/Ck48ZwvF5XQa7E64kdHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: OcQSdWo/VAdpVL83K3k4Pl05m9rE+Hq0z0bZ87nxIMNqpjn4g1P7pq6y+kbQwsjS3Mst5Q/WedJZDHpSoYJAWg==
x-fb-trip-id: 686109401
x-fb-content-md5: e9380c3bdf61be6b787ed2dbf368ab20
cross-origin-opener-policy: same-origin-allow-popups
etag: "edd66a6284f79c1151b2038f635a84e9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Thu, 10 Nov 2022 00:11:36 GMT

GET
H2 200 render Show response
ui.customsearch.ai/api/ux/ 9 KB
4 KB 311ms
123ms Script
application/javascript 20.61.56.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.customsearch.ai/api/ux/render?customConfig=2174796442&market=en-US&safeSearch=Moderate

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.61.56.250 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8be7b952a06b1b0befc8755a2636af5a1e5ccadb7f913990d4153737ae52817c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 00:08:34 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 Mark%20Simonson%20-%20Proxima%20Nova%20Regular.otf
www.wintergreenresort.com/fonts/ 92 KB
93 KB 31ms
31ms Font
application/octet-stream 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Regular.otf

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/custom.css
Origin: https://www.wintergreenresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jun 2014 16:52:40 GMT
server: cloudflare
x-aspnet-version
age: 3077
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec9a0668f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94668

GET
H3 200 glyphicons-halflings-regular.woff
www.wintergreenresort.com/fonts/ 23 KB
23 KB 36ms
36ms Font
application/octet-stream 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/bootstrap.min.css
Origin: https://www.wintergreenresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Jan 2014 15:35:44 GMT
server: cloudflare
x-aspnet-version
age: 3077
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec9a0868f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23292

GET
H3 200 glyphicons-regular.woff2
www.wintergreenresort.com/fonts/ 94 KB
94 KB 29ms
28ms Font
application/octet-stream 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/glyphicons-regular.woff2

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/glyphicons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/glyphicons.css
Origin: https://www.wintergreenresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2015 06:37:42 GMT
server: cloudflare
x-aspnet-version
age: 3077
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 767a8dec9a0968f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96388

GET
H3 200 brandon_reg.woff
www.wintergreenresort.com/fonts/ 55 KB
55 KB 938ms
938ms Font
application/octet-stream 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/brandon_reg.woff

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a681c2d0f286fc3da1ca61365d9201f177ad0b9d922cc4dd564cb8c733682c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/custom.css
Origin: https://www.wintergreenresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 20 Mar 2017 15:08:19 GMT
server: cloudflare
x-aspnet-version
x-powered-by
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 767a8decba2b68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56424

GET
H3

200

/ Show response
www.resortcams.com/webcams/wintergreen/iframe/ Frame D557
Redirect Chain

https://www.resortcams.com/embed.php?cam=wintergreen
https://www.resortcams.com/webcams/wintergreen/iframe/

2 KB
2 KB

229ms
208ms

Document
text/html

2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/webcams/wintergreen/iframe/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7357e318189ffeff7d0d18633e9aa9cee3e0964d81cf1037adc89e17e1b5195

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 767a8def0dfe5b38-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
last-modified: Wed, 09 Nov 2022 20:00:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i=?0
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N21v%2FK%2BP7UWxNcGSwqThpd4J5bc95azcWHK7TSRI4wJbuppyJgSwqwK%2Fo83BlDTKZf2gbU85fjRHSjIN93B3cYm5X2CbTY7fKymrO5UygcCNVNM01Pwb7Wm7zdX0Fzx0eGTzxcA391N27bxqrzf5SSY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-rocket-nginx-serving-static: HIT

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 767a8dedaef2bb85-FRA
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
location: https://www.resortcams.com/webcams/wintergreen/iframe/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocT3c8vMmFVgtPGyLwnqgR5hvLP6mNCopH2KiivXBN9F3lT9g61b%2FbPXLQ5ZEI4liPxdqzx0a%2FPzUCaif2F5WKWX0Vd2O67qN9Q19MuvZrUuDFpoQqb2mWBuJFGyy2tKIc7OlzUi%2BTv%2F2Kk82PBfKOk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff

GET
H3

200

/ Show response
www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/ Frame 3B5E
Redirect Chain

https://www.resortcams.com/embed.php?cam=wintergreen-stony-creek-golf
https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/

2 KB
2 KB

211ms
189ms

Document
text/html

2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3b9e6a69c5063c66236f5ca27dbfd3f4c3a836506395ff63f33b844afa3ae2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 767a8def0dfd5b38-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
last-modified: Wed, 09 Nov 2022 20:00:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i=?0
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCHLsefAIpE07j5OY2pGszRiqssC6Or5imjCVUCauzKPJRno%2B31r2KmIHlO4P6t%2BSQQTK4BYh1f%2FLsv9wcSEB5FTJUXABLxGmxBn2ObM2mcohgdacj67L89TGz6ZMJOf3mrRiWnP0nbLMhsk4hGy94c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-rocket-nginx-serving-static: HIT

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 767a8dedaef5bb85-FRA
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
location: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAVA0EoywNi2MLMoeHPWoCXWK4MRarkJgjr00pG1Ta%2Fz6yhYOwDmB8YKsICOjFrDjjxQJgN4zFdkpNcf%2FcyH%2FoYkv6qW2hRkOF8J8AeCyu1w%2FZ25g7W69LpuhxP%2BFOm9G7rzAfu%2BI1il7MHnupx1vEo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff

GET
H3

200

/ Show response
www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/ Frame 7F18
Redirect Chain

https://www.resortcams.com/embed.php?cam=wintergreen-devils-knob-golf
https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/

2 KB
2 KB

205ms
185ms

Document
text/html

2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c61c41e3b8b5d63cc7724e6bb815200139139720788401827e39a1c189fdf77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 767a8def0dfc5b38-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
last-modified: Wed, 09 Nov 2022 20:00:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i=?0
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKAP4FbPJuhlhLvXkH6A47V7PNbgN%2FP8xtAJfPrs9QgZ1CFtHhd1sP14Aqk4YZ2QuKrQUk%2BOYHzGYYenfjpO0w44h35djXoGsuNjQ9ylEFKCYf5D1Vz1VD%2FR2bhQNaGlayvpK3NPdTHfFm7DgvdGJvQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-rocket-nginx-serving-static: HIT

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 767a8dedaef6bb85-FRA
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
location: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeYHoDVXkE9qkui1C1ckzoimeC7uGOoEwYagNaP5ySUN5AFfwYJVkYo6AOMDFG%2BBx7la4%2BqB6VClZBL8H05Cid4OAs0xJHmRxYJErEaJTKZcg8HfNQg3Yr8tJJ760JYWjnHH%2BDv7AeIWjpaVyT3EHus%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff

GET
H3

200

/ Show response
www.resortcams.com/webcams/wintergreen-slopeside/iframe/ Frame 5A7B
Redirect Chain

https://www.resortcams.com/embed.php?cam=wintergreen-slopeside
https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/

2 KB
2 KB

214ms
188ms

Document
text/html

2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3acd4c5554a85e75be70f2bcb6edccbbe9342566ed65a1a6a83335613e40392

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 767a8deefdf95b38-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
last-modified: Wed, 09 Nov 2022 20:00:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i=?0
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hFhcljeMLTDZz3NycOEj%2FNWF1cnEvQq25tgDvhqC8mtDhOHnZGclR1R4c7j5UcXkh0YFn3o31acUZQC%2FSzUQ%2F3ywFNvYe%2Bg2noipccb3gd%2BW%2B4I0sy0OZLzDok3s55FxYRyVJp8H6NwhrDDjU0iYrk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-rocket-nginx-serving-static: HIT

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 767a8dedaef7bb85-FRA
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
location: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8pVLan%2FQVI%2FGcAyUNx3su8cmZm7PAjJjNv7L4vDFeZ%2Fs92xxgHT41pipddLYr%2BMhCW%2F4cPyYzIHCqc4MfaaMxC0ootpFB0DOscSfmB5rykIJKQj%2B6OyYjdWmf2Bw%2FPp%2B4doBXsQxatLW2xIvDvPZyU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff

GET
H3

200

/ Show response
www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/ Frame B77D
Redirect Chain

https://www.resortcams.com/embed.php?cam=wintergreen-blue-ridge-express
https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/

2 KB
2 KB

195ms
189ms

Document
text/html

2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7eb1805e7378478a5b4c4ba09a2a46a2a0d0bc3a775ca836bd5e54c840719f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 767a8def0dfa5b38-FRA
content-encoding: br
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
last-modified: Wed, 09 Nov 2022 20:00:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i=?0
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JX5Wrzhmy1ZWZxb27DtVb2OQW04YMN%2FzqnWcIuqqm15q9nxrSG26guYz%2FYE5w7V6%2Ffwl%2FKWkQZfHceqJwVFGl7NW47NPxND%2FQwsdTAbC%2F9QFVrp%2FkaftupfN5DARGOHRmImEHAgtShXa7RSM7tterRU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding, Cookie
x-content-type-options: nosniff
x-rocket-nginx-serving-static: HIT

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 767a8dedaef9bb85-FRA
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
location: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtM757dKD5Muhqkg7I6KNCZp5f%2FyYYnFy56%2FUp%2FmGZCYS0pHlfDImGD3pJ26M1Ui29ORAF3ew8pBBICIiQ0TEhwaienJ1GZnRqPhixmtYZeHWfekUPr%2BGHmJIvIRMAIOBJmbaQS4purmHTAejihgPPY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff

GET _uEIaQ194KM
www.youtube.com/embed/ Frame 6E23 0
0

GET
H2 200 23_OlmKlj14 Show response
www.youtube.com/embed/ Frame 1837 69 KB
28 KB 175ms
123ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/23_OlmKlj14?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ed7d06878e63bc884671f465cd617012c74914b400b8412113ab4efb2345036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 10 Nov 2022 00:08:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UY0PvaYyQB0 Show response
www.youtube.com/embed/ Frame 98C1 68 KB
28 KB 151ms
101ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cc5a90f9406fb55d89bf59433c66931b59400fb71c8923cf41056d6a8c630c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 10 Nov 2022 00:08:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 RdTcdsNGdRQ Show response
www.youtube.com/embed/ Frame 4BA0 68 KB
28 KB 162ms
113ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecd2692b6a371a5e9ebfd784cdb268eefdc7e01e6fbeb6fe34b18111c2c480fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 10 Nov 2022 00:08:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 308412 Show response
snapwidget.com/embed/ Frame FB7C 40 KB
6 KB 123ms
123ms Document
text/html 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/embed/308412

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6e9a87c7336822074f10878cd446f0e0f3a3b37f29e7dfa5f27b859fc209a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300
cf-cache-status: HIT
cf-ray: 767a8ded68e29013-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 00:08:34 GMT
expires: Thu, 10 Nov 2022 00:09:40 GMT
last-modified: Thu, 10 Nov 2022 00:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8EIb8Tpu%2BZk3hVIaore9KZhaEZJdEq27lhmmfzn8t%2BqYTzwloMmo7MJzc0pvyJS9HCFyNfU9wZufVC3Mvq%2FL21vtETRpX2Y3arZ4kMijwyjnwDhY800uNGTc6L26Rrs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: all
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame C13D 6 KB
2 KB 220ms
220ms Document
text/html 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=660713&mt_adid=114781&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x12 config:1.0.0 /
Resource Hash: cd2eca5cd845aac30fc87c74df79c436937cf8fa45c2c4f76ce575bc5dee2428

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2070
Content-Type: text/html
Date: Thu, 10 Nov 2022 00:08:34 GMT
Expires: Thu, 10 Nov 2022 00:08:33 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4629 97bee97 master hkg-pixel-x12 config:1.0.0
Vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ 0
481 B 243ms
195ms Image
image/gif 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:34 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 10 Nov 2022 00:08:33 GMT

GET
H3 200 invisible.js Show response
www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 8292 37 KB
16 KB 30ms
29ms Script
application/javascript 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668038400
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c4cfb8443bbd8eb9a3d79b4b41df3609c63c588077ddca71dbac601ed4c30b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 767a8dedfbdf68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 48ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=81da66ef6079c7c5ad5a8fcd04b181e5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d030a522113641975cb7855f95461f855690e500d3f8b75d754e018ef98e252a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wintergreenresort.com/
Origin: https://www.wintergreenresort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 00:08:34 GMT
content-md5: I/iktaekUo/XahE8qyUeXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88351
x-fb-rlafr: 0
x-fb-debug: +ePUGRvxRnB8y7F87kbKRj/IeLOVwuDiFfYa43rivHLMKU07jloDNOxKNAIuOOX/mG/WXkfdNXkcfft95Cvotw==
x-fb-content-md5: 23c1f0c73d3ab3b0d51fa172b356d5d4
cross-origin-opener-policy: same-origin-allow-popups
etag: "d3d6aa15766fdddc6d973166f9d945d5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Nov 2023 21:53:29 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/794829170/ 2 KB
2 KB 92ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794829170/?random=1668038914236&cv=11&fst=1668038914236&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&tiba=Wintergreen%20Resort%2C%20Premier%20Blue%20Ridge%20Mountain%20Virginia%20Vacation%20and%20Ski%20Resort&auid=368476458.1668038914&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02f935ca5b2d073bb2f22eaefdab415c009dec70ce023a2d7641f49ead60a1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2625
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 10 Nov 2022 01:24:49 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 27 KB
12 KB 121ms
59ms Script
application/javascript 18.64.78.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.78.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-78-252.txl50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1076991f3e548c844051c4aaf033a77668e636282ca8b7aef054f01667866e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: gzip
via: 1.1 97d0bbf6e879b5cbfab87acc7ccd4218.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: TXL50-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 11952
x-amz-cf-id: TfY4QXglC8HGcjLv7luCDz1fh3AM0YlQUd52yyTwm3ey9K9h3INPEw==

GET
H2 200 9e6bui1n6x Show response
www.clarity.ms/tag/ 2 KB
2 KB 277ms
113ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9e6bui1n6x?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 67d3c41109e5cbf75ce5f089349db6e7d1d6f93c6545d64b8e99f0d340b1e80f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: application/x-javascript
date: Thu, 10 Nov 2022 00:08:33 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0AkFsYwAAAACCEiRMJ1k2QZvvrTB8QimwQU1TMDRFREdFMTgwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 45ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Nov 2022 00:08:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MQKAnUYVbhetCdSSuyiwUMOewUAbWmXBLDLXs+gUNNOlP0JdtJwfm04nBLkWG3zkLGSMqV6Hx7J9rdoMt4WCcg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK iMAWebCookie.js Show response
www.sc.pages08.net/lp/static/js/ 14 KB
5 KB 362ms
109ms Script
application/javascript 3.96.5.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sc.pages08.net/lp/static/js/iMAWebCookie.js?1774c950-15d3edd3da0-6681ada67421f5d3ed5e65517ed2e77a&h=www.pages08.net

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.96.5.142 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-96-5-142.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Wed, 02 Nov 2022 04:27:14 GMT
Server: Apache
ETag: "3772-5ec754148bfa3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 5138

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 85ms
40ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T4MS4Y5ZB1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

079e48541191e2b28666f85411de952bbedc720a43582a31a6f3d626c11651e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Nov 2022 00:08:34 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=2890493&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2

43 B
1 KB

34ms
28ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 00:08:34 GMT
AN-X-Request-Uuid: cab2f4c8-f74d-4166-8f0f-8494dde4f6f1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Thu, 10 Nov 2022 00:08:34 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e34054f8-0c27-4d90-ada7-9e3396f2d81c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 _uEIaQ194KM Show response
www.youtube.com/embed/ Frame 6E23 72 KB
30 KB 81ms
81ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc0e5970cdfe253f2b013ad15877581304c7a27e63f81d2178e62ee08a8cb182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 00:08:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
920 B 61ms
60ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 10 Nov 2022 00:08:34 GMT

GET
H2 200 embed.vendor.min.760717b3f565c387.css
snapwidget.com/stylesheets/ Frame FB7C 2 KB
1 KB 29ms
28ms Stylesheet
text/css 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/stylesheets/embed.vendor.min.760717b3f565c387.css

Requested by

Host: snapwidget.com
URL: https://snapwidget.com/embed/308412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131dec6a86a10ddda2bf8740d1f4225efeac800e2f403eb5ee60451c7fb372a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/embed/308412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2388786
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 08:57:55 GMT
server: cloudflare
etag: W/"6332bb13-937"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXwR31jY5MiYRvZNWszXMXNn4NmNyhXVKBKHk7gLNTD8l4StQZCs2uF2NR6HuGRJt9NAk3ZiJ%2BXFkwYKw1Q9LiyF2%2F%2Fqbrd%2FCtkb24S%2BEdS8udKruC5LPpuH9Y2uijcL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 767a8dee39b59013-FRA

GET
H2 200 embed.style.min.307799cd3bc5b2ee.css
snapwidget.com/stylesheets/ Frame FB7C 16 KB
4 KB 29ms
28ms Stylesheet
text/css 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css

Requested by

Host: snapwidget.com
URL: https://snapwidget.com/embed/308412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8988d47e2ab355eeeaec4a43d412c4eb81015fe23c57292cca36dc57716a398

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/embed/308412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2386077
cf-polished: origSize=15975
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 08:59:00 GMT
server: cloudflare
etag: W/"6332bb54-3e67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4D7g5Bp1oUgs28Ryfg4Gv0XZy3D5M9OH6S3Qf2DdvduFCE75h6%2BuvbwxO6nYmHQNz%2B%2F1vK2Ap%2BR4awvrtspQZptPkHAY1NJKLve6RH4NZehV21jw4QPfukTeWdGNuOgD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 767a8dee39b89013-FRA

GET
H2 200 embed.grid.min.4069f6f840f9102b.css
snapwidget.com/stylesheets/ Frame FB7C 2 KB
1 KB 33ms
32ms Stylesheet
text/css 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/stylesheets/embed.grid.min.4069f6f840f9102b.css

Requested by

Host: snapwidget.com
URL: https://snapwidget.com/embed/308412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe84f47aa0a3e1574355938c85700905e9eb55eee09e347c62050e3a5712e134

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/embed/308412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 751143
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 05 Oct 2022 08:41:01 GMT
server: cloudflare
etag: W/"633d431d-899"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv8nZrIhLL2cpw%2BcB8zy386Rs1L07Pxb59CqGo8CxOH9VG%2FR3DumGhEGYd8zFNvNIawzxLxHtuD9VTEJzTsjgirhB9G2OPHv2rlQvACxhqCPZEa2UdUez6UbFESzuxx2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 767a8dee39ba9013-FRA

GET
H2 200 embed.vendor.min.2f17f0b14ee46c5a.js Show response
snapwidget.com/js/ Frame FB7C 2 KB
1 KB 30ms
30ms Script
application/javascript 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js

Requested by

Host: snapwidget.com
URL: https://snapwidget.com/embed/308412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21a2e6c484de0c29d96ec0ac407ee0603dfd95741951506ed7a1bcbc6a6db4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/embed/308412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2388796
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 08:56:52 GMT
server: cloudflare
etag: W/"6332bad4-9e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGF2C5XNiu3nVa%2FDeyZuv2M%2BRHASe5XmDbhGiOEEy1KsSz0I1FjTSC2swyiFFNQ1WuuqBDu22kchOAbG4A7U3M%2BJ32JMmga8TLQbxrcRyDThDpQRW90xjaVWX4%2BLb582"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 767a8dee39bc9013-FRA

GET
H2 200 embed.main.min.b61fafc5de1ae792.js Show response
snapwidget.com/js/ Frame FB7C 3 KB
1 KB 30ms
29ms Script
application/javascript 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/js/embed.main.min.b61fafc5de1ae792.js

Requested by

Host: snapwidget.com
URL: https://snapwidget.com/embed/308412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be964cc6c34b45ebc4001869bd65c222853e4db7d4e96b21120107648ff7b11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/embed/308412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2391375
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 20 Sep 2022 13:55:38 GMT
server: cloudflare
etag: W/"6329c65a-b2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMpiRiLZqAT6gSG2o0ddM21fC9iNbB69MAUTVoiH4%2FNEu%2FdFex3i5dmNb8o4QNnK4dm3uQbM6KSGIgQuO0Iqpr6KNMVBwbeIvxASUv2btKnjICQWmOryX%2BRlh3uWmz2w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 767a8dee39bd9013-FRA

GET
H2 200 iframeResizer.contentWindow.min.0da4d54c7d115e53.js Show response
snapwidget.com/js/vendor/ Frame FB7C 21 KB
7 KB 31ms
30ms Script
application/javascript 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/js/vendor/iframeResizer.contentWindow.min.0da4d54c7d115e53.js

Requested by

Host: snapwidget.com
URL: https://snapwidget.com/embed/308412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

189dde8531d3c2cf113cd3ffea2bc61d83da76426208fd76500f2332fd39dde2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/embed/308412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 751158
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 29 Oct 2022 12:11:57 GMT
server: cloudflare
etag: W/"635d188d-5452"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1sW1GpNe8%2BqaEBdRqU7vGsgWRHzsUNfxP%2Bb4KwQtJEkXKFITYC7FDp10AwLjyzPbbdtDSmYnI3X8%2F%2FxX02nbjnt3cJO6tDN%2BYxJ1Xt39meDLuSCMs%2FXh29SLW3tLZWw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 767a8dee39be9013-FRA

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame FB7C 17 KB
6 KB 69ms
64ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://snapwidget.com/
Origin: https://snapwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 767a8dee8f769bc4-FRA

GET
H3 200 pica.js
www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8292 19 KB
8 KB 32ms
32ms Other
application/javascript 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cca3171b284fd6e9b455bc4c7624df9b0fa2aa2b2f72d80d3749803359b9e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 767a8dee3c3c68f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 98C1 359 KB
49 KB 72ms
27ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 98C1 309 KB
96 KB 130ms
86ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 98C1 2 MB
576 KB 128ms
84ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 98C1 9 KB
3 KB 134ms
89ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98C1 15 KB
16 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 574593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98C1 15 KB
15 KB 98ms
47ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 179235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 4BA0 359 KB
49 KB 77ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BA0 15 KB
15 KB 66ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 574593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BA0 15 KB
15 KB 94ms
55ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 179235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 4BA0 309 KB
96 KB 122ms
90ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 4BA0 2 MB
576 KB 125ms
92ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 4BA0 9 KB
3 KB 118ms
86ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 1837 359 KB
49 KB 55ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 1837 309 KB
96 KB 112ms
86ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 1837 2 MB
576 KB 116ms
92ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 1837 9 KB
3 KB 109ms
85ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame FB7C 49 KB
20 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: snapwidget.com
URL: https://snapwidget.com/embed/308412

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2625
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 10 Nov 2022 01:24:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1837 15 KB
15 KB 67ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 574593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1837 15 KB
15 KB 84ms
59ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 179235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
DATA 200
OK truncated
/ Frame FB7C 926 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc7895460692bec6102b2decab4b101114bf0a6f6b086f6d8ca3feb33ca45698

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 283889445573402 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/283889445573402?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e44c0e8d5649afb5561d85c788a5304e18399b449bc5d8fe762bfc21cdd5656f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Nov 2022 00:08:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: b8yVYwC0ExzGamalLbXl9zi+BkrcdT4y9HA4at8NRf0r/v4sV3rJAncwbCqDT+L0SXC8D+PkMLWHZwB8fCvfCA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/ 161 KB
53 KB 164ms
163ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 21:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53867
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Nov 2023 21:51:52 GMT

GET
H/1.1 200
OK CssTheme.1.css
hosteduxprod.blob.core.windows.net/public-files/1.0.0/ 5 KB
5 KB 495ms
123ms Stylesheet
text/css 52.239.221.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/CssTheme.1.css
Requested by: Host: ui.customsearch.ai
URL: https://ui.customsearch.ai/api/ux/render?customConfig=2174796442&market=en-US&safeSearch=Moderate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.221.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c6d8d02668702e2a22e07bbdb6ad93211078e02271d15a24ed4474bfc90b467b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 10 Nov 2022 00:08:33 GMT
Last-Modified: Sun, 06 May 2018 09:23:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: x01wpZI7EZ5iFtIzfI6rHg==
ETag: 0x8D5B333039E1E27
Content-Type: text/css
x-ms-request-id: 0030a5f7-001e-0007-0198-f447bc000000
x-ms-version: 2009-09-19
Content-Length: 5187

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 6E23 359 KB
49 KB 42ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 6E23 309 KB
96 KB 74ms
69ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 6E23 2 MB
576 KB 76ms
68ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 6E23 9 KB
3 KB 80ms
72ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21428245-1&cid=527269279.1668038914&jid=1625795802&gjid=297333378&_gid=1017053671.1668038914&_u=YGBAiEABBAAAAEAAI~&z=817758339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wintergreenresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 00:08:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wintergreenresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=833252388&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&ul=en-us&de=UTF-8&dt=Wintergreen%20Resort%2C%20Premier%20Blue%20Ridge%20Mountain%20Virginia%20Vacation%20and%20Ski%20Resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=1625795802&gjid=297333378&cid=527269279.1668038914&tid=UA-21428245-1&_gid=1017053671.1668038914&gtm=2wgb7052S4GRW&z=793592237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77163
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6E23 15 KB
15 KB 67ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 574593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6E23 15 KB
15 KB 65ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 179235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/794829170/ 42 B
548 B 87ms
34ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794829170/?random=1668038914236&cv=11&fst=1668038400000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&tiba=Wintergreen%20Resort%2C%20Premier%20Blue%20Ridge%20Mountain%20Virginia%20Vacation%20and%20Ski%20Resort&fmt=3&is_vtc=1&random=3459937411&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/794829170/ 42 B
548 B 88ms
35ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/794829170/?random=1668038914236&cv=11&fst=1668038400000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&tiba=Wintergreen%20Resort%2C%20Premier%20Blue%20Ridge%20Mountain%20Virginia%20Vacation%20and%20Ski%20Resort&fmt=3&is_vtc=1&random=3459937411&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 767a8d853c6d91db Show response
www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8292 2 B
376 B 44ms
44ms XHR
text/plain 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/cv/result/767a8d853c6d91db
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668038400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-encoding: br
server: cloudflare
cf-ray: 767a8df08fa268f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
354 B 90ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T4MS4Y5ZB1&gtm=2oeb70&_p=833252388&_gaz=1&cid=527269279.1668038914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668038914&sct=1&seg=0&dl=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&dt=Wintergreen%20Resort%2C%20Premier%20Blue%20Ridge%20Mountain%20Virginia%20Vacation%20and%20Ski%20Resort&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4MS4Y5ZB1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wintergreenresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 82ms
27ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T4MS4Y5ZB1&cid=527269279.1668038914&gtm=2oeb70&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4MS4Y5ZB1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wintergreenresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 77ms
34ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T4MS4Y5ZB1&cid=527269279.1668038914&gtm=2oeb70&aip=1&z=814402161

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame C13D 43 B
517 B 193ms
192ms Image
image/gif 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:29&mt_cb=906456&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x18 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:34 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x18 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Nov 2022 00:08:33 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 79ms
34ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21428245-1&cid=527269279.1668038914&jid=1625795802&_u=YGBAiEABBAAAAEAAI~&z=410459507

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
41ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21428245-1&cid=527269279.1668038914&jid=1625795802&_u=YGBAiEABBAAAAEAAI~&z=410459507

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 clappr.css
www.resortcams.com/clappr/ Frame 7F18 2 KB
1 KB 30ms
29ms Stylesheet
text/css 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/clappr/clappr.css

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11582553d9848f677949982dcd12d2fa39ebaf1852954b1305f712a4267fd305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1649765
cf-polished: origSize=2457
content-encoding: br
x-rocket-nginx-serving-static: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 20:02:34 GMT
server: cloudflare
etag: W/"630683da-999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSV6SOU7Ipvp%2FOitLvBwsVfc%2FTcQoJi1X2ixT%2ByxhHFOkbifs9EQyChvwp9q7ukLctRSqSZ4mNGBXceBjfUpgtO55VJrs6o9hGDV9DJk%2BcEdi2sCuWnXa9loA5gpqp1or2cUmNt9ZBtCQb2%2FV5rKPDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 767a8df0ff785b38-FRA
priority: u=0,i=?0
expires: Thu, 19 Oct 2023 12:36:38 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 7F18 513 KB
139 KB 98ms
54ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6092
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ruD9rMreTG9N80vqAKfDJchpC6fGNCZ13cooxjwGbWOMKsiA1Uu2EMzFwgNBwnSYIa%2BszKF42CI2YeiCbkzxhS5w9OWnV0meS4rktrkHnLQQXsiobJzf81F%2FSl4axQdw%2BKYJnhmKYoH0MIkO8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df148059201-FRA

GET
H2 200 clappr-chromecast-plugin.min.js Show response
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ Frame 7F18 25 KB
7 KB 72ms
29ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20865
x-jsd-version: 0.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PyZkbAevDfdWhMGYKGIiBP7Qdsj4LiYfX1xsqAtS4BOM8JHY5AFp%2BlzqFgObDqmHesyJ8oK92r%2FYzeWrcMc3koZAq4bsHFg%2F6DaAHG%2BijB5NHE0l0qDowYld9jKXLvbDsNfzyxJFSqdIaRm4Ck%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df148089201-FRA

GET
H2 200 js Show response
tk.appnet.com/tk/ Frame 7F18 109 KB
43 KB 204ms
203ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/tk/js?id=UA-35082047-1

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9652ce5e28a036d11dea02b19b7e05210f7f8fe65d90ac7d03b5e8054319244c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHpsFSKlNd99a1unVCGhzsG5O79s3sjFLaI1bjOpRj5ROwt4rrxnQ%2F3imkAocNgSKoQUC9Q44QIrwebOXL5IYve2oxCaaezXChOQRrAKQwC4qRru5jEY%2BsOxL1Y3B%2FDMssHfFCPVKrbptMEb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, public
access-control-allow-credentials: true
cf-ray: 767a8df4ed84994b-FRA
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 00:08:35 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 7F18 17 KB
6 KB 52ms
51ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
Origin: https://www.resortcams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 767a8df5da0c9bc4-FRA

GET
H3 200 clappr.css
www.resortcams.com/clappr/ Frame 5A7B 2 KB
1 KB 26ms
26ms Stylesheet
text/css 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/clappr/clappr.css

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11582553d9848f677949982dcd12d2fa39ebaf1852954b1305f712a4267fd305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1649765
cf-polished: origSize=2457
content-encoding: br
x-rocket-nginx-serving-static: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 20:02:34 GMT
server: cloudflare
etag: W/"630683da-999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKbX%2BjD5pOgL2oVE0fE0pYjD796offxhqs9C7rMtsl4pQCzq%2Fueq37R8r1ueVKSlAAcucIQFY9F6MQC54%2FViUWImr3jXQRcXIn8mdXhFWRcH0ycWqqE5afNydeamUCBOjS4pkXIKmkQZBlewYUM8v5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 767a8df10f835b38-FRA
priority: u=0,i=?0
expires: Thu, 19 Oct 2023 12:36:38 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 5A7B 513 KB
139 KB 88ms
53ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6092
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p61r4bocxC%2BQBUbg0zC89CzVwm2KGvZwUuy6ZATKXyiAYCxeaIbtIGddChMT0%2FkAg3S2Pp07eCQmaW1%2Blg1%2FtR5z14Zc30Z2Ymx5Gyu1GH3WoOc3A8IlOTv3J2nj1d9HndKB368cBL3eSMHltA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df1480e9201-FRA

GET
H2 200 clappr-chromecast-plugin.min.js Show response
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ Frame 5A7B 25 KB
7 KB 66ms
31ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20865
x-jsd-version: 0.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKkLanj2q8SlcSBN0VsCinQM7q9ncPwzIK%2Fu%2BF9UCDXbUkjknBFu3aur%2F7I5AFxLSKZ8cPmYoCp29dA2aM7GLXQWC58GMVakOyomikJLyKfnQCLaHtvTm9Zc9XaMG%2FI9KOU67IRGX4Ta%2FRghmfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df1480a9201-FRA

GET
H2 200 js Show response
tk.appnet.com/tk/ Frame 5A7B 109 KB
43 KB 265ms
265ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/tk/js?id=UA-35082047-1

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9652ce5e28a036d11dea02b19b7e05210f7f8fe65d90ac7d03b5e8054319244c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0urCV3s2k1EtGPiPtnVPGn6O2KVBjgrC%2Fz4qLsXQCr8%2BDtA%2F4PwYqmHTUiWTMIsAQxkh%2FCgKznjcuZWPmADeESSNt6vSywLQe%2FaFWh4JloZU2BElpwKQ7Mk2a8MTRXuU6Gf02NZn3hFd7cB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, public
access-control-allow-credentials: true
cf-ray: 767a8df50dd7994b-FRA
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 00:08:35 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 5A7B 17 KB
6 KB 59ms
58ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
Origin: https://www.resortcams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 767a8df5ea169bc4-FRA

GET
H3 200 clappr.css
www.resortcams.com/clappr/ Frame B77D 2 KB
1 KB 28ms
27ms Stylesheet
text/css 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/clappr/clappr.css

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11582553d9848f677949982dcd12d2fa39ebaf1852954b1305f712a4267fd305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1649765
cf-polished: origSize=2457
content-encoding: br
x-rocket-nginx-serving-static: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 20:02:34 GMT
server: cloudflare
etag: W/"630683da-999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNxggpouHaQfYOKNivoP8wxRScESSluh8t3faiVrC1VENzKrPTUYO%2FJRgzQhpbnVERPX%2FP5hX2KGo0RT7deORR4vSrQQV1cFn0FsLF0OBpVO%2BX2ddkHBHtW9lcOIa3V1vX68W4JTp2tSZMaogKhxdMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 767a8df11f905b38-FRA
priority: u=0,i=?0
expires: Thu, 19 Oct 2023 12:36:38 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame B77D 513 KB
139 KB 66ms
38ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6092
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3ZVx%2F66Ieu0RcsGFNi5DY2m8vnbhggVHcYbCzVt%2B2Wtl9dXiy2kEwMQFkAG%2BHm7jybezlk%2BpU3Xm20D7k6Cjvjt%2FuniYLEA7adePZ8Slsw4GfIaGFe9KKzMRt6huO%2F9yYf8yMRbN05dF%2FC3lb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df148099201-FRA

GET
H2 200 clappr-chromecast-plugin.min.js Show response
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ Frame B77D 25 KB
7 KB 57ms
30ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20865
x-jsd-version: 0.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EE6%2BUY67elFkLeDfrR4PRsRN3wpQQ2Pdq%2FBv60IBntoGUDkznDAcj7iuONiX7mCz%2B6BdRtH4T2gioob3GCllGPbrBfEwjmhy8Z7nZfovNdifzVkOeixymNy6M7tpoPmrwgwpPeTdQ6MsPgbL6iY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df1480b9201-FRA

GET
H2 200 js Show response
tk.appnet.com/tk/ Frame B77D 109 KB
43 KB 266ms
207ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/tk/js?id=UA-35082047-1

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b695e02be1ba20c1bb069fcd9b730d5dfcad671d9025ddb2f698699bbd8ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRxCXhipS0H%2BlY9CElnklw5PCgBBouyl%2BBzQiIVeK6C%2FiqLVWEhu4UnTcmDSO8L5UDNzcOodAkzwjEvPploXJG1ponO1ymCofPEBBLBiexLsOAAiTFEOd2ZyKyIqiqgpehobOpAJqqpOF6kk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, public
access-control-allow-credentials: true
cf-ray: 767a8df48d0a994b-FRA
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 00:08:35 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame B77D 17 KB
6 KB 55ms
54ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
Origin: https://www.resortcams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 767a8df5ea179bc4-FRA

GET
H3 200 clappr.css
www.resortcams.com/clappr/ Frame 3B5E 2 KB
1 KB 33ms
33ms Stylesheet
text/css 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/clappr/clappr.css

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11582553d9848f677949982dcd12d2fa39ebaf1852954b1305f712a4267fd305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1649765
cf-polished: origSize=2457
content-encoding: br
x-rocket-nginx-serving-static: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 20:02:34 GMT
server: cloudflare
etag: W/"630683da-999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIB563cR0MnaQv8%2BValtFDTATMqo08AtDbnzdfvtns9Oir3%2FoxGfL1X%2Fo5JZuN1xz0qzs0Jc%2FVCYtb5ioOzSRAnyvT%2Ftt0f0jKPRN9lBNcXxgVf7GCC3Rrl10q78lhBrpbGWPmmdU5ro9KvQ5Pg3XGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 767a8df12f9d5b38-FRA
priority: u=0,i=?0
expires: Thu, 19 Oct 2023 12:36:38 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 3B5E 513 KB
139 KB 89ms
70ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6092
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaVMVp01q0CxmPPC%2Fnsk0x0kHsMRdP9kmnOuSaU36FR2C0TwHP2pe4JGUBjw8yhxq2%2BbS2COEnhvQ4akrd%2FB4tGbyGeF7Y78sZq0j6I%2BKHGVDa359zBkk0fM1U73dHdYUmLHy6vcQHUGRUW%2FqnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df158269201-FRA

GET
H2 200 clappr-chromecast-plugin.min.js Show response
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ Frame 3B5E 25 KB
8 KB 46ms
28ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20865
x-jsd-version: 0.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJs2JNB56pgJlNK4Knwj3akpTs5lcGWD1DGdZHQgYVndtFhwj8od30uYQcxzszP0%2FEChjjRaVgg%2BGZKH%2BFD%2BTYsSi7XzEOJughBqQkJzbKEFnyP5pai%2F27vZxzNUSJEJSolqC4NafYVz%2FIeUdQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df1480c9201-FRA

GET
H2 200 js Show response
tk.appnet.com/tk/ Frame 3B5E 109 KB
43 KB 3140ms
3138ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/tk/js?id=UA-35082047-1

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b695e02be1ba20c1bb069fcd9b730d5dfcad671d9025ddb2f698699bbd8ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OD48WPscd41FD5faRSmkl5xbf1rgfPbo9Eb3dj2gf51Kt1P8D8qKYeNvVblxqc42CTQiO94qFH2gA3NUJv90jXrHW2oBXtaxcZpvAnp406gSvMS0%2FsFFDa3AM4y6urmfKSKKrNfTCKaGwgNK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, public
access-control-allow-credentials: true
cf-ray: 767a8df52e06994b-FRA
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 00:08:38 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3B5E 17 KB
6 KB 53ms
52ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
Origin: https://www.resortcams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 767a8df5ea1d9bc4-FRA

GET
H3 200 clappr.css
www.resortcams.com/clappr/ Frame D557 2 KB
1 KB 28ms
27ms Stylesheet
text/css 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/clappr/clappr.css

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen/iframe/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11582553d9848f677949982dcd12d2fa39ebaf1852954b1305f712a4267fd305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
content-security-policy: default-src 'self' https: data: blob: wss: 'unsafe-inline' 'unsafe-eval';
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1649765
cf-polished: origSize=2457
content-encoding: br
x-rocket-nginx-serving-static: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 20:02:34 GMT
server: cloudflare
etag: W/"630683da-999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQVckW0r4X1MEL010m2ew5ipwVho7TkR%2FfTC5HfRuM69GrWwXCJn8wSm%2FMxXt2NeyldhxjQ22wTpx9g0PGY%2FfU%2FV3WVT0HjcIIMKWabJSHpS9TXxeGYX%2FsS6iQKCPK%2BFtO8CVLJUKScoa2DHNQ0vXRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 767a8df13faa5b38-FRA
priority: u=0,i=?0
expires: Thu, 19 Oct 2023 12:36:38 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame D557 513 KB
139 KB 65ms
54ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6092
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-hhn4049-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6fKzJSoGYP47A3GKi8b%2Fg4gmxJ4MMclVEZHVGzJRjGPWwFkQ6jaD1JH5AHtC3I4az0fOI7JOt0fYklZ2HAlmmzqzbHAHj%2F6R4saUfB4nvhPk2cRik30kfGJbfBepLOZ5VeWHONheF30J%2B32y2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df1480d9201-FRA

GET
H2 200 clappr-chromecast-plugin.min.js Show response
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ Frame D557 25 KB
7 KB 66ms
55ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20865
x-jsd-version: 0.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wj06njh7PbZMgA7N9UyiKbdQ9B9gUX3l%2BsCukZVf4mk8FeVvizF71sujyOtVFFL0mJ213OjVX64vicZYt2gSBR0OSu0JC1xcmdity7zPuAXnvRmDW8vuDuRVKGXqOG102bcwac7tQmlnSfe8nrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 767a8df158249201-FRA

GET
H2 200 js Show response
tk.appnet.com/tk/ Frame D557 109 KB
43 KB 222ms
221ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/tk/js?id=UA-35082047-1

Requested by

Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen/iframe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b180557a492ec00c8a07bf23ab69f47bbde9ee402e2473b827d14ecb175a827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIf32iOU8rVXf9xLBmGudrbYckAvA2NVDj1e%2Fk9136%2BDdUKz6VKRCJzqB56lFjAfzIg4LBRCqKIfuMuLslOEwxKjIHnpIaNQ%2BDHiI4mA9pl9G%2B%2B8r1TRD0WM3X6Ea3UpI0h97J%2FgsEqskHnE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, public
access-control-allow-credentials: true
cf-ray: 767a8df4fdac994b-FRA
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 00:08:35 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame D557 17 KB
6 KB 64ms
63ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.resortcams.com
URL: https://www.resortcams.com/webcams/wintergreen/iframe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
Origin: https://www.resortcams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 767a8df528e19bc4-FRA

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 365B 0
53 B 114ms
31ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=71cc2b07-77b6-4b49-9478-51a6654d08c4&u_scsid=eac6c23d-f8e3-4e26-8a05-ffbbb44f37af&u_sclid=9c239e7b-721e-4dea-997d-0d8256b66347

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:34 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
486 B 114ms
30ms XHR
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=71cc2b07-77b6-4b49-9478-51a6654d08c4&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

bf8f9a87eac3cd24371909071fa4c9cd0ab26d613debe62e48065c0d81a53623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.wintergreenresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wintergreenresort.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 62557043_2427191624177105_4157139330599935635_n.jpg
scontent.cdnsnapwidget.com/vp/5e8b5315e8a2cd8393140e7e4cb37a94/5DAD4C1B/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 91 KB
92 KB 114ms
51ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/5e8b5315e8a2cd8393140e7e4cb37a94/5DAD4C1B/t51.2885-15/sh0.08/e35/s640x640/62557043_2427191624177105_4157139330599935635_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a0fac97868b0c018a51e562b28b12b0f70c6950b95dda0a80a0b297201497d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0SNQ9ZVGE6QQDA3Z
age: 3031
cf-polished: origSize=95903, status=webp_bigger
content-length: 92982
x-amz-id-2: szmVuU8mOOjBjjOKDeVMPZKJPqVxYg6Y0fDA31tG2HZQEzZaj/6dO+Tf2HCCLzxus9gvLi6VotE=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 23 Jul 2019 11:19:11 GMT
server: cloudflare
etag: "18a400fac9ebf4a75786c3f48636623b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE0rfFEwDcd8P026tim26z8t8vVjd4pXhQzTmXbDbIqEZqsY5Qzb9b9LxzHwmd6E0eV6uy5QwKMh0MaYkHrCcOZ2Z4ZXAm25RqBJOA10wLByqsTcEGud5eqeQVULM7oZDFVabKaQtRQQc79Yd4MkgLWFYoVce5JH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df1b94a6933-FRA

GET
H2 200 67122452_1217413338439991_1081610856746123530_n.jpg
scontent.cdnsnapwidget.com/vp/1271b5159405e6ddc028888677dccebf/5DE2C555/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 26 KB
26 KB 112ms
49ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/1271b5159405e6ddc028888677dccebf/5DE2C555/t51.2885-15/sh0.08/e35/s640x640/67122452_1217413338439991_1081610856746123530_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340318ed77fddb36edc10dd76d4603e17896ea67bb6a7067b8edbb76fdebe23a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0SNND0DJWT19KET0
age: 3031
cf-polished: origSize=27438, status=webp_bigger
content-length: 26450
x-amz-id-2: nQpk4ByaMRj+/3fA7G3IQTSTUwhFKitYD/mJyHg+CBifobcQwq4J84alIjzcVQUjwyNpnCBjx4I=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2019 01:36:06 GMT
server: cloudflare
etag: "ff7b0529a6fa912c62979e397e185607"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtqgU%2Fgy8CJzwRuBrlCrmEMYDWSCUCi%2BY2qkGKC8ek%2FXE9C0lrNE8snH0tcoPBiBzmnLl375hfPiScF5w1ZE6JorkR45A7Vc9zFRMeCFqL8VTcorKHXO%2FvnQrflMivCDj%2FyaJmMNbkvrl1eCGC3YR4GQjiln5lah"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df1b94e6933-FRA

GET
H2 200 65908574_366399684305397_1921173972267093422_n.jpg
scontent.cdnsnapwidget.com/vp/e38ada61ae1710886bcd19e376d1c491/5DEDEDA7/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 130 KB
131 KB 113ms
50ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/e38ada61ae1710886bcd19e376d1c491/5DEDEDA7/t51.2885-15/sh0.08/e35/s640x640/65908574_366399684305397_1921173972267093422_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffaf416614b38322d3fb6d25e828221db5457667b50b2543f2de5b451cfe318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0SNW46KJZ2KYGXTY
age: 3031
cf-polished: origSize=137883, status=webp_bigger
content-length: 133399
x-amz-id-2: u8s2+Q6w43J3BDld2IfTk9DVEIYh0ZbSWa3vA3i6ndSx3h0AqVFvvY/L43v6Q4eyPKirkcdnJlI=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2019 01:36:05 GMT
server: cloudflare
etag: "c2ef503a9a6e26fd2ddb27431a8cee9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfyq3Mota2jXtPUONQjfg%2BMdn5RlIXTnTB%2BzmOtMOqT9T8aVx21xG7dJngmtKtwLVcixPcYOu0QOn58rQSSRv1mUE16z5SxdJALG0YyWl5X%2Bd9ij%2Bd0xLD1%2BEk6mF7Jb5oadIYxGBa8XSxgb2sEEk%2FJrt5JI7Y30"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df1b9516933-FRA

GET
H2 200 65947610_2356517434591329_4277715706062479253_n.jpg
scontent.cdnsnapwidget.com/vp/7063a3de0b63636a31f482a363793387/5DE0A78B/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 66 KB
66 KB 113ms
50ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/7063a3de0b63636a31f482a363793387/5DE0A78B/t51.2885-15/sh0.08/e35/s640x640/65947610_2356517434591329_4277715706062479253_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea81342e9852d016a8a3d291dc7c048cf7b8bcd2c0cc0876d6b1f45756ec053a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0SNT6WNP6KPDW6KC
age: 3031
cf-polished: origSize=69961, status=webp_bigger
content-length: 67513
x-amz-id-2: 1VhtTi/Uuq1DXo4se64i7/d4xePBOmah7LbYAT+cldtMvuEsG3Ipk00ZVEri1jJd47yW8kq16SA=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2019 01:36:04 GMT
server: cloudflare
etag: "2b555b09f911daac296d7568ea537af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Rwcy5y0YKZlbVwVHnF1bvIhFjysuDrnmeOyydhI1jC0l3ammQspWznXzcAUisoZ0o9qnQGLOREUyzRd2WX3SgN37WlTY0IiAHXzABak25dXraQ4BexhIhaCW%2BvgDj3eUqXbLfRRpOwju%2BQ9WjKo0Op8aDeoXhCz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df1b9546933-FRA

GET
H2 200 67133656_683841658728140_8841482194227744198_n.jpg
scontent.cdnsnapwidget.com/vp/16c1172e9e267d06d91670850696918e/5D47755C/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 41 KB
42 KB 109ms
47ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/16c1172e9e267d06d91670850696918e/5D47755C/t51.2885-15/sh0.08/e35/s640x640/67133656_683841658728140_8841482194227744198_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d26b818b7dbe138a92d2aa3f1b2616e6867451c884fd0b6400ca83e1b8c6e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0SNSR8SP63XERPZY
age: 3031
cf-polished: origSize=43936, status=webp_bigger
content-length: 42286
x-amz-id-2: CWJmOGq11nzf8m606JxVrtfxnbAk8JeTJDS8fkNCEKSz2Ogs3WvVbHG9LgR2fpcTVcVnlz2fhgA=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Aug 2019 01:36:03 GMT
server: cloudflare
etag: "980d29b0b62e1a94bd580df398c9a93b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhG0k9tokGmA5%2FQpvJkQCsw3lYdmtGVbyEXgiqdKEg044dOp83ClHN6pY7W739BsLHtK4B45gUeTzs9zZrUclB8kLgOViGY8ZwuwG4KS%2Fdd61ldlM7FWAoMoCpoOAFg0yYPt07bE5JVe6OKpGxWfC6ED1sRiOcUZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df1b9556933-FRA

GET
H2 200 67769766_153880299023164_8095040206303139987_n.jpg
scontent.cdnsnapwidget.com/vp/2b3718661dc88c9eeff1eac4f886f59a/5E152023/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 39 KB
40 KB 89ms
27ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/2b3718661dc88c9eeff1eac4f886f59a/5E152023/t51.2885-15/sh0.08/e35/s640x640/67769766_153880299023164_8095040206303139987_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd51eb9b465a2025d437eb86bb25ddd61eefafece44a26e680da7d7a43e87ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0SNJ061TJGA5NJD5
age: 3031
cf-polished: origSize=41700, status=webp_bigger
content-length: 40074
x-amz-id-2: UVAnFB6JoEXGdjKP6944vPYKCpuoqqlUPH2cp31eIx2Fq4IYlEmS4fnmy59fUeAO36p3HbYd3oQ=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Aug 2019 15:06:06 GMT
server: cloudflare
etag: "27dab00cc47cd21c258efdc3f333b997"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaK7O%2BCt18kb54WoO9wBIEx0t41I3j%2F1StrcP0rC7gbgA8TcW%2BOchwkq6fGKjWA0FWfG866%2F76TzUi9IhM1pXnN7276fYXatizJp8cI1bZ%2BinJPkaUO3VK%2Ffjhb5fih4pdjRyN%2Fh%2F1aojJgfArOYFN%2F6lHEU%2BPSh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df1b9526933-FRA

GET
H2 200 66490985_137442614162385_8579173156666739295_n.jpg
scontent.cdnsnapwidget.com/vp/4b4c1c96d14213068ea18d21ed0c7cbf/5DF0F77D/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 84 KB
85 KB 470ms
470ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/4b4c1c96d14213068ea18d21ed0c7cbf/5DF0F77D/t51.2885-15/sh0.08/e35/s640x640/66490985_137442614162385_8579173156666739295_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9cbaf9211b18bdc9520b7805c0d36acf29b3f8788b404d62bef73b39fce32d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
cf-cache-status: MISS
last-modified: Fri, 30 Aug 2019 15:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PPEJJNS3WM1R5HD3
etag: "add33b967b74beccaf27374e503a304b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gz344bervXK6UtbGoorrPu8mlZWC3KjBeOtnh7qT6w93sG%2FGNylqa5rgNL0PKI7QSjAIywNEqwUGssoppB8BBwNokyf%2F3Atzav10DERj3okVGZGwAUX80FolHBdWCHUEbgSUETwdizBMlRBRP4Q69sfWaOJ0Znnu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df209c46933-FRA
content-length: 86296
x-amz-id-2: gAvMaNJzdHRtFK85jMvt7rY2fC/Jt49VUsnMj/V7H/7uJQwr61KJtQQAcBvV9oX9KqzjSy5ChQA=

GET
H2 200 67647465_727650237669678_9133845195531287371_n.jpg
scontent.cdnsnapwidget.com/vp/df810b9518053a199c719d2c7f785e8a/5DFD344C/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 110 KB
110 KB 506ms
506ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/df810b9518053a199c719d2c7f785e8a/5DFD344C/t51.2885-15/sh0.08/e35/s640x640/67647465_727650237669678_9133845195531287371_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5da75af92ca1b7df22ae5b734c8e4cbad70e2534ee15cdc1daddb56e8a9477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
cf-cache-status: MISS
last-modified: Fri, 30 Aug 2019 15:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PPEQGNPFP8D8RRYD
etag: "96fa0116039bac0aeec72b80c061eaa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1s3Rt1uAlvFfocaVwYwUaTJUX%2F0tZhfmL%2BZZLPOTYS1AyjR9vMlQXpEf5WMvGESu0WjhHAkGi6ji6rFqXn%2Bws1RYNZzwr4WDHdRfqSj061NDmw918qtT5WlZP%2BA%2FsbaSfylZ874BDf8y5uCnzERe4gR2Qze47os2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df209c66933-FRA
content-length: 112489
x-amz-id-2: L+5XUAoabUBhMb/NXiNedQLOQRGB5BmQI2UvxC18rcbPxc4GJjabGcUNwM3WLSRxDJykSH3UapA=

GET
H2 200 65871732_366070997401829_1029135427154905456_n.jpg
scontent.cdnsnapwidget.com/vp/71234576aec7dd7dda1832158b372000/5E127B13/t51.2885-15/sh0.08/e35/s640x640/ Frame FB7C 114 KB
114 KB 436ms
436ms Image
image/jpeg 2606:4700:20::ac43:476d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdnsnapwidget.com/vp/71234576aec7dd7dda1832158b372000/5E127B13/t51.2885-15/sh0.08/e35/s640x640/65871732_366070997401829_1029135427154905456_n.jpg
Requested by: Host: snapwidget.com
URL: https://snapwidget.com/embed/308412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:476d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0106678017fea8c4e05467c49b1b987a8c289cb7d5d9425cbc8468f610ccf6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snapwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
cf-cache-status: MISS
last-modified: Fri, 30 Aug 2019 15:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PPEJAQK325XBPVSB
etag: "54377b4e471a5e44a6bc6cb9304c1b52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHp7GxD%2FcOWdNxjTZxkRKkZ7e4jXwq6PhROc456MKayXzrEQBUqAeKOaER1VNvfX3kcAEZ68%2FR9YvEVpQleKZYQ2Mrspm3EDSsDyoHxqfNlqA7%2BEEvTFatesI7f3Cuy269dHyHXid1FAqFwMt%2FFcOu0BCmG4yDVM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 767a8df209c76933-FRA
content-length: 116333
x-amz-id-2: lE0F80Qlsc4PVvMrShL97vDSX6Pu1POf8Z32Ryov0PMo073Iqk3WYhs0L3R/Nrkml2W+UwFP38w=

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame C13D 0
480 B 198ms
197ms Image
image/gif 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x2 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:34 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 10 Nov 2022 00:08:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 73ms
19ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=283889445573402&ev=PageView&dl=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&rl=&if=false&ts=1668038914813&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1668038914812.913077123&it=1668038914347&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Nov 2022 00:08:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 98C1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
29ms

XHR
application/json

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0

Protocol

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92d1aad2b8eebf996cc36e3c25e94962046287854cfc48fcce5a374d90061c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Nov 2022 00:08:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js
static.doubleclick.net/instream/ Frame 98C1 29 B
0 67ms
19ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:05:07 GMT
x-content-type-options: nosniff
age: 207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 00:20:07 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4BA0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
29ms

XHR
application/json

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0

Protocol

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3026fbc63efb0b9ec518644556b46b2d8ab94f1b18611b7dabf9b024c505b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Nov 2022 00:08:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ad_status.js
static.doubleclick.net/instream/ Frame 4BA0 0
0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6E23
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
31ms

XHR
application/json

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4abee100eb447670998dde409e0308c86a7b52e270b8a34024953481083e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Nov 2022 00:08:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6E23 29 B
54 B 65ms
21ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:05:07 GMT
x-content-type-options: nosniff
age: 208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 00:20:07 GMT

GET
H3 200 p
tr.snapchat.com/ 68 B
88 B 54ms
31ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=71cc2b07-77b6-4b49-9478-51a6654d08c4&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&bt=1d53c387&if=false&m_dcl=16913&m_fcps=16821&m_pi=16904&m_pl=0&m_pv=v2&m_rd=17679&m_sl=17446&rf=&trackId=9027d9d0-a865-4930-ad24-424546c8ea87&ts=1668038914985&u_c1=94e61f82-8509-435c-88b3-3b972777a821&u_sclid=9c239e7b-721e-4dea-997d-0d8256b66347&u_scsid=eac6c23d-f8e3-4e26-8a05-ffbbb44f37af&v=2.0.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.6.43/ 54 KB
54 KB 114ms
114ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9e6bui1n6x?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:34 GMT
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8ec7677589f4c"
x-azure-ref: 0A0FsYwAAAABtF2a1lmCbR5BkQU1/hE+AQU1TMDRFREdFMTgwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 55116
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 80ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 98C1 0
0

GET remote.js
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 98C1 0
0

GET EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
www.google.com/js/th/ Frame 98C1 0
0

GET embed.js
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 98C1 0
0

GET

id
googleads.g.doubleclick.net/pagead/ Frame 1837
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

0
0

GET ad_status.js
static.doubleclick.net/instream/ Frame 1837 0
0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
31ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4BA0 0
0

GET remote.js
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 4BA0 0
0

GET EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
www.google.com/js/th/ Frame 4BA0 0
0

GET embed.js
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 4BA0 0
0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6E23 65 KB
30 KB 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52575c6625b05a6db1c4553e947768c603660e77c37a029fcb7a2c5055cd23be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30717
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 6E23 118 KB
36 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:14 GMT

GET
H3 200 EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js Show response
www.google.com/js/th/ Frame 6E23 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116ba867ff4b53784befa3d3dd814b83f123289753a59eab82d813240f7c3816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14351
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 23:39:11 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 6E23 26 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:28 GMT

GET
H3 200 23_OlmKlj14 Show response
www.youtube.com/embed/ Frame 1837 68 KB
27 KB 76ms
75ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bc3aff3bf885ef958324edb85b4b01483ed7c38781188f933b019442a9dd123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 10 Nov 2022 00:08:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST log_event
www.youtube.com/youtubei/v1/ Frame 1837 0
0

GET
H3 200 UY0PvaYyQB0 Show response
www.youtube.com/embed/ Frame 98C1 69 KB
28 KB 69ms
67ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d884d80f814448deeae1557574ef8692786ce82e0983c0711b782c34dd60024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 10 Nov 2022 00:08:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST log_event
www.youtube.com/youtubei/v1/ Frame 98C1 0
0

GET
H3 200 RdTcdsNGdRQ Show response
www.youtube.com/embed/ Frame 4BA0 68 KB
27 KB 100ms
99ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e0fe174417a0ca83575369b4122d9d208d727359fa3a4219ef3e5d67dbce988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 10 Nov 2022 00:08:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST log_event
www.youtube.com/youtubei/v1/ Frame 4BA0 0
0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1837 0
0

GET remote.js
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 1837 0
0

GET EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
www.google.com/js/th/ Frame 1837 0
0

GET embed.js
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 1837 0
0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7F18 4 KB
3 KB 83ms
33ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:35 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D557 4 KB
2 KB 68ms
43ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:35 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5A7B 4 KB
2 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:35 GMT

POST atr
www.youtube.com/api/stats/ Frame 1837 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 1837 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 1837 359 KB
49 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 1837 309 KB
96 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 1837 2 MB
576 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 1837 9 KB
3 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

POST atr
www.youtube.com/api/stats/ Frame 98C1 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 98C1 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 98C1 359 KB
49 KB 26ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 98C1 309 KB
96 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 98C1 2 MB
576 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 98C1 9 KB
3 KB 33ms
27ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3B5E 4 KB
2 KB 130ms
79ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:35 GMT

POST atr
www.youtube.com/api/stats/ Frame 4BA0 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 4BA0 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 4BA0 359 KB
49 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:15 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 4BA0 309 KB
96 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 4BA0 2 MB
576 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 4BA0 9 KB
3 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:22 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B77D 4 KB
2 KB 51ms
44ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:35 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1837 15 KB
15 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 574594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1837 15 KB
15 KB 26ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 179236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98C1 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 574594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98C1 15 KB
15 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 179236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BA0 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 574594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 08:32:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BA0 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 179236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6E23 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da86c65a83525beff4812d89ae216ca03594e2ffefbcf3adb41930aa0feb70ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 rum Show response
snapwidget.com/cdn-cgi/ Frame FB7C 0
181 B 24ms
23ms XHR
text/plain 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snapwidget.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://snapwidget.com/embed/308412
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://snapwidget.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 767a8df7dbc79013-FRA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C13D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=drpjbED0SwC1RRxG-cioQQ
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESELyLgEfQjvaUBlJsZXWmdyc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=drpjbED0SwC1RRxG-cioQQ

170 B
188 B

73ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=drpjbED0SwC1RRxG-cioQQ

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 10 Nov 2022 00:08:35 GMT
Server: MT3 4629 97bee97 master zrh-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=drpjbED0SwC1RRxG-cioQQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Nov 2022 00:08:34 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C13D 0
239 B 104ms
22ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=76ba636c-40f4-4b00-b545-1c46f9c8a841&expires=28
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 collect Show response
k.clarity.ms/ 0
173 B 620ms
222ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.wintergreenresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.wintergreenresort.com
date: Thu, 10 Nov 2022 00:08:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 analytics.js Show response
tk.appnet.com/ Frame B77D 49 KB
21 KB 79ms
54ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/analytics.js

Requested by

Host: tk.appnet.com
URL: https://tk.appnet.com/tk/js?id=UA-35082047-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2691cc32b277e9e3f621ba3a77b9518f2c8a5697a897c5d2604b0a8b4a1400e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3807
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 09 Nov 2022 22:39:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Vf5YmH7FRfCy3XBBfEe0mhFVxRPap0QfMLhvpaIMSNK3pAc7MtQkvj51qHMnBLdSvn1O3M6QS6g8%2BHy5WXE7H8Zf1ziv%2F7IU5yJZTjrBIfwIawwouBrVomNP%2BW%2BPCeHMAE0rGe8Qp6K3ADQ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=7200, public
cf-ray: 767a8df88a48994a-FRA
expires: Wed, 09 Nov 2022 22:49:13 GMT

GET
H3 200 analytics.js Show response
tk.appnet.com/ Frame 7F18 49 KB
21 KB 73ms
55ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/analytics.js

Requested by

Host: tk.appnet.com
URL: https://tk.appnet.com/tk/js?id=UA-35082047-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2691cc32b277e9e3f621ba3a77b9518f2c8a5697a897c5d2604b0a8b4a1400e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3807
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 09 Nov 2022 22:39:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ednWoIt9UfcLxQoGE09mQSCvhq2EPUKS2QPFJ3OPCU7M8fw8pY3d1LmTqDZ0ZSpNDqgjq%2F46L8SI7ErT2jZv3Ds28vmfdE%2FwMYaczuxsJJmiYtPW565RTvTFcW91iCJjBXs6H4htGSiqBHdN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=7200, public
cf-ray: 767a8df88a4a994a-FRA
expires: Wed, 09 Nov 2022 22:49:13 GMT

GET
H3 200 analytics.js Show response
tk.appnet.com/ Frame D557 49 KB
21 KB 44ms
32ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/analytics.js

Requested by

Host: tk.appnet.com
URL: https://tk.appnet.com/tk/js?id=UA-35082047-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2691cc32b277e9e3f621ba3a77b9518f2c8a5697a897c5d2604b0a8b4a1400e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3807
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 09 Nov 2022 22:39:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omD4vGGKyuNeOOhOo3rk9odMH78YDNcivmWd5OWRJoMyHdmPujH3aPA9KjgcVrmuy7ek0wcZPR8MMyn7VJKsVDp21K26QSy94lyeZa%2BoJGglUz8xKbVubsZp1Am%2FVyA2ovG80%2FKXO0qP3id3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=7200, public
cf-ray: 767a8df88a4b994a-FRA
expires: Wed, 09 Nov 2022 22:49:13 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame B77D 52 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 200 analytics.js Show response
tk.appnet.com/ Frame 5A7B 49 KB
21 KB 70ms
70ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/analytics.js

Requested by

Host: tk.appnet.com
URL: https://tk.appnet.com/tk/js?id=UA-35082047-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2691cc32b277e9e3f621ba3a77b9518f2c8a5697a897c5d2604b0a8b4a1400e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:35 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3807
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 09 Nov 2022 22:39:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djZO8YAytdqP5WYEM1QD2Tuvt1v9M09V66OsPM9WnwrqUFyMKZOkXVEpBGz4BI6OARZwDdGY%2F%2Fjm8JH3Md2NAZNWSn1cPqBbLNodWtDrIKsC62roMSSXDy8KLv1IAtFeNF59h6M2vE3pAMz6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=7200, public
cf-ray: 767a8df88a59994a-FRA
expires: Wed, 09 Nov 2022 22:49:13 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 3B5E 52 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 7F18 52 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame D557 52 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 5A7B 52 KB
15 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 6E23 0
11 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qT-uKQ
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6E23 4 KB
2 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:36 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 1837 113 B
159 B 30ms
29ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e59ad87ca28175c81c7c5ccd53fb54154ce61b1c0404a085b680e52b072ff171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1837 29 B
54 B 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:05:07 GMT
x-content-type-options: nosniff
age: 209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 00:20:07 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 98C1 113 B
159 B 29ms
29ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bca57686e3ba5bab4e61d5aeb47db344ce427f38d4b00c5f91f892a307e9cf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 98C1 29 B
54 B 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:05:07 GMT
x-content-type-options: nosniff
age: 209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 00:20:07 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4BA0 113 B
159 B 30ms
30ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc8ee08a81bd945ce55dd17d9639fe843d0a739ac7410ac9ff2e91c4964dd9dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4BA0 29 B
54 B 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:05:07 GMT
x-content-type-options: nosniff
age: 209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 00:20:07 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1837 65 KB
30 KB 40ms
39ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e5e92c687253587bb0bc1697de7611a8fd8be324053229ade601d43ecc81a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30769
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 1837 118 KB
36 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:14 GMT

GET
H3 200 EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js Show response
www.google.com/js/th/ Frame 1837 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116ba867ff4b53784befa3d3dd814b83f123289753a59eab82d813240f7c3816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14351
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 23:39:11 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 1837 26 KB
8 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:28 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
28ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 98C1 65 KB
30 KB 38ms
38ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5298be61f22f0111a7c90d5064e4b5e788da9621ab1bb905bee8b8be598b5cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30603
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 98C1 118 KB
36 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:14 GMT

GET
H3 200 EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js Show response
www.google.com/js/th/ Frame 98C1 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116ba867ff4b53784befa3d3dd814b83f123289753a59eab82d813240f7c3816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14351
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 23:39:11 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 98C1 26 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:28 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4BA0 66 KB
30 KB 39ms
38ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdfe065b3ffb9f7841715c31c0332bdd01235ca40b5834065926923925faa265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30833
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 4BA0 118 KB
36 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:14 GMT

GET
H3 200 EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js Show response
www.google.com/js/th/ Frame 4BA0 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116ba867ff4b53784befa3d3dd814b83f123289753a59eab82d813240f7c3816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14351
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 23:39:11 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 4BA0 26 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:28 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 6E23 52 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=833252388&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&ul=en-us&de=UTF-8&dt=Wintergreen%20Resort%2C%20Premier%20Blue%20Ridge%20Mountain%20Virginia%20Vacation%20and%20Ski%20Resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=29hp3h&_u=aHBAiEABBAAAAEAAI~&jid=&gjid=&cid=527269279.1668038914&tid=UA-21428245-1&_gid=1017053671.1668038914&gtm=2wgb7052S4GRW&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9e6bui1n6x%2F1kvo4q%2F29hp3h&z=34673765

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77165
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 46ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=283889445573402&ev=Microdata&dl=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&rl=&if=false&ts=1668038916587&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtWintergreen%20Resort%2C%20Premier%20Blue%20Ridge%20Mountain%20Virginia%20Vacation%20and%20Ski%20Resort%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1668038914812.913077123&it=1668038914347&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Nov 2022 00:08:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 204 rum Show response
www.resortcams.com/cdn-cgi/ Frame D557 0
143 B 25ms
24ms XHR
text/plain 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen/iframe/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.resortcams.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 767a8dfcc9715b38-FRA

POST
H3 204 rum Show response
www.resortcams.com/cdn-cgi/ Frame 7F18 0
143 B 26ms
26ms XHR
text/plain 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-devils-knob-golf/iframe/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.resortcams.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 767a8dfcc9735b38-FRA

POST
H3 204 rum Show response
www.resortcams.com/cdn-cgi/ Frame 5A7B 0
143 B 23ms
22ms XHR
text/plain 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-slopeside/iframe/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.resortcams.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 767a8dfcc97b5b38-FRA

POST
H3 204 rum Show response
www.resortcams.com/cdn-cgi/ Frame B77D 0
143 B 22ms
21ms XHR
text/plain 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-blue-ridge-express/iframe/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.resortcams.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 767a8dfcc97c5b38-FRA

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1837 90 B
134 B 36ms
36ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d760b353827fa1af0ed0d6c1c63a9ee82c96d122a14d13885b26a0b5a8cd249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
28ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 98C1 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68b16d79e949cecd8238af257eae1cc0646d27f0b2b9c9a66a048d2b55f3f69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4BA0 90 B
134 B 33ms
33ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2384bbeb0c6d801dc83031abb78ad200b98f3d66b4eaf751c30a0a3ec35c615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 10 Nov 2022 00:08:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1837 4 KB
2 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:36 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 1837 0
11 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?w8z_ng
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 98C1 0
11 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?31rICg
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 98C1 4 KB
2 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:37 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4BA0 0
11 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?jcp3Mg
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4BA0 4 KB
2 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:08:37 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 1837 52 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 98C1 52 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 4BA0 52 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
49 B 227ms
227ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.wintergreenresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.wintergreenresort.com
date: Thu, 10 Nov 2022 00:08:36 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1

200
OK

img
sync.mathtag.com/sync/ Frame C13D
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8598202313157639348

43 B
430 B

27ms
27ms

Image
image/gif

185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8598202313157639348
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4629 97bee97 master zrh-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: MT3 4629 97bee97 master zrh-pixel-x25 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Thu, 10 Nov 2022 00:08:36 GMT

Redirect headers

Date: Thu, 10 Nov 2022 00:08:37 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ef81bf84-5917-4480-b5d1-4737a939b512
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8598202313157639348
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame C13D 42 B
555 B 112ms
27ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA=&piggybackCookie=uid:76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 10 Nov 2022 00:08:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55938/ Frame C13D
Redirect Chain

https://ups.analytics.yahoo.com/ups/55938/sync?uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_origin=1
https://ups.analytics.yahoo.com/ups/55938/sync?uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_origin=1&verify=true

0
121 B

25ms
25ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55938/sync?uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_origin=1&verify=true

Requested by

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55938/sync?uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_origin=1&verify=true
date: Thu, 10 Nov 2022 00:08:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sd
jp-u.openx.net/w/1.0/ Frame C13D 43 B
273 B 106ms
30ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4448
stags.bluekai.com/site/ Frame C13D 62 B
459 B 276ms
197ms Image
image/gif 2.18.232.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 10 Nov 2022 00:08:37 GMT
content-length: 62
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C13D
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&C=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&C=1
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=3&external_user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 361087.gif
idsync.rlcdn.com/ Frame C13D 0
98 B 97ms
29ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/361087.gif?partner_uid=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

img
pixel.mathtag.com/sync/ Frame C13D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESENJ5BtXz2qZFR0Q5rs15rjI&google_cver=1

43 B
405 B

192ms
192ms

Image
image/gif

23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESENJ5BtXz2qZFR0Q5rs15rjI&google_cver=1
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Nov 2022 00:08:36 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESENJ5BtXz2qZFR0Q5rs15rjI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame C13D 43 B
661 B 203ms
195ms Image
image/gif 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=10:29&mt_cb=955977&mop_top=4:1668035979|9:1668035979|13:1668035979|3:1668035979|21:1668035979|5:1668035979|10010:1668035979|15:1668035979|10017:1668035979|10074:1668035979|
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Nov 2022 00:08:36 GMT

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ Frame C13D 49 B
533 B 472ms
117ms Image
image/gif 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=76ba636c-40f4-4b00-b545-1c46f9c8a841

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 00:08:38 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-60
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame C13D 0
316 B 106ms
29ms Image
text/plain 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
pragma: no-cache
date: Thu, 10 Nov 2022 00:08:37 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pod: X-Sovrn-Pod: ad_ap7ams1
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

match
ads.betweendigital.com/ Frame C13D
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=80&user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=76ba636c-40f4-4b00-b545-1c46f9c8a841&expires=30
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=36e51811-dc16-4164-a6bb-5b3b7b0d6acb
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=36e51811-dc16-4164-a6bb-5b3b7b0d6acb&crf=1

68 B
607 B

28ms
26ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=36e51811-dc16-4164-a6bb-5b3b7b0d6acb&crf=1
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=22&external_user_id=36e51811-dc16-4164-a6bb-5b3b7b0d6acb&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 204 /
cs.adingo.jp/sync/ Frame C13D 0
44 B 824ms
262ms Image
text/plain 54.238.220.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=mediamath&id=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.220.104 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-220-104.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
server: awselb/2.0

GET
H/1.1

200
OK

647471
se.semasio.net/sync/1/ Frame C13D
Redirect Chain

https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=76ba636c-40f4-4b00-b545-1c46f9c8a841&sInitiator=external
https://uipglob.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=76ba636c-40f4-4b00-b545-1c46f9c8a841&sInitiator=external
https://se.semasio.net/sync/1/14876172?sExtCookieId=76ba636c-40f4-4b00-b545-1c46f9c8a841&sInitiator=external&gdpr=&gdpr_consent=
https://track.adform.net/serving/cookie/match/?party=1008&gdpr=&gdpr_consent=
https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr=&gdpr_consent=
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6513508622110358324&sInitiator=internal&gdpr=&gdpr_consent=
https://se.semasio.net/sync/1/16266044?sExtCookieId=6513508622110358324&gdpr=&gdpr_consent=&sInitiator=internal
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=&gdpr_consent=
https://se.semasio.net/sync/1/4354957?sExtCookieId=8598202313157639348&sInitiator=internal&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=QkUzNjlBRjgzN0Y2QkRBRQ&gdpr=&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEESWyYZGKCi79RsGGvQ8AQs&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEESWyYZGKCi79RsGGvQ8AQs&sInitiator=internal&google_cver=1&gdpr=&gdpr_consent=
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=&gdpr_consent=
https://se.semasio.net/sync/1/647471?sExtCookieId=7164172601277413516&sInitiator=internal&gdpr=&gdpr_consent=

0
415 B

39ms
36ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/647471?sExtCookieId=7164172601277413516&sInitiator=internal&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:43 GMT
uip-status: Ok
frontend-id: 03
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location: https://se.semasio.net/sync/1/647471?sExtCookieId=7164172601277413516&sInitiator=internal&gdpr=&gdpr_consent=
Date: Thu, 10 Nov 2022 00:08:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C13D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&__user_check__=1&sync_id=d33e5936-608b-11ed-855d-1e5bf6c20306

43 B
548 B

29ms
29ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6653&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&__user_check__=1&sync_id=d33e5936-608b-11ed-855d-1e5bf6c20306
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 69
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6653&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&__user_check__=1&sync_id=d33e5936-608b-11ed-855d-1e5bf6c20306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 68
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame C13D 43 B
699 B 85ms
30ms Image
image/gif 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=76ba636c-40f4-4b00-b545-1c46f9c8a841&redirectId=0
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1668038917793029-506
Expires: Thu, 10 Nov 2022 00:08:37 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C13D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=mediamath
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath

0
338 B

147ms
42ms

Image
text/plain

52.48.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Server: 52.48.248.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Thu, 10 Nov 2022 00:08:38 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1668038918
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
date: Thu, 10 Nov 2022 00:08:38 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a020-ash-prod.krxd.net

GET
H2 204 usync
su.addthis.com/red/ Frame C13D 0
95 B 489ms
146ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://su.addthis.com/red/usync?pid=11112&puid=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:38 GMT
cache-control: max-age=0, no-cache, no-store, no-transform

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C13D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=269&dpuuid=76ba636c-40f4-4b00-b545-1c46f9c8a841
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=76ba636c-40f4-4b00-b545-1c46f9c8a841

42 B
942 B

135ms
135ms

Image
image/gif

34.253.119.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=76ba636c-40f4-4b00-b545-1c46f9c8a841

Requested by

Protocol

HTTP/1.1

Server

34.253.119.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-119-106.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-02fc48b13.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ph0ZLqs2QzE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UX5Yux2gTxs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=76ba636c-40f4-4b00-b545-1c46f9c8a841
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame C13D 43 B
813 B 195ms
195ms Image
image/gif 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=20:29&mt_cb=635891&mop_top=4:1668035979|9:1668035979|13:1668035979|3:1668035979|21:1668035979|5:1668035979|10010:1668035979|15:1668035979|10017:1668035979|10074:1668035979|42:1668035979|17:1668035979|46:1668035979|40:1668035979|10041:1668035979|30:1668035979|44:1668035979|10031:1668035979|10025:1668035979|10004:1668035979|
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:38 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Nov 2022 00:08:37 GMT

GET
H/1.1

200
OK

37464
i6.liadm.com/s/ Frame C13D
Redirect Chain

https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841
https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&_li_chk=true&previous_uuid=2e3c414d8483492fb07c3c9828d13729
https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841

43 B
436 B

457ms
115ms

Image
image/gif

2600:1f18:ed:550e:c4e3:3eb9:eebf:6813
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:c4e3:3eb9:eebf:6813 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:38 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841
Date: Thu, 10 Nov 2022 00:08:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C13D
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=76ba636c-40f4-4b00-b545-1c46f9c8a841
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=76ba636c-40f4-4b00-b545-1c46f9c8a841&ct=y

49 B
543 B

82ms
82ms

Image
image/gif

52.209.158.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=76ba636c-40f4-4b00-b545-1c46f9c8a841&ct=y
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Server: 52.209.158.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-158-131.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.9.173
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:38 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=76ba636c-40f4-4b00-b545-1c46f9c8a841&ct=y
cache-control: no-cache
x-server: 10.45.26.132
content-length: 0
expires: 0

GET
H2 200 sync
sync.navdmp.com/ Frame C13D 43 B
186 B 216ms
159ms Image
image/gif 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 767a8e067f9bbba4-FRA
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

/
pixel.mathtag.com/sync/img/ Frame C13D
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=76ba636c-40f4-4b00-b545-1c46f9c8a841
https://d.agkn.com/pixel/10751/?che=1668038918266&ip=217.114.215.131&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=

43 B
405 B

195ms
194ms

Image
image/gif

23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 4629 97bee97 master hkg-pixel-x10 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:38 GMT
Server: MT3 4629 97bee97 master hkg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Nov 2022 00:08:37 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 00:08:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame C13D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=76ba636c-40f4-4b00-b545-1c46f9c8a841
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=76ba636c-40f4-4b00-b545-1c46f9c8a841

95 B
122 B

51ms
30ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=76ba636c-40f4-4b00-b545-1c46f9c8a841

Requested by

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 10 Nov 2022 00:08:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=76ba636c-40f4-4b00-b545-1c46f9c8a841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

actualizar
penta.a.one.impact-ad.jp/psm/1.0/ Frame C13D
Redirect Chain

https://y.one.impact-ad.jp/cs?d=288&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&r=no
https://y.one.impact-ad.jp/ul_cb/cs?d=288&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841&r=no
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

42 B
345 B

346ms
289ms

Image
image/gif

107.178.248.96
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

Protocol

Server

107.178.248.96 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

96.248.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:39 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains;
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Date: Thu, 10 Nov 2022 00:08:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame C13D 42 B
802 B 308ms
245ms Image
image/gif 13.225.78.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=28&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-5.fra2.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:38 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
x-amz-cf-id: SMRVtJ6RTV53-yedstzdaN07YrNyqX_2D2L5evghkWKCNty8dm5g0g==
content-length: 42
x-xss-protection: 0
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame C13D 43 B
727 B 893ms
282ms Image
image/gif 124.146.215.52
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=mediamath&ssp_uid=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.52 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

X-SO-Cluster-ID: 2
Date: Thu, 10 Nov 2022 00:08:39 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=mediamath&ssp_uid=76ba636c-40f4-4b00-b545-1c46f9c8a841","cluster_id":2,"gdpr":true,"ipv4":"0.0.0.0","key":"Y2xBB8Co8X4AAE0Ok.wAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad145"}
X-SO-Key: Y2xBB8Co8X4AAE0Ok.wAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad145
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad145.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 43
X-SO-LB-Hostname: m-tgng26.dc4p.scaleout.jp
X-SO-IP: 217.114.215.131

GET
H2 200 map
sync.rfp.fout.jp/ Frame C13D 43 B
284 B 466ms
255ms Image
image/gif 35.186.196.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.rfp.fout.jp/map?dsp_id=10&uid=76ba636c-40f4-4b00-b545-1c46f9c8a841
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.196.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.196.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:38 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: Accept-Encoding
p3p: CP="ADM NOI OUR"
content-type: image/gif
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame C13D 43 B
953 B 195ms
195ms Image
image/gif 23.3.109.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=29:29&mt_cb=979204&check=76ba636c-40f4-4b00-b545-1c46f9c8a841&mop_top=4:1668035979|9:1668035979|13:1668035979|3:1668035979|21:1668035979|5:1668035979|10010:1668035979|15:1668035979|10017:1668035979|10074:1668035979|42:1668035979|17:1668035979|46:1668035979|40:1668035979|10041:1668035979|30:1668035979|44:1668035979|10031:1668035979|10025:1668035979|10004:1668035979|36:1668035979|10040:1668035979|10050:1668035979|10009:1668035979|10072:1668035979|350:1668035979|370:1668035979|368:1668035979|369:1668035979|
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.3.109.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-5.deploy.static.akamaitechnologies.com
Software: MT3 162 58fc253 master hkg-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ba636c-40f4-4b00-b545-1c46f9c8a841&no_iframe=1&mt_adid=114781&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 00:08:38 GMT
Server: MT3 162 58fc253 master hkg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Nov 2022 00:08:37 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6E23 28 B
55 B 36ms
35ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1668038917928
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_uEIaQ194KM?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtRODE5akpNcnZtZyiCgrGbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668038914801&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 10 Nov 2022 00:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 10 Nov 2022 00:08:37 GMT

GET
H3 200 analytics.js Show response
tk.appnet.com/ Frame 3B5E 49 KB
21 KB 30ms
30ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk.appnet.com/analytics.js

Requested by

Host: tk.appnet.com
URL: https://tk.appnet.com/tk/js?id=UA-35082047-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2691cc32b277e9e3f621ba3a77b9518f2c8a5697a897c5d2604b0a8b4a1400e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3810
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 09 Nov 2022 22:39:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzQhXbuR1%2Fm%2BzZ6ilXjRvSpginCi4WdkV5Xv%2FDbY286XIDLmDtKgT8BhEz5uEovAFJQwBKlm6aLBsFStK7PSRaKlByEFYWpEtQRwxNpfjPCfEnrrWormdFFWfwyY0CD3NITHY%2Fo23TdGqVaP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=7200, public
cf-ray: 767a8e090806994a-FRA
expires: Wed, 09 Nov 2022 22:49:13 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 8932
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df406bca53b7c18%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

88ms
87ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df406bca53b7c18%2526domain%253Dwww.wintergreenresort.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.wintergreenresort.com%25252Ff1b64ce8af1c3cc%2526relation%253Dparent.parent%26container_width%3D0%26height%3D540%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWintergreenResort%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=81da66ef6079c7c5ad5a8fcd04b181e5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.wintergreenresort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Nov 2022 00:08:38 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 9I7BGrsSU/N09hwhp9gUH3lOY+G2Xdu4z9MPf4UYHaHFgAFVwecxovenDBF46+jBwLnapl2b6wJYfOs57kEpiQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 10 Nov 2022 00:08:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df406bca53b7c18%2526domain%253Dwww.wintergreenresort.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.wintergreenresort.com%25252Ff1b64ce8af1c3cc%2526relation%253Dparent.parent%26container_width%3D0%26height%3D540%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWintergreenResort%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26width%3D500
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: lGDbCA+N5weUCeFN+OPRaNuYqkHa5q3e7hKyh9GiLkicYm4cdOMHwbiwj+l/8vbQJ7l7fhlAxKr6pg9b/iWenQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=04FBEE52CEDF43189589E6C834FADEDE&RedC=c.clarity.ms&MXFR=3C7EBDD09E786BF10C40AF889A786552
https://c.clarity.ms/c.gif?CtsSyncId=04FBEE52CEDF43189589E6C834FADEDE&MUID=1EEBD853052B6F341497CA0B04876E91

42 B
369 B

44ms
44ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=04FBEE52CEDF43189589E6C834FADEDE&MUID=1EEBD853052B6F341497CA0B04876E91
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:38 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 00:08:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81CC7C8729534C698D305B0A2E0895C6 Ref B: FRA31EDGE0719 Ref C: 2022-11-10T00:08:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=04FBEE52CEDF43189589E6C834FADEDE&MUID=1EEBD853052B6F341497CA0B04876E91
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK event.jpeg
www.pages08.net/WTS/ 0
473 B 354ms
115ms Image
image/jpeg 3.96.5.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pages08.net/WTS/event.jpeg?accesskey=1774c950-15d3edd3da0-6681ada67421f5d3ed5e65517ed2e77a&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=612bc615-68a2-1d33-8306-3921ca89ec84&webSyncID=a8bc8cc7-d9e0-ba09-ae64-e975ad53b87a&url=https%3A%2F%2Fwww.wintergreenresort.com%2F%3FNCK%3D8664708608%26utm_source%3DEblast%2520Reservation%2520phone%2520number%26utm_medium%3Deblast%26utm_campaign%3DEblast%2520Toll%2520Free%2520Reservation%26spMailingID%3D8893354%26spUserID%3DOTcyNTI0NjczOTcS1%26spJobID%3D1620186721%26spReportId%3DMTYyMDE4NjcyMQS2&newSiteVisit=1&hostname=www.wintergreenresort.com&pathname=%2F&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2&newPageVisit=1&eventKey=cc12b054-0c10-7352-d447-e21aca0a49a1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.96.5.142 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-96-5-142.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 00:08:38 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Server: Apache
p3p: CP="CAO PSA OUR"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection: close
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK BingIcons.png
hosteduxprod.blob.core.windows.net/public-files/1.0.0/ 7 KB
7 KB 113ms
112ms Image
application/octet-stream 52.239.221.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/BingIcons.png
Requested by: Host: hosteduxprod.blob.core.windows.net
URL: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/CssTheme.1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.221.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e965fad5de1dd29f4231b53f586bedefebe9b69b7eaed9db3bb45de2b84e5770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/CssTheme.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 10 Nov 2022 00:08:37 GMT
Last-Modified: Sun, 06 May 2018 09:23:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: lMWjtve72nx3zvhxEafaLg==
ETag: 0x8D5B333039E1E27
Content-Type: application/octet-stream
x-ms-request-id: 0030b216-001e-0007-6c98-f447bc000000
x-ms-version: 2009-09-19
Content-Length: 7223

POST
H3 204 rum Show response
www.resortcams.com/cdn-cgi/ Frame 3B5E 0
143 B 23ms
22ms XHR
text/plain 2606:4700:3038::6815:eb4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortcams.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.resortcams.com/webcams/wintergreen-stony-creek-golf/iframe/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.resortcams.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 767a8e097bce5b38-FRA

POST
H3 204 rum Show response
www.wintergreenresort.com/cdn-cgi/ 0
148 B 33ms
27ms XHR
text/plain 2606:4700:10::ac43:1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wintergreenresort.com/?NCK=8664708608&utm_source=Eblast%20Reservation%20phone%20number&utm_medium=eblast&utm_campaign=Eblast%20Toll%20Free%20Reservation&spMailingID=8893354&spUserID=OTcyNTI0NjczOTcS1&spJobID=1620186721&spReportId=MTYyMDE4NjcyMQS2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.wintergreenresort.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 767a8e0979eb68f8-FRA

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1837 28 B
56 B 36ms
34ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1668038918858
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/23_OlmKlj14?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtRODE5akpNcnZtZyiDgrGbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668038915857&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoL0Y0X9PGw6VwX--syvQ182sf4hDphnW-xrWqu_fqPuGtkdLcPDEfnejwDV6ximk75JbnTMRUg9_03V23HAA6c7vSLdw

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 10 Nov 2022 00:08:38 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 98C1 28 B
56 B 37ms
35ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1668038918875
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/UY0PvaYyQB0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtRODE5akpNcnZtZyiDgrGbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668038915868&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKo3ma0sRZ-TIViwj9Ks52ixnp87oQehZm52AVN6leA-Xhr2b6ZiVrFpv-xZrrOcRiAhyar0ega1DzLc4uvzRuQlOR2ZRA

Response headers

date: Thu, 10 Nov 2022 00:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 10 Nov 2022 00:08:38 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4BA0 28 B
56 B 35ms
35ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1668038919051
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RdTcdsNGdRQ?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.wintergreenresort.com
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtRODE5akpNcnZtZyiDgrGbBg%3D%3D
X-YouTube-Ad-Signals: dt=1668038915906&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKrR74_AZVptc_IJIZA6fro7z543M10iripa2Q2jmgppyOz6KkpeRzD_8XUL7frDJcmcFkoDjGG3eOyUtYGsIA9n1VR4eg

Response headers

date: Thu, 10 Nov 2022 00:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 10 Nov 2022 00:08:39 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
49 B 123ms
123ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.wintergreenresort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.wintergreenresort.com
date: Thu, 10 Nov 2022 00:08:40 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/_uEIaQ194KM?rel=0

Domain: static.doubleclick.net
URL: https://static.doubleclick.net/instream/ad_status.js

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Domain: www.google.com
URL: https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Domain: static.doubleclick.net
URL: https://static.doubleclick.net/instream/ad_status.js

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Domain: www.google.com
URL: https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Domain: www.google.com
URL: https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=rO_3OFJAIRlED9Nj&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.wintergreenresort.com%2F&lact=138&cl=486528943&mos=0&volume=100&cbr=Chrome&cbrver=107.0.5304.87&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=110&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24230619%2C24249174%2C24255163%2C24287372%2C24289309%2C24292955%2C24293803%2C24391944%2C24404215%2C24406605%2C24407200%2C24408610%2C39322399&muted=0&docid=23_OlmKlj14

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=V6p_WNTmIA_uhgfp&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.wintergreenresort.com%2F&lact=552&cl=486528943&mos=0&volume=100&cbr=Chrome&cbrver=107.0.5304.87&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=85&fexp=23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24230619%2C24237296%2C24292955%2C24293803%2C24406604%2C24407199%2C24408610%2C24408952%2C24413559%2C39322399&muted=0&docid=UY0PvaYyQB0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=kB4eM_BqrsNEZTnu&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.wintergreenresort.com%2F&lact=443&cl=486528943&mos=0&volume=100&cbr=Chrome&cbrver=107.0.5304.87&c=WEB_EMBEDDED_PLAYER&cver=1.20221106.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=96&fexp=23858057%2C23940248%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24230619%2C24255165%2C24292955%2C24293803%2C24406605%2C24407199%2C24408610%2C39322399&muted=0&docid=RdTcdsNGdRQ

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 07:22:05	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 08:03:50	Name: _li_ss Value: MgkI_____wcQ2BM
www.wintergreenresort.com/	1970-01-20 16:06:14	Name: EktGUID Value: 051a2006-019a-4b5f-9c3b-c96240752bc0
www.wintergreenresort.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ftmvi3vbncndxveobnbja1ik
www.wintergreenresort.com/	1969-12-31 23:59:59	Name: ecm Value: user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.wintergreenresort.com&SiteLanguage=1033
.mathtag.com/	1970-01-20 16:46:34	Name: uuid Value: 76ba636c-40f4-4b00-b545-1c46f9c8a841
.wintergreenresort.com/	1970-01-20 09:30:14	Name: 14777NavisNCKeyword Value: 8664708608
.wintergreenresort.com/	1970-01-20 09:30:14	Name: NavisNCKeyword Value:
.wintergreenresort.com/	1970-01-20 09:30:14	Name: _gcl_au Value: 1.1.368476458.1668038914
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4e2w54ZU-nI
.youtube.com/	1970-01-20 11:39:50	Name: VISITOR_INFO1_LIVE Value: Q819jJMrvmg
.adnxs.com/	1970-01-20 09:30:14	Name: uuid2 Value: 8598202313157639348
.adnxs.com/	1970-01-20 09:30:14	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HbYss<z)!1yIE'Yg-$0y=/d!!'/d$VGH4
.wintergreenresort.com/	1970-01-20 07:22:05	Name: _gid Value: GA1.2.1017053671.1668038914
.wintergreenresort.com/	1970-01-20 07:20:38	Name: _dc_gtm_UA-21428245-1 Value: 1
.mathtag.com/	1970-01-20 08:03:50	Name: mt_misc Value: mt_bt:1
www.clarity.ms/	1970-01-20 16:06:14	Name: CLID Value: 94045ac5aaf042648d126f9e7f126610.20221110.20231110
www.sc.pages08.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 797958922.17439.0000
.wintergreenresort.com/	1970-01-20 16:56:38	Name: _ga_T4MS4Y5ZB1 Value: GS1.1.1668038914.1.0.1668038914.60.0.0
.wintergreenresort.com/	1970-01-20 16:56:38	Name: _ga Value: GA1.1.527269279.1668038914
.wintergreenresort.com/	1970-01-20 07:20:40	Name: __cf_bm Value: 4ZR7w3pzL_eqrJC_jIdZ455pp32i1ABLrWTPXMycvhE-1668038914-0-AbiqmLma35qvyn9TGISOMTb7mS9Lddiz6vNYBlqngJNp8UCEfm/K4C4tTkFn43CAJ6gzZdOfVqH92LxRRHMt9JhAfxPs46irymYpX0Hnp4a33rRy6U/pBNmCTglZWZPQkg==
www.wintergreenresort.com/	1970-01-20 16:50:25	Name: _scid Value: 94e61f82-8509-435c-88b3-3b972777a821
.wintergreenresort.com/	1970-01-20 09:30:14	Name: _fbp Value: fb.1.1668038914812.913077123
.snapchat.com/	1970-01-20 16:42:14	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlINMXSjmNetmD4v4PT7q44XyISqrh9FdRz8llgzWxSC/I+s34xCL/nMgAAAA==
.wintergreenresort.com/	1970-01-20 16:06:14	Name: _clck Value: 1kvo4q\|1\|f6g\|0
.doubleclick.net/	1970-01-20 16:42:14	Name: IDE Value: AHWqTUlQEKwDP4WjM8RlQG_Fnc-8YFWb0h7q7GAoh2kqqgjAGG0q5Io8O-DQzoAxQCc
.wintergreenresort.com/	1970-01-20 07:22:05	Name: _clsk Value: 29hp3h\|1668038916578\|1\|1\|k.clarity.ms/collect
.pubmatic.com/	1970-01-20 09:30:14	Name: KRTBCOOKIE_27 Value: 16735-uid:76ba636c-40f4-4b00-b545-1c46f9c8a841&KRTB&16736-uid:76ba636c-40f4-4b00-b545-1c46f9c8a841&KRTB&23019-uid:76ba636c-40f4-4b00-b545-1c46f9c8a841&KRTB&23208-uid:76ba636c-40f4-4b00-b545-1c46f9c8a841
.pubmatic.com/	1970-01-20 08:03:50	Name: PugT Value: 1668038917
.casalemedia.com/	1970-01-20 16:06:14	Name: CMID Value: Y2xBBULclI4P0YDtpT9PFAAA
.casalemedia.com/	1970-01-20 09:30:14	Name: CMPS Value: 3309
.casalemedia.com/	1970-01-20 09:30:14	Name: CMPRO Value: 3309
.ads.stickyadstv.com/	1970-01-20 08:47:02	Name: uid-bp-529 Value: 76ba636c-40f4-4b00-b545-1c46f9c8a841
.ads.stickyadstv.com/	1970-01-20 08:03:50	Name: UID Value: 1e954bc243bc9a6369fb49ae75564d
.spotxchange.com/	1970-01-20 08:00:58	Name: audience Value: d33e58fa-608b-11ed-855d-1e5bf6c20306
.bidswitch.net/	1970-01-20 16:06:14	Name: tuuid Value: 36e51811-dc16-4164-a6bb-5b3b7b0d6acb
.bidswitch.net/	1970-01-20 16:06:14	Name: c Value: 1668038917
.bidswitch.net/	1970-01-20 16:06:14	Name: tuuid_lu Value: 1668038917
.semasio.net/	1970-01-20 16:06:14	Name: SEUNCY Value: BE369AF837F6BDAE
.bluekai.com/	1970-01-20 11:41:17	Name: bku Value: ROW999POqsmksWyF
.bluekai.com/	1970-01-20 11:41:17	Name: bkpa Value: KJy91QeBd02pSUHknpx6BeQdSVx2BpjiRERpBZ1+BeOZBY66RM9ynV/NBeD+1V16BZR8RpCCmexh9yO4mxNO
.yahoo.com/	1970-01-20 16:06:36	Name: A3 Value: d=AQABBAZBbGMCELToDG9AOxhJYtlSQRL37Z0FEgEBAQGSbWN2YwAAAAAA_eMAAA&S=AQAAAt6hNlPpHhytczSc0uVoP2k
.betweendigital.com/	1970-01-20 16:06:14	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 16:06:14	Name: tuuid Value: e56662b9-9012-523a-8894-9c2febf8dd29
.betweendigital.com/	1970-01-20 16:06:14	Name: ss Value: 1
.analytics.yahoo.com/	1970-01-20 16:06:14	Name: IDSYNC Value: 175u~287c
.betweendigital.com/	1970-01-20 16:06:14	Name: ut Value: Y2xBBgABSCAgvkPUGAQaEWc0878udfmqZW_MXA==
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8650\|Y2xBC
.adform.net/	1970-01-20 08:03:50	Name: C Value: 1
.tapad.com/	1970-01-20 08:47:02	Name: TapAd_TS Value: 1668038918250
.tapad.com/	1970-01-20 08:47:02	Name: TapAd_DID Value: 43996a78-764a-4c68-b278-10925a262c05
.agkn.com/	1970-01-20 16:06:14	Name: ab Value: 0001%3AEqg9T2%2Bw6x0%2BhmUny9L36H%2FGL2%2BsazPm
.crwdcntrl.net/	1970-01-20 13:49:26	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 13:49:26	Name: _cc_id Value: da6647e12c955ebf39a6ecb51f167119
.adform.net/	1970-01-20 08:47:02	Name: uid Value: 6513508622110358324
.tapad.com/	1970-01-20 08:47:02	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 11:39:50	Name: _kuid_ Value: PMH-PgyP
.agkn.com/	1970-01-20 16:06:14	Name: u Value: C\|0AAAAAAAAKv79hgAAAAAA
.liadm.com/	1970-01-20 16:56:38	Name: lidid Value: 2e3c414d-8483-492f-b07c-3c9828d13729
.demdex.net/	1970-01-20 11:39:50	Name: demdex Value: 21335286372237496940725757635938238615
.mathtag.com/	1970-01-20 08:03:50	Name: mt_mop Value: 4:1668035979\|40:1668035979\|10025:1668035979\|21:1668035979\|370:1668035979\|10004:1668035979\|10050:1668035979\|10009:1668035979\|10010:1668035979\|42:1668035979\|368:1668035979\|13:1668035979\|10017:1668035979\|369:1668035979\|10074:1668035979\|36:1668035979\|10072:1668035979\|9:1668035979\|15:1668035979\|10040:1668035979\|350:1668035979\|10041:1668035979\|46:1668035979\|3:1668035979\|17:1668035979\|30:1668035979\|5:1668035979\|44:1668035979\|10031:1668035979
.adtdp.com/	1970-01-20 16:56:38	Name: uid Value: ebdbbe1f-d598-4b38-8992-2bef36d85671
.adtdp.com/	1970-01-20 16:56:38	Name: pr Value: aja
.wintergreenresort.com/	1970-01-20 16:56:38	Name: com.silverpop.iMAWebCookie Value: a8bc8cc7-d9e0-ba09-ae64-e975ad53b87a
.wintergreenresort.com/	1970-01-20 07:20:40	Name: com.silverpop.iMA.session Value: 612bc615-68a2-1d33-8306-3921ca89ec84
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.mid Value: 8893354
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.uid Value: OTcyNTI0NjczOTcS1
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.jid Value: 1620186721
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.rid Value: MTYyMDE4NjcyMQS2
.wintergreenresort.com/	1970-01-20 07:20:40	Name: com.silverpop.iMA.page_visit Value: 47:
.dpm.demdex.net/	1970-01-20 11:39:50	Name: dpm Value: 21335286372237496940725757635938238615
.adfarm1.adition.com/	1970-01-20 09:30:14	Name: UserID1 Value: 7164172601277413516
.c.bing.com/	1970-01-20 16:42:14	Name: SRM_B Value: 1EEBD853052B6F341497CA0B04876E91
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 16:42:14	Name: MUID Value: 1EEBD853052B6F341497CA0B04876E91
.c.clarity.ms/	1970-01-20 07:20:39	Name: ANONCHK Value: 0
www.pages08.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 797958922.4525.0000
.impact-ad.jp/	1970-01-20 16:56:38	Name: tuuid Value: fb4b3181-087c-4efd-89c4-e1e19da9d53a
.impact-ad.jp/	1970-01-20 16:56:38	Name: c Value: 1668038919
.impact-ad.jp/	1970-01-20 16:56:38	Name: tuuid_lu Value: 1668038919
y.one.impact-ad.jp/	1970-01-20 16:56:38	Name: cmt Value: !288,76ba636c-40f4-4b00-b545-1c46f9c8a841,0,468817719,0
.impact-ad.jp/	1970-01-20 07:40:48	Name: psm Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/361087.gif?partner_uid=76ba636c-40f4-4b00-b545-1c46f9c8a841 Message: Failed to load resource: the server responded with a status of 451 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.as.amanad.adtdp.com
ads.betweendigital.com
ads.stickyadstv.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
cs.adingo.jp
d.agkn.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.gstatic.com
googleads.g.doubleclick.net
hosteduxprod.blob.core.windows.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
jnn-pa.googleapis.com
jp-u.openx.net
k.clarity.ms
media.guestdesk.com
penta.a.one.impact-ad.jp
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
sc-static.net
scontent.cdnsnapwidget.com
se.semasio.net
secure.adnxs.com
snapwidget.com
stags.bluekai.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
su.addthis.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.navdmp.com
sync.rfp.fout.jp
sync.search.spotxchange.com
tg.socdm.com
tk.appnet.com
tr.snapchat.com
track.adform.net
ui.customsearch.ai
uipglob.semasio.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.navistechnologies.info
www.pages08.net
www.resortcams.com
www.sc.pages08.net
www.wintergreenresort.com
www.youtube.com
x.bidswitch.net
y.one.impact-ad.jp
googleads.g.doubleclick.net
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
www.youtube.com
104.75.88.126
107.178.248.96
124.146.215.52
13.225.78.5
142.250.186.162
172.67.75.33
18.156.0.31
18.64.78.252
184.86.251.220
185.29.132.245
185.64.189.110
185.80.39.216
185.89.210.141
185.89.211.12
185.94.180.126
188.42.191.196
199.125.15.90
2.18.232.236
20.234.93.27
20.61.56.250
20.96.88.162
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2b
216.52.2.39
23.3.109.5
2600:1f18:ed:550e:c4e3:3eb9:eebf:6813
2606:4700:10::6816:227f
2606:4700:10::ac43:1b
2606:4700:20::ac43:476d
2606:4700:3038::6815:eb4d
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6810:bf3
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0d::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
3.124.255.42
3.127.128.151
3.127.73.37
3.96.5.142
34.195.237.112
34.253.119.106
34.98.64.218
35.186.196.148
35.190.43.134
35.213.109.249
35.227.248.159
35.244.174.68
37.157.4.24
44.207.237.180
52.209.158.131
52.239.221.68
52.48.248.127
54.238.220.104
69.166.1.12
69.173.144.138
77.243.60.138
85.114.159.93
0106678017fea8c4e05467c49b1b987a8c289cb7d5d9425cbc8468f610ccf6e8
02f935ca5b2d073bb2f22eaefdab415c009dec70ce023a2d7641f49ead60a1bb
040f70f05f8a25fd0b7d0acee014f0882ff3dc28438c1452248dc249668cb68e
074b234cdb476fd006481dabfc6eea8cf1ed61b4aacfe03a6a6aab23e2043ac0
079e48541191e2b28666f85411de952bbedc720a43582a31a6f3d626c11651e2
080501e9b51e97cfeb997791067fc28a98deea2bf5595460630b8802ec548f09
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed7d06878e63bc884671f465cd617012c74914b400b8412113ab4efb2345036
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fd852c2d57ce17da10bca22467e3a6686f6b53c6a23d5b966fa0ea6a52d7594
1076991f3e548c844051c4aaf033a77668e636282ca8b7aef054f01667866e32
11582553d9848f677949982dcd12d2fa39ebaf1852954b1305f712a4267fd305
116ba867ff4b53784befa3d3dd814b83f123289753a59eab82d813240f7c3816
131dec6a86a10ddda2bf8740d1f4225efeac800e2f403eb5ee60451c7fb372a5
137b614899438ca293d8fb2f8e3ba20add19113d07079402be2a33bde12d6fbc
17a681c2d0f286fc3da1ca61365d9201f177ad0b9d922cc4dd564cb8c733682c
189dde8531d3c2cf113cd3ffea2bc61d83da76426208fd76500f2332fd39dde2
1b180557a492ec00c8a07bf23ab69f47bbde9ee402e2473b827d14ecb175a827
1cca3171b284fd6e9b455bc4c7624df9b0fa2aa2b2f72d80d3749803359b9e7f
1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90
21a2e6c484de0c29d96ec0ac407ee0603dfd95741951506ed7a1bcbc6a6db4bc
2384bbeb0c6d801dc83031abb78ad200b98f3d66b4eaf751c30a0a3ec35c615c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c98d25c1edd8e3e7e8ee7adca44f5b29adb0228c65618f76429d5be6ba6b88
275662a54acdf50df65202f98c3987434b68145874bf8568b336c6e3d784edff
27618ddf34dd30b6111ec4fb701406f0788230a961fc8dcf042aaef94a9d134d
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
28c9315506901b104a86245f379abc8948eea7d976276207c43951362d6b20df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bc3aff3bf885ef958324edb85b4b01483ed7c38781188f933b019442a9dd123
2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d
2d26b818b7dbe138a92d2aa3f1b2616e6867451c884fd0b6400ca83e1b8c6e15
2f4abee100eb447670998dde409e0308c86a7b52e270b8a34024953481083e1c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3061a83293d00af87027c67ab904673b68c7e5a038fdb6d2463daf00f3d2d524
340318ed77fddb36edc10dd76d4603e17896ea67bb6a7067b8edbb76fdebe23a
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
38b05ae26a8d65eb1827894ff229a72854332ec25328a93740240c28b76814d1
3d3b9e6a69c5063c66236f5ca27dbfd3f4c3a836506395ff63f33b844afa3ae2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4542886bf37f721dba30c5b4e6ca5adf63a9d68b74d549ddf8b897ed2cf8ff33
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a7eb1805e7378478a5b4c4ba09a2a46a2a0d0bc3a775ca836bd5e54c840719f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5e92c687253587bb0bc1697de7611a8fd8be324053229ade601d43ecc81a74
5171c6a672502f61f86fd1e43066d135e1b4b70b168123cf8b723f136c937787
52575c6625b05a6db1c4553e947768c603660e77c37a029fcb7a2c5055cd23be
5298be61f22f0111a7c90d5064e4b5e788da9621ab1bb905bee8b8be598b5cb2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067
665d05b73109d12ef1f9e4bde7dff34eb9584f48e2734503ebb7932ad3f1f484
67d3c41109e5cbf75ce5f089349db6e7d1d6f93c6545d64b8e99f0d340b1e80f
681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064
68b16d79e949cecd8238af257eae1cc0646d27f0b2b9c9a66a048d2b55f3f69e
6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb
6c869a0b19521d4604c45a0603dd4a378b83b421a51d77dd77adf015d3302665
6cc5a90f9406fb55d89bf59433c66931b59400fb71c8923cf41056d6a8c630c6
6d760b353827fa1af0ed0d6c1c63a9ee82c96d122a14d13885b26a0b5a8cd249
6d884d80f814448deeae1557574ef8692786ce82e0983c0711b782c34dd60024
75b9a6dfe9835b2ad60489eacee491ad9ab4768c1c0bf774dcd4336243d31226
7e0fe174417a0ca83575369b4122d9d208d727359fa3a4219ef3e5d67dbce988
82805b76781e4deff3eed7121776c87f8bb2abc60022865e92ca62fb8e99480f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852f7fab2f7fe6848a715f7dd841b00a23d77e7b1dd595f0e7180a1eebb0fbb7
85a0fac97868b0c018a51e562b28b12b0f70c6950b95dda0a80a0b297201497d
874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67
8be7b952a06b1b0befc8755a2636af5a1e5ccadb7f913990d4153737ae52817c
8c61c41e3b8b5d63cc7724e6bb815200139139720788401827e39a1c189fdf77
8dd51eb9b465a2025d437eb86bb25ddd61eefafece44a26e680da7d7a43e87ad
8f13fa14c729bb410b224bc89c353fbbd1cf691126413b9ec0929fdc120f9a81
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8ffaf416614b38322d3fb6d25e828221db5457667b50b2543f2de5b451cfe318
923529a15b96e0ea01f67d0ff6d7ccf6f7edc4689e97596d8772c4af477352c9
92d1aad2b8eebf996cc36e3c25e94962046287854cfc48fcce5a374d90061c0e
9652ce5e28a036d11dea02b19b7e05210f7f8fe65d90ac7d03b5e8054319244c
96c4cfb8443bbd8eb9a3d79b4b41df3609c63c588077ddca71dbac601ed4c30b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c7ed8fbdd5c6308795b9938239afdf2c32280d3a2c5ebef99a17ec31b76f1a8
9d8a1a868ca337fa47d505f005ae82a146f60ad4567698efbcacb80580c769d5
9fa91b17fbb03cd969d686e7bb0dfb9b1f25d7d8cf97813f06da55f29568cfd7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6
a3b695e02be1ba20c1bb069fcd9b730d5dfcad671d9025ddb2f698699bbd8ff7
a6e9a87c7336822074f10878cd446f0e0f3a3b37f29e7dfa5f27b859fc209a55
a9cbaf9211b18bdc9520b7805c0d36acf29b3f8788b404d62bef73b39fce32d1
ab84d1608c06680a82404cfc847478b146965692830ac01ac7b6c24669de5c95
ad42b7df37f1e212ae38ab9cc20a4d594467a48e6fd1795f2c145e7c549af531
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb602c15a149c572f857d5e7b163b6551e162539a11fe97d592e217bcd4e5846
bca57686e3ba5bab4e61d5aeb47db344ce427f38d4b00c5f91f892a307e9cf5f
bdfe065b3ffb9f7841715c31c0332bdd01235ca40b5834065926923925faa265
be964cc6c34b45ebc4001869bd65c222853e4db7d4e96b21120107648ff7b11c
bf126f0c7e8d37222eb7d47dd5a97039e00530881a9b62c042c4b345e6c1f91a
bf8f9a87eac3cd24371909071fa4c9cd0ab26d613debe62e48065c0d81a53623
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c6d8d02668702e2a22e07bbdb6ad93211078e02271d15a24ed4474bfc90b467b
c8988d47e2ab355eeeaec4a43d412c4eb81015fe23c57292cca36dc57716a398
c9b834d0adf85a6efb491a67e3bb4520e3fc7bb5e0602499c081721ca5d994c3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc7895460692bec6102b2decab4b101114bf0a6f6b086f6d8ca3feb33ca45698
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cd2eca5cd845aac30fc87c74df79c436937cf8fa45c2c4f76ce575bc5dee2428
ce9881fbcef45fc4854b5c8fcf34585b47906deb4dec98464161bfa9383e8238
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d030a522113641975cb7855f95461f855690e500d3f8b75d754e018ef98e252a
d3acd4c5554a85e75be70f2bcb6edccbbe9342566ed65a1a6a83335613e40392
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8de0fa498271c338cb3dad9f8ce9a9e7fa18266fab4a6691ed7e8ba443381dd
da86c65a83525beff4812d89ae216ca03594e2ffefbcf3adb41930aa0feb70ea
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dc0e5970cdfe253f2b013ad15877581304c7a27e63f81d2178e62ee08a8cb182
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e2691cc32b277e9e3f621ba3a77b9518f2c8a5697a897c5d2604b0a8b4a1400e
e3026fbc63efb0b9ec518644556b46b2d8ab94f1b18611b7dabf9b024c505b93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e420efbb7bcb16df652226e36313cb5dc557ebcb47fce11d9ac113b9f4b0d582
e44c0e8d5649afb5561d85c788a5304e18399b449bc5d8fe762bfc21cdd5656f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59ad87ca28175c81c7c5ccd53fb54154ce61b1c0404a085b680e52b072ff171
e6ba8c07f616dec48045e3710d41b3cab40d431f05002567a8b3c78d3eccb6ae
e7357e318189ffeff7d0d18633e9aa9cee3e0964d81cf1037adc89e17e1b5195
e7eacd40daf45b0deabf98b1d96e81304c139f6289b6533e431222001378119c
e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae
e965fad5de1dd29f4231b53f586bedefebe9b69b7eaed9db3bb45de2b84e5770
ea81342e9852d016a8a3d291dc7c048cf7b8bcd2c0cc0876d6b1f45756ec053a
ecd2692b6a371a5e9ebfd784cdb268eefdc7e01e6fbeb6fe34b18111c2c480fe
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee40cae491f4cdb28c99895c58d236b8d7c31b5aa371c4fcc05c76bec6820d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fc8ee08a81bd945ce55dd17d9639fe843d0a739ac7410ac9ff2e91c4964dd9dc
fd5da75af92ca1b7df22ae5b734c8e4cbad70e2534ee15cdc1daddb56e8a9477
fe84f47aa0a3e1574355938c85700905e9eb55eee09e347c62050e3a5712e134

www.wintergreenresort.com Open in urlscan Pro 2606:4700:10::ac43:1b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

320 Requests

86 %HTTPS

37 %IPv6

58 Domains

73 Subdomains

62 IPs

10 Countries

13069 kBTransfer

32372 kBSize

82 Cookies

20 Outgoing links

Redirected requests

320 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wintergreenresort.com Open in urlscan Pro
2606:4700:10::ac43:1b Public Scan

Screenshot
Live screenshot

Full Image

320
Requests

86 %
HTTPS

37 %
IPv6

58
Domains

73
Subdomains

62
IPs

10
Countries

13069 kB
Transfer

32372 kB
Size

82
Cookies

320 HTTP transactions
1 data transactions