newyearseve.winstar.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newyearseve.winstar.com/
Submission Tags: phishingrod
Submission: On November 14 via api (November 14th 2023, 12:42:10 am UTC) from DE — Scanned from DE

Summary HTTP 158 Redirects Links 91 Behaviour Indicators

Summary

This website contacted 65 IPs in 10 countries across 71 domains to perform 158 HTTP transactions. The main IP is 2606:2c40::c73c:671f, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is newyearseve.winstar.com.
TLS certificate: Issued by GTS CA 1P5 on November 13th 2023. Valid for: 3 months.

This is the only time newyearseve.winstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
10	2606:4700::68... 2606:4700::6810:70d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:4ffd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	18.245.60.121 18.245.60.121	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.60.48 18.245.60.48	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:91e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7c0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.18.5.236 104.18.5.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4 8	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	104.119.108.243 104.119.108.243	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2606:4700:440... 2606:4700:4400::ac40:97ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.196.251.91 18.196.251.91	16509 (AMAZON-02) (AMAZON-02)
3 5	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
3	104.18.9.110 104.18.9.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
1 3	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2 14	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	54.75.89.96 54.75.89.96	16509 (AMAZON-02) (AMAZON-02)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.158.38.152 35.158.38.152	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2607:ae80:192... 2607:ae80:192:1::173	26558 (FREEWHEEL) (FREEWHEEL)
1	52.59.98.46 52.59.98.46	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 3	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.211.62.59 52.211.62.59	16509 (AMAZON-02) (AMAZON-02)
2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.255.135.5 34.255.135.5	16509 (AMAZON-02) (AMAZON-02)
1	52.92.18.16 52.92.18.16	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
5 6	89.163.240.121 89.163.240.121	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	91.210.226.73 91.210.226.73	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	80.85.85.173 80.85.85.173	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	54.228.208.22 54.228.208.22	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.43 65.9.66.43	16509 (AMAZON-02) (AMAZON-02)
2 3	34.246.239.231 34.246.239.231	16509 (AMAZON-02) (AMAZON-02)
2 2	54.195.166.231 54.195.166.231	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.144.148 35.156.144.148	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.124.150 52.57.124.150	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:e600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.126.190.82 3.126.190.82	16509 (AMAZON-02) (AMAZON-02)
158	65

28 2606:2c40::c73c:671f (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

newyearseve.winstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:70d1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4ffd (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-121.fra60.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-48.fra60.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:91e (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.adreadyclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7c0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.5.236 (None, )

ASN13335 (CLOUDFLARENET, US)

pixelconnector.adready.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

6820846.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10388130.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.119.108.243 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-119-108-243.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:97ee (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.196.251.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-251-91.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.9.110 (None, )

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.89.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-89-96.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.38.152 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-38-152.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.98.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-98-46.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 77.243.51.122 (Denmark) 6 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.93 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.62.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-62-59.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.135.5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-135-5.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.18.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.163.240.121 (Germany) 5 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm46.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.73 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.85.173 (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li749-173.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.208.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-208-22.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.239.231 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.166.231 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-166-231.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.144.148 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-144-148.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.124.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-124-150.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.190.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-190-82.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	winstar.com newyearseve.winstar.com	181 KB
18	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 6944 a2.adform.net — Cisco Umbrella Rank: 10404 c1.adform.net — Cisco Umbrella Rank: 599 dmp.adform.net — Cisco Umbrella Rank: 3509	45 KB
17	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 6820846.fls.doubleclick.net — Cisco Umbrella Rank: 898916 10388130.fls.doubleclick.net — Cisco Umbrella Rank: 854180 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	8 KB
11	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1982	29 KB
10	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8342	188 KB
9	googlesyndication.com 4 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 ade.googlesyndication.com — Cisco Umbrella Rank: 301	2 KB
7	adsafety.net 6 redirects cm.adsafety.net — Cisco Umbrella Rank: 22807 tags.adsafety.net — Cisco Umbrella Rank: 83606	12 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1222 se.semasio.net — Cisco Umbrella Rank: 25827	4 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040 adservice.google.com — Cisco Umbrella Rank: 105	1 KB
7	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	3 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2977	9 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2810	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1743 load77.exelator.com — Cisco Umbrella Rank: 4116	2 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	1 KB
3	reson8.com ds.reson8.com — Cisco Umbrella Rank: 4513	159 B
3	google.de www.google.de — Cisco Umbrella Rank: 6862	716 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	330 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14109	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	smartstream.tv 2 redirects ads.smartstream.tv — Cisco Umbrella Rank: 31114 cm.smartstream.tv — Cisco Umbrella Rank: 280169	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 685	647 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3211	693 B
2	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 10588	373 B
2	dstillery.com 2 redirects action.dstillery.com — Cisco Umbrella Rank: 8802	360 B
2	adready.com pixelconnector.adready.com — Cisco Umbrella Rank: 60128	1023 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	91 KB
2	gstatic.com www.gstatic.com	20 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2274	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 29393	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	236 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440	921 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 560	490 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 25853	443 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 843	225 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 758	338 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3239	419 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 31067	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2753	273 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 865	265 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1148	344 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566	640 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	125 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	163 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 458	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4925	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 781	199 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 24458	466 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4323	448 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 145	417 B
1	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5456	979 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4568	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	22 KB
1	adreadyclick.com tracker.adreadyclick.com — Cisco Umbrella Rank: 59270	6 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 9208	559 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
1	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 21309	11 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5567	6 KB
0	e-volution.ai Failed sync.e-volution.ai Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
158	71

	Domain	Requested by
28	newyearseve.winstar.com	newyearseve.winstar.com
11	c1.adform.net	2 redirects a2.adform.net c1.adform.net
11	pixel.mathtag.com	10388130.fls.doubleclick.net pixel.mathtag.com a2.adform.net c1.adform.net
10	cdn2.hubspot.net	newyearseve.winstar.com
8	ade.googlesyndication.com	4 redirects newyearseve.winstar.com
6	cm.adsafety.net	5 redirects c1.adform.net
6	10388130.fls.doubleclick.net	3 redirects www.googletagmanager.com
5	www.google-analytics.com	www.googletagmanager.com newyearseve.winstar.com www.google-analytics.com
4	cm.g.doubleclick.net	4 redirects
4	se.semasio.net	3 redirects c1.adform.net
4	tags.srv.stackadapt.com	10388130.fls.doubleclick.net tags.srv.stackadapt.com
4	adservice.google.com	6820846.fls.doubleclick.net 10388130.fls.doubleclick.net
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	dsp.adfarm1.adition.com	3 redirects
3	uipglob.semasio.net	3 redirects
3	a2.adform.net	1 redirects 10388130.fls.doubleclick.net s2.adform.net
3	ds.reson8.com	10388130.fls.doubleclick.net
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google.de	newyearseve.winstar.com
3	www.googletagmanager.com	newyearseve.winstar.com
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ib.adnxs.com	1 redirects newyearseve.winstar.com
2	action.media6degrees.com	10388130.fls.doubleclick.net
2	action.dstillery.com	2 redirects
2	6820846.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	newyearseve.winstar.com www.googletagmanager.com
2	www.google.com	1 redirects newyearseve.winstar.com
2	pixelconnector.adready.com	tracker.adreadyclick.com
2	connect.facebook.net	newyearseve.winstar.com connect.facebook.net
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	region1.google-analytics.com	www.googletagmanager.com
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	1 redirects
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	x.bidswitch.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	a1.seadform.net	10388130.fls.doubleclick.net
1	s2.adform.net	10388130.fls.doubleclick.net
1	tag.simpli.fi	10388130.fls.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	www.facebook.com	newyearseve.winstar.com
1	www.googleadservices.com	1 redirects
1	app.hubspot.com	newyearseve.winstar.com
1	js.hs-banner.com	newyearseve.winstar.com
1	js.hsleadflows.net	newyearseve.winstar.com
1	js.hs-analytics.net	newyearseve.winstar.com
1	tracker.adreadyclick.com	www.googletagmanager.com
1	cdn.callrail.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.calltrk.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	static.hsappstatic.net	newyearseve.winstar.com
0	sync.e-volution.ai Failed	c1.adform.net
0	global.ib-ibi.com Failed	c1.adform.net
158	87

This site contains links to these domains. Also see Links.

Domain
www.winstar.com
register.winstarworldcasino.com
adagaming.com
artesianhotel.com
www.myblackgoldcasino.com
mybordercasino.com
www.chickasawtravelstop.com
chisholmtrailcasino.com
mygoldmountaincasino.com
goldsbycasino.com
jetstreamcasino.com
madillgaming.com
newcastlecasino.com
theriverstarcasino.com
www.riverwind.com
www.saltcreekcasino.com
mytexomacasino.com
treasurevalleycasino.com
washitacasino.com
www.facebook.com
twitter.com
www.snapchat.com
www.youtube.com
www.instagram.com
www.winstarworldcasino.com
goo.gl
www.winstarvillage.com
www.ncpgambling.org

Subject Issuer	Validity	Valid
newyearseve.winstar.com GTS CA 1P5	`2023-11-13` - `2024-02-11`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-23` - `2023-11-21`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://newyearseve.winstar.com/
Frame ID: E9E3B4A5ACD5B9F21A3FAD6F43963F7C
Requests: 81 HTTP requests in this frame

Frame: https://6820846.fls.doubleclick.net/activityi;dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: B9A7A402A84ECB51073FF4885D40CEA7
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 7D1F05BA6E90B39DEF98147A0A0DFF8D
Requests: 19 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: A08D62821588B65BF192167D0779D545
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 575DE779D9C08E861D693CCDA08FDD20
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=9b626552-c25e-4600-b20a-7ce7fe18fee9&no_iframe=1&mt_adid=241907&source=mathtag
Frame ID: 5C709EB966DBC37BC538BE082464FAAF
Requests: 2 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1838194527&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPiSyPKgwoIDFZrXEQgdxPUEIA%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d1375856339988%3bgcu%3d1%3bauiddc%3d931637524.1699922526%3bgtm%3d45He3b81v79432195%3bgcs%3dG111%3bgcd%3d11r1r1l1l5%3bdma_cps%3dsypham%3bdma%3d1%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Frame ID: E26B79CCF0540D7B1AB2C796C566C5DA
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Frame ID: 3DFD0D4A49949AEC59C0F498678E8DE4
Requests: 46 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=723f6552-c25e-4100-8875-6f9f6559a4a3&no_iframe=1&mt_adid=241848&source=mathtag
Frame ID: 3F7806223330F8732B0436D9996CE8AA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

winstar

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

83 %
HTTPS

32 %
IPv6

71
Domains

87
Subdomains

65
IPs

10
Countries

1137 kB
Transfer

3220 kB
Size

79
Cookies

91 Outgoing links

These are links going to different origins than the main page.

URL: https://www.winstar.com/
Title: .st0{fill:#FFFFFF;} .st1{fill:#C7B24E;} winstar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-login/
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/winstar-world-casino-hotel/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-venues/
Title: Casino Venues

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/
Title: Casino Games

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/category/electronic-games/
Title: Game Finder

Search URL Search Domain Scan URL

URL: https://www.winstar.com/promotions/category/gaming/
Title: Gaming Promotions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/
Title: Stay

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/the-inn-at-winstar/
Title: The Inn at WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/fun-town-rv-park-at-winstar/
Title: Fun Town RV Park at WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/events/?tribe_paged=1&tribe_event_display=list&tribe-bar-entertainment-venue-field=1436
Title: Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/nightlife/
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.winstar.com/reopening-entertainment/
Title: COVID-19 Updates

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/
Title: Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/fine-dining/
Title: Fine Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/casual-dining/
Title: Casual Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/cafes-and-quick-bites/
Title: Cafés & Quick Bites

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/bars-and-lounges/
Title: Bars & Lounges

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/
Title: Amenities

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/wellness-and-spa/
Title: Wellness & Spa

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/pools-and-cabanas/
Title: Pools & Cabanas

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/shopping/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/
Title: Meet

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/conventions-and-corporate-events/
Title: Conventions & Corporate Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/wedding-events/
Title: Weddings

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/social-events/
Title: Social Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/catering/
Title: Catering

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/meeting-planners/
Title: Meeting Planners

Search URL Search Domain Scan URL

URL: https://www.winstar.com/request-for-proposal/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/my-winstar/
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/club-passport/
Title: Club Passport

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/tiered-card-program/
Title: Tiered Card Program

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/
Title: Rewards

Search URL Search Domain Scan URL

URL: https://www.winstar.com/promotions/list/
Title: Promotions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map
Title: Casino Map

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/list/
Title: Game Finder

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-login
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://register.winstarworldcasino.com/cgi-bin/lansaweb?PROCFUN+RN+RESNET+WSH+funcparms+UP(A2560):;RAINHTL;;1;2;0;;;;;;;;;;;;;;;?/&__hstc=40036989.a06af176329ce66fbf0cc468a172dc25.1539750112894.1539764056360.1539766601550.4&__hssc=40036989.1.1539766601550&__hsfp=2320959684
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/gift-cards/
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/shuttle-service/
Title: Shuttle Service

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/casino-and-hotel-valet/
Title: Hotel Valet

Search URL Search Domain Scan URL

URL: https://www.winstar.com/tax-document-requests/
Title: Tax Document Requests

Search URL Search Domain Scan URL

URL: https://adagaming.com/

Search URL Search Domain Scan URL

URL: https://artesianhotel.com/

Search URL Search Domain Scan URL

URL: https://www.myblackgoldcasino.com/

Search URL Search Domain Scan URL

URL: https://mybordercasino.com/

Search URL Search Domain Scan URL

URL: https://www.chickasawtravelstop.com/

Search URL Search Domain Scan URL

URL: https://chisholmtrailcasino.com/

Search URL Search Domain Scan URL

URL: https://mygoldmountaincasino.com/

Search URL Search Domain Scan URL

URL: https://goldsbycasino.com/

Search URL Search Domain Scan URL

URL: https://jetstreamcasino.com/

Search URL Search Domain Scan URL

URL: https://madillgaming.com/

Search URL Search Domain Scan URL

URL: https://newcastlecasino.com/

Search URL Search Domain Scan URL

URL: http://theriverstarcasino.com/

Search URL Search Domain Scan URL

URL: https://www.riverwind.com/

Search URL Search Domain Scan URL

URL: https://www.saltcreekcasino.com/

Search URL Search Domain Scan URL

URL: https://mytexomacasino.com/

Search URL Search Domain Scan URL

URL: https://treasurevalleycasino.com/

Search URL Search Domain Scan URL

URL: https://washitacasino.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WinStarWorldCasino

Search URL Search Domain Scan URL

URL: https://twitter.com/winstarworld

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/winstarworld

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Winstarcasino

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winstar_world/

Search URL Search Domain Scan URL

URL: https://www.winstarworldcasino.com/feed/rss?__hstc=40036989.a06af176329ce66fbf0cc468a172dc25.1539750112894.1539750112894.1539750112894.1&__hssc=40036989.2.1539750112895&__hsfp=2320959684

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/cw2ApAsm6pD2

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/directions/
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/frequently-asked-questions/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/stewardship/
Title: Corporate Stewardship

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/news-and-media-hub/
Title: News and Media

Search URL Search Domain Scan URL

URL: https://www.winstarvillage.com/
Title: Central Park at WinStar Village

Search URL Search Domain Scan URL

URL: https://www.winstar.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/house-rules/
Title: House Rules

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ncpgambling.org/
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-beijing#component_0
Title: Beijing

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-cairo#component_0
Title: Cairo

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-london#component_0
Title: London

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-madrid#component_0
Title: Madrid

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-newyork#component_0
Title: New York

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-paris#component_0
Title: Paris

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-rio#component_0
Title: RIO

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-rome#component_0
Title: Rome

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-vienna#component_0
Title: Vienna

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-register/
Title: Join Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://ade.googlesyndication.com/ddm/activity/src=6820846;type=winss0;cat=winst0;ord=156223300572;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=6820846;dc_pre=CLrRoPKgwoIDFdgIogMdkVwDbA;type=winss0;cat=winst0;ord=156223300572;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 52

https://ade.googlesyndication.com/ddm/activity/src=10388130;type=pagev0;cat=homep0;ord=5107505211087;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CK_PoPKgwoIDFbcOogMdl9sIog;type=pagev0;cat=homep0;ord=5107505211087;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 53

https://ade.googlesyndication.com/ddm/activity/src=10388130;type=place0;cat=place0;ord=1;num=6250784449971;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=COrRoPKgwoIDFUELogMdnQQD-Q;type=place0;cat=place0;ord=1;num=6250784449971;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 54

https://ade.googlesyndication.com/ddm/activity/src=10388130;type=newpl0;cat=place00;ord=1;num=9893362552603;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CJnWoPKgwoIDFVgOogMdzDQO2w;type=newpl0;cat=place00;ord=1;num=9893362552603;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 61

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Request Chain 67

https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=11r1r1l1l5&rnd=26134984.1699922525&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&dma_cps=sypham&dma=1&gtm=45He3b81n81TTP9H29v79432195&auid=931637524.1699922526 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=11r1r1l1l5&rnd=26134984.1699922525&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&dma_cps=sypham&dma=1&gtm=45He3b81n81TTP9H29v79432195&auid=931637524.1699922526

Request Chain 68

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://6820846.fls.doubleclick.net/activityi;dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 70

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 72

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 73

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 89

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 90

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 105

https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=539414874943&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPiSyPKgwoIDFZrXEQgdxPUEIA%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D1375856339988%3Bgcu%3D1%3Bauiddc%3D931637524.1699922526%3Bgtm%3D45He3b81v79432195%3Bgcs%3DG111%3Bgcd%3D11r1r1l1l5%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=539414874943&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPiSyPKgwoIDFZrXEQgdxPUEIA%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D1375856339988%3Bgcu%3D1%3Bauiddc%3D931637524.1699922526%3Bgtm%3D45He3b81v79432195%3Bgcs%3DG111%3Bgcd%3D11r1r1l1l5%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 114

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2840974069206748743&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2840974069206748743&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=3665eb26f5c44e3ab2b6805279d948f6 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=2d7996b1e777733b98724e77ea0b4d77c2002fc9013a7df82027dd6777499cb1

Request Chain 119

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2840974069206748743&expiration=1701132127 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2840974069206748743&expiration=1701132127&C=1

Request Chain 120

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2840974069206748743&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2840974069206748743&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=2840974069206748743&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7301111663500916880&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=1564728983403777714&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Mzg1Njc5RjAzNDNDQzhBNQ&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBBUnJTJJqYo9-DP-guu9LI&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEBBUnJTJJqYo9-DP-guu9LI&sInitiator=internal&google_cver=1&gdpr=

Request Chain 122

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2840974069206748743 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2840974069206748743&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 127

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 128

https://pixel.onaudience.com/?mapped=2840974069206748743&partner=68 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 129

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2840974069206748743 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM1202311140058ee5522a7cdd18a601&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=08772581cd8c7eca231184a9182a6b7e HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202311140058ee5522a7cdd18a601&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=08772581cd8c7eca231184a9182a6b7e&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzExMTQwMDU4ZWU1NTIyYTdjZGQxOGE2MDE&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEKSbfTakf2ft2459qmyrMpQ&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7301111663501637776 HTTP 302
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7301111663501637776 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202311140058ee5522a7cdd18a601 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2840974069206748743

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Mjg0MDk3NDA2OTIwNjc0ODc0Mw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIzyjHDXbCgj2_iXX9t1334&google_cver=1&google_ula=1641347,0

Request Chain 132

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=1564728983403777714&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=2840974069206748743

Request Chain 136

https://a.audrte.com/a?adform_uid=2840974069206748743 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGMwUkRLTVRha2dRMGlsV0piRDFQdlB3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 137

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2840974069206748743&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2840974069206748743&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=84282161832140005302067492909060343826&noredirect=1

Request Chain 138

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2840974069206748743 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216663104700000051596

Request Chain 139

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7301111663501637776

Request Chain 142

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=lcbbiNEh1R2Hvi5

Request Chain 146

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2716704338 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=p8OaGb.ZmFAMHWzc0SgelO

Request Chain 149

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2840974069206748743&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2840974069206748743&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=8a0732fe-310b-4615-b3f0-3bbcd65bfb7e

158 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
newyearseve.winstar.com/ 80 KB
14 KB 256ms
133ms Document
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f1eac27fd8bf7459ab665e1eb41ee050ff82c4888dca4c9b9549fec91190458

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=5,max-age=5
cf-cache-status: HIT
cf-ray: 825b36633c7a35e7-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Tue, 14 Nov 2023 00:42:04 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEbU3NkJd9Wspvzymc0rTNvxh9rWicg%2FqfL3SwTNfG6rKbmCfQ2gVnR3raY4ppI78eU%2B33Z06eEPIi1sSMYSJGz1vjNNxI1%2FY7l8uBKbLDK9IIpUkJtT4gRKthxZu2t6bNoGfdforPTyuGvuq52HwOM8jsji"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 115
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-10-19-td/envoy-proxy-7fcbb6f9fd-bv974
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hs-prerendered: Wed, 04 Oct 2023 19:11:23 GMT
x-hs-reason: No view mapper found to handle request
x-hubspot-correlation-id: 77cc6493-e806-46f8-898a-0c00b9e70734
x-hubspot-notfound: true
x-request-id: 77cc6493-e806-46f8-898a-0c00b9e70734
x-trace: 2BE5C7E953EFB57CC74E789D85F349AA06AE902F49000000000000000000

GET
H2 200 jquery-1.7.1.js Show response
newyearseve.winstar.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 75ms
73ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:04 GMT
strict-transport-security: max-age=31536000
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 251681
x-amz-cf-pop: FRA56-P2
x-amz-version-id: null
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNNb%2BiAScU2Ib2nFVy2naanqHvA7sKv1NkGoIlUtvjRKbJ%2BsZs7D83C5nFldyrKC%2BohrFekgTT1Kcs5JAjpJNVP9jJ9fxoSG6bZluYVDwIbYKm9eRykpod%2BQfvUH1%2FFj8zxNCNKQyYgO42XA6SJETRbIspem"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 825b36641ce735e7-FRA
x-amz-cf-id: Hoev-1o9Fho6Y1K3JJghAaFtSQCJWsLprtCVgKQzdUciy0d3AHKivw==
expires: Wed, 13 Nov 2024 00:42:04 GMT

GET
H2 200 module_-2712622_Site_search_input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1696439898928/ 2 KB
2 KB 173ms
74ms Stylesheet
text/css 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1696439898928/module_-2712622_Site_search_input.min.css
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0f0b8677a48c5ac19f9a1f29136005e52cce9b9354aaf2a5940bb19c07bcd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5bc5eb01-e846-4240-975c-54787c5f10ae
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 170
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5bc5eb01-e846-4240-975c-54787c5f10ae
last-modified: Wed, 04 Oct 2023 17:18:19 GMT
server: cloudflare
etag: W/"fb150085015c3b7390e78a4b003d937f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1696439898928
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwkFX6qBF1Te5CcxflESgPf5Vi0tdBn6mCAGGpSEm2AbMMdSzQwrOf5hGJyoLHFK7jAqrodgFj3h1KTGWgVU7wZXnPxG%2BXm%2FyX0EsorPfW7R%2B1Ai3bHw555Tbxge4IpTJlNydLuCcYir%2FHxsdeY%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-fbf687555-cks9m
cf-ray: 825b3664aa0391d1-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
95 KB 165ms
69ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a77ac5046e50ea0b5ed78297e38f0f4fa6ac2e4427e8407cd3dbb92abfcfa76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96945
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 00:42:05 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1696428948281/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 206ms
108ms Stylesheet
text/css 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1696428948281/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-encoding: br
age: 494294
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1696428948969
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e1ce1dc5-45eb-450f-913e-4e9f06ce04e7
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 148
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: e1ce1dc5-45eb-450f-913e-4e9f06ce04e7
last-modified: Wed, 04 Oct 2023 14:15:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P0Zjp%2FC66lDEygGbJWQq6vlMBAhP3Ey9PF8684FA4NahRp7tRxW91XlyNZPqRvalRqqfSk%2FdeZ0D%2FNdW9Nn%2FsAYag21Uaj%2FbRUm%2FO9NYwmjAm348EEArsDFYifq1wN4EBzdYbm%2FQT7dVaDxh8M%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-5745477c8b-xgsnc
cf-ray: 825b3664aa0291d1-FRA

GET
H2 200 Winstar_October2018-style.min.css
newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/ 99 KB
33 KB 453ms
452ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf6c5a41e84fdb09a39c5e8b6b2266226978cd99f686d28f5095494fb688f6e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: NK94FCHCGZ8F073Y
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6a22354699c92af4aae64519e0dd5339"
vary: origin, Accept-Encoding
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: lotVFteWLvja1fI7OAa..tg_V5RNI3n.
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 86ff6152-518f-4c94-8828-1fdc86a165e2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 260
alt-svc: h3=":443"; ma=86400
x-amz-id-2: q+b08qoUfT0rAMXvUcMby94Bepv5Pz+XOAnJFBEbpoY2c8Bs3Uqnx0m2YrhCr8IPXzz0l2mrwbA=
x-request-id: 86ff6152-518f-4c94-8828-1fdc86a165e2
x-evy-trace-route-configuration: listener_https/all
last-modified: Sun, 29 Sep 2019 08:27:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qutP7Kv6wQ9fXXRZPuvz%2Faf%2F37hrZQFb3rmbXRm48yknR24osKfXvpS4hQjWh4FhSvGNdfERUCGBO04uAJWv41bMiGGrJQWvdt65wdNIw%2FSONLg2ZxKJ7aNDE1RZmMhbDutMwZCN9sgIVQ3hfQOsh1hwy4xM"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-d7b5c
access-control-allow-credentials: false
cf-ray: 825b36641ce535e7-FRA
x-amz-cf-id: csWKHZPthA5qqcEMsIrC-j3zZJhzlEU2DuG6E6OnUq9FkMjBb1njSw==

GET
H2 200 logo-adagamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 1040ms
1039ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-adagamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc781ef4d0b5bdd66aaf381627a9af48dbb71d7ba1d67074b5f4cd2ea83c7bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: DV3BZZ44FTD13QR2
x-amz-version-id: w4Epn5EdO1osahCKJA4dHK0UlyF7MmXZ
edge-cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2896
x-amz-id-2: I06MxvYm+vTmKEJQzW6gRIpqSINzgerMR+G4gp7wBZ/9arL/QFksyCsfBAERu/bCW8gqc3UMrZg=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "e22039bf0d4a2641d613b070518ee3d6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CF9rjtFnwdIYDXWPHIBB8HHm5tHVmpN3BbTLyuh8SzG39E4SeI1cHjotD6XnPXyd3glDWBKpK4VlEDgM8UFXbWHwKV1NjK7EdIgiu2OcWbC3OA9o1%2Bm6s%2FBY4yYSg0zV%2Fa2yTbyd7Jrei%2B6%2FPZD6WHAary6n"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36641ce935e7-FRA
x-amz-cf-id: 6CY1zMowKnwYchdEsL5oKQFSkCbxnw9aKTwJdN4BlfDW0ubI1oE2uA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 logo-theartesianhotel.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
2 KB 90ms
90ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-theartesianhotel.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07c77f883e496ad8d4e9f0ed2c5dab298fbc33492fcba889a8b17303d9bdd1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
x-amz-request-id: RHY6XCF5ATQ2FNY0
edge-cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-theartesianhotel.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "ac6fef022d36f101d8faaf0cfee74b9f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:04 GMT
strict-transport-security: max-age=31536000
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KlxawU7no2N7BjIdGuhln1BuElXkdEvu
x-amz-cf-pop: FRA56-C1
cf-polished: origFmt=png, origSize=2108
x-cache: Miss from cloudfront
cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1368
x-amz-id-2: pxuRiKSCAnQVNnlPFmDl3yt/md8xeSug1jz9Fl4sBSB6gUnjrM1o9oRgaw3b7SsdTAj7NDN0ygw=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36WZtH1kqndS6TQKoJbBSkXkNubAtqw6TYNDUym6Y4sCBkQG8UT%2BpfZVbLeEuQGtbXRN8gyYBTt%2B6gk1rdHl4Yg1Vri7CVWTfAOcaKDfBBzIxR6IfD6bscxqAD1PsTt1tyLDfn7uOZIgL1DU3Rd4DHzdif5m"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 825b36641ceb35e7-FRA
x-amz-cf-id: ay_beh9tm6mdYPJc3HYKh19F-vaOA8ozFdKjb9YgY4jJb0PDjWKb5A==

GET
H3 200 logo-blackgoldcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 909ms
909ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-blackgoldcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce985f900e99d5767a359e6fe93df21a186f81c838ccc6f7fe30b87fe83e0165

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: AFK9YCP2HG29BG7E
x-amz-version-id: rVKDhABvg6Lwu8SbeolUdie4EpnTXTAZ
edge-cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2405
x-amz-id-2: 5nPU5Ka3xKWFZpIVW57l1eUQbmkBmQUKP98qBoq39OH1Et8PQKnJ3Y27TGrDLVrG84rpE+G43a8=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "51f3509b33848c60bc239ff4662d81e6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTOwwzp3wobrrBFE5iKgEG%2FkzyMeCyCvRSmhz2urd7jvl%2FPCsrSBfiYWlYXXghS9N6NEhQ%2FmmbuCoIEK74jMWBxQgiSCVh4zcFiFMrnooZ2LLw9XHYDYxOoeIxUChiMNL2fD%2BZ3tyir%2FSS5sjZ0a84McDptt"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b3664adac1994-FRA
x-amz-cf-id: DQk4wfP22K6gPhARmzcRhVwkUbM36fICA4morHkDNvNDc4Gdwn29GQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-bordercasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
3 KB 91ms
80ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-bordercasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f8715eda59cc7899e6baab3931be3a3e2cb6d0a0eba6c134334c2f9cb506ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
age: 85734
x-amz-request-id: JF0DBCK5PN8ZQP68
edge-cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-bordercasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "6587c770abbbbd62cd043ec19ad480ca"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _eiKaC1gRExRTkXTNA9SokLMmKH4djLJ
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2169
x-cache: Miss from cloudfront
cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1390
x-amz-id-2: lv/7JjALPAo4rOkgcEwMLA9Ta2+X6qx1SQTfJraf6OXlB+A7l7DpDAThzdtrHFZ2y/SLpVxoe8ekjyW2oTZs6Q==
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYcYc3FHVnBtP7xo8yNHhqCa07jVWP2T7mi4CZlOxiK%2FRsF5TVZO%2F3CoQNQ4qK4dyN3ngVDtqMOEsDrL9gboC6vei1sorhXBcBYZvXFPClRXsrqIX655du%2FKMmzS2JeswhwtUvBsb1lKD1wbsjtUxevT7Ge5"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 825b36653df81994-FRA
x-amz-cf-id: LPcwjyJK1XvkMO0cbawNefNEgcooCX61mQKyNH7NN8lG9KdBKJ0C4g==

GET
H3 200 logo-chickasawtravelstop.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 964ms
953ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-chickasawtravelstop.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b2bd1012e3f875671efff1ac63034c8895ed0157ef22b4c0d8bc8cde314efa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: HPXCZ26CAXM2NKX3
x-amz-version-id: JsgX7w5FSU6VVxL0H4J_4oZ4lOJyB2GN
edge-cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 1662
x-amz-id-2: WJKKun0xLqK2zeeKPVDYaAmtg5M0wnRyM5FQso6oTcRSPyYrNWZG6cgLql3WckcaulkmsJO4sy8=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "d4007843b126b6e9e036594094e6c178"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ql62Pe91A2Cgm3U20avAj%2FcZc%2BhuhhKo%2Fl%2F1IkmjAImSCmK5avMjZZW6IWP0Mwf63%2F%2BFqkf9Eh2bqmAIuFQZfR25R1Cw3VGhEqHQqc2TtVmzPSC9L8W96Tr0E0jZMPB%2FPaB%2B%2FUSJ5uejOazqg7ez5dBMEG6P"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653df91994-FRA
x-amz-cf-id: 8WM9FEKUwfhZGlQ6X_fEpx-f-erD6bQ2VRE5H90HFonx8LNtjT_qlQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-chisholmtrailcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 949ms
940ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-chisholmtrailcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cffef7e9bd43b63fd99014a053a6bc856ab6b8b6f53ae4e0831df562d8bd8d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: HPX4FQ8KTYSK55EG
x-amz-version-id: B5DpOmvch11mXzVseVtlHeywgq_dQ1MS
edge-cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 1932
x-amz-id-2: 8YjBjqmOjwK0ztGdFAaXaPJxxX8biS9urz+AqnhEAve4ItbKDM6CD6JsIKNJ9vopzNMe3BPjoOU4BQNOWgwzY1GM5aCYQEwVIDC8Qkuqgj4=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "d73835f618bc71964c415845fc4d56a9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTOGEqm3nZWvqMmDSSN2rqugErqcNVL5srSwKgDzsZmzZmmuLV%2FK6y6E5AAHVx%2F80vNboxiAEzUPdTWBlv7p944hEyO%2B28Dr5haIQuXgKrq9YcJd%2BYlwwXS4%2FlzxKSt6nbHIcub9dLY2G0rbFWpkbopKIJaQ"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e011994-FRA
x-amz-cf-id: 4iloVk8IcmagihQ1ZS_IcaHk0EC-f3BVAJfdZ-rhLnoE67GtD5tvDg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-goldmountaincasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 933ms
924ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-goldmountaincasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba688650b4ecfebfd260cfff27e2f7f490e1b0ab9ffb4c9edfac5a9388789b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: 571GWW2FE21R6AJC
x-amz-version-id: 28zAG1hhxPcP8rzF0G4jN82VbImzwYH.
edge-cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 3288
x-amz-id-2: LG7RD31AG9sSoY77uRbgJWLXvKJhOW2FakmxIefjOK+m8OdN7m1aVCNH7Nd5DP2nYkxd+pOPzTfkKYQhuag3ww==
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "be35363e74b66134bcb87d78422b3bb9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=042h1%2BIj10Kj%2BCxL4kRNRi2edgh2i5uaGiygMP6XhAUMWfdztS2JXEsWd9keENvTsC8UqBn6fyAOesHl4%2FGSsu6Y%2BSiF2tkKwvHo%2FMKaxtC0vqlkill%2F7uEtH5DBY8vwjCU8vFXl6sMOORNibIxarXYJKnOR"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e021994-FRA
x-amz-cf-id: E1Op0d6GwCXzHH18QzTjmxC0wxwZfsyr5YeagaDXM3I0Uj-6Y4yf-Q==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-goldsbygamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 4 KB
5 KB 971ms
962ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-goldsbygamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d957237d81e87709bfd818c28ece38bcc35f71c16ed0b70c4eace4d755cc28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: DV38Z9JZBZ3876ET
x-amz-version-id: s6xG2gLf4vDchAz.TAHdotjAWYcN78ao
edge-cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 3815
x-amz-id-2: AVmFijxVC1Yab0HpN38d68I0T3HEz0hRetTNvPnOo1V4SiECXfI1VuiA+PFE4vkfN9TRQgWQ9qE=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "45151587e78178e0716a98a0478884f1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FYrXdKg76THTULWPJCQS8wZnUkyefAt1J2gu3U%2BzjrPmxckBHazYbjOIaCVAiB0PCJUj8Nogkl7TDFL1cGI4TZxbenorYHgCdjHrqlqCZJMBLqufRqOw3bJcFD9CkeXEoLHZJEC89euUXe%2BFub3qE05YYPK"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e031994-FRA
x-amz-cf-id: y0uoTfEFzYl7si_JPHb6m9GGy16M72uRmAt5rb4GTcWj4wxtKu01qw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-jetstreamcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 644ms
635ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-jetstreamcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8a2d1550f03c4243fca644a5edbe0a99a1bca8154c09c3476d734ab4c9496d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: HPXCN56D8H1R493R
x-amz-version-id: yV2pbA74yXQbqlUtAtPT1uobzeOtLEqR
edge-cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2195
x-amz-id-2: Z5CsIClWmj6kvYMWfDjmHnwK7n27/AJgVnr3eW86t209znpjns+JKXjy81W9mMt3y/Iwk1lK1AI=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "82e962c1b7cd0f32296913945e92880c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgeTEaKl9HwSKhj7jeU2bzLq6U1lTW5x7o5%2Fs0QuedidpA882RwoKAq%2BOlC6Nf%2ByewIyv04MM%2BTQS2SBJPklG%2FB3KATepdEKE5q7Y9yobhOQ4p%2FwCS4E%2B8GAW9JnqYi94lXLyg%2Bq1Zy2dMMP%2BE%2BVbAxLBXXk"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e041994-FRA
x-amz-cf-id: A3GfajFLHmkEj712c9-cxgkiFtYfZfnuuu2p-DF3Vi--kojG2og3cg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-madillgamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 4 KB
5 KB 960ms
951ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-madillgamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf824312f02027d0465d66db66e2a162385246064153e2b63a439233feafccd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: DV33XGBS3M675AP6
x-amz-version-id: Xox5HCzdcxcUtCmMf2Gwm3rSb20a2zbY
edge-cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 3752
x-amz-id-2: 7Wg4lx7423auNGtR4J7WiNkyBaWxI6lf/HxnqlyJhuToc7O+Uj5mtbVj2BeMdQJxyaIFVJDsFE5NANummNldHJx+jYDCASuBfNq7Sp5A3N8=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "ba61e591f21334bf66104547fd683e7d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJHR9akUuZJzP6KZh8sTwzta0Qr0bpLZpT%2F3oGBlz%2BuSgfveV6ko%2BBpZTHwvD8AZOjQD2uIHKdyK1oWna3Pzs60eRDoHU8g9ss6htTHGaFaXV2ttohM%2FA%2FbDdYcGDcOE68Xy%2Bpg%2FdYkOHZXCapE6PhtHiiZv"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e051994-FRA
x-amz-cf-id: Z8j-BpaZPzxwkoI9liY5N-8prAi3JP1Pf0YvOUZWWR-f-anTnMn7hQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-newcastlecasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 971ms
962ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-newcastlecasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b622bee1109736d0daccea46195fb72dc39651d33b5055d88b37c6f1babb3d5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: AFK0ZPDCPMXYMCXH
x-amz-version-id: JxuxL14I1BBjf201CcFaFRGhq1T7VFr6
edge-cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2282
x-amz-id-2: 86Rv0B2F5kQvk/C6+3NC1XpwpRIbXBVoslOYzO+FM7gcQBL1txjGvAJM2/DRfANbnLRoIKp2zDA=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "3b277a721cb80958606d69fc574230f6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71zvNL16cB4rSYTbrZiRIrd7U1EzYH1rcf1uLo3A8N57t27aS%2F7GdtwRS5YrzA4T0sl1Tx%2BEbYhIqN5JFXfMwnIQSgh%2Fw9WqqBbe00jTqMa1wF7JNPeL5txrBdSsf4OnessN3iyb72lpVJ2joKkftT%2FsyEmC"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e061994-FRA
x-amz-cf-id: b9NRkt09fvRxDxaByGwT25kRLAXWA9Zq2ZKO67zREWKK7aTIb8KG5w==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-theriverstarcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 680ms
672ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-theriverstarcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d8306bd4ee9c279fe3fde6fa7492d96bbfcea6885ab14585b23bbdaf4dec10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: DV34ZCKPFPHYWJZA
x-amz-version-id: 9a3FCbqn1vj3Z_wWI2mGXv2t2Jpl1uFp
edge-cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 1859
x-amz-id-2: MNe2Hn+suYUyAWt4+xxT6IiZ2K0RoMEnIGyW5Wutn0hONWWENImNSEMc2UMe/OpEaFrKk1xIyIY=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "4ba78248dc1ffe227d22515d85e6c4af"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyc%2Bvz3SywNi8MgCrNUrQaM3qzvcv1qRxUCt5riqpvkkbaXAFho3fWK5Tf2C1SzkpV8CG0kWCqTy662niJijdoCSOBNMvd2AkyYFHfoZMW%2Btos7tjfTZuowXp9psXANiPl%2BZ06MW0wrBJKUgOf%2BLGtAkqvFl"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e071994-FRA
x-amz-cf-id: lEYASTW4t-A1UElZbknp-pP1oZ-LOw25TZZEPzG-uMhkUs-dKnHlgQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-riverwindcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
4 KB 909ms
900ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-riverwindcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fce0755677e0c97a66300b8346a0882e8a01df4f54147a6ef6e494cff162796a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: RRH2W5KS4MVHCZRE
x-amz-version-id: U4CsENiFD2YPkdxDKuZHPHXEU6NbKdfu
edge-cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2542
x-amz-id-2: zqwmE2RsJS0pRI8wZM91UXnFDUwp6OrpZ4p7LOMKInYzIT1f6zpeRfxww5xaZyo4I1jVZRo8cKQ=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "0b8c8ad86e3575434a4e55295ef8f332"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMEmLYZqPTfdW%2BL3RtGcrOcdGF9kPVQT%2FxGpuf89giLecjqW%2FDGu5IHNc9WdIbcMtFQe9luq1zwU1d6C9t1mjbjaPELMnVriRApXjJefbNb8I6eCQDWxA7Y11Mjxhl4jBMRHvvU5r7CfwRhfzr2jGPJW%2BpYs"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e081994-FRA
x-amz-cf-id: TolMmTUnvoZykwccPW4ybGKNB1ni7iXKsDmP9Acael6KZaAgAz8nsg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-saltcreekcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 677ms
672ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-saltcreekcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f475146a0fcff8471ca0cae826dcd90da49b3deed8066db05e4fcc28e726b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: XT5QBXV5GHMGMGWP
x-amz-version-id: .saMBQpLsncBAch6fw1FORsSGkHAHhJH
edge-cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2590
x-amz-id-2: lbT8aDbWFKvWu8LCpV4BnNNh7DBHnj9sUiONgzFpP3L66/Wpsb5x7ORX4/2GOMSNW4YUUmAqbfo=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "73ac739590a26b08f4bc87c0eec1c3d7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r%2Be4ZVkLCtiEv7pz3DZMm1YPY7T%2FGLGDKjjpPYZ1jywERBAb3Pg1GtOleMdTx%2F%2BNIIX%2FruE6D0Ouv8vjWKw1eJZc9rrsILIdNxOdJUln6PRqr4NY2gdSMAO4N4F%2BcSPbr5kXkYz5JiGUfVBCX%2FHs%2F6qsb39"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e091994-FRA
x-amz-cf-id: dEt_tq6yOQB5Y_ftVlc4DC16rdMGPn-vWed0422KnFKwp1WLwUG4sQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-texomacasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 983ms
978ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-texomacasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c37e3627758ae8eee1bc7eae847d199e83c32ae218d84ad29c7bdd336b1a866

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: DV3CC5FWEC6QSJ2H
x-amz-version-id: HAu7Wsyo4tR7DubDCN8_tKH5SosEX5dW
edge-cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2447
x-amz-id-2: /aCirr5P0jNc1GfwOjlFdCH82k3GeZ6jfKcW/CFjW21V7HX/++hRWzZepte1LjIXILL2vpvzbFQ=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "8f7955f826d5785a3669876e9f00d557"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYnMuoYIKpz%2FQHbb1GBWiRya4ps3DXQtackAkmRXlWgfbMNvTB4eLm3KLoqFPBPzjZi5XUWVUMXOHo1ZBuf%2BlIqLWdlKA80v6YGyq9yJ1%2B2%2FzVEavdt%2FBD8hZS8SjjTGH3BRLI8Y6Jfdlmbd36RMrORjdmwn"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e0b1994-FRA
x-amz-cf-id: MzUrF6X-9NvZ8b18CGip7UwMEyK2lWu55LhucV1xf6VHqcq_J8P54w==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 logo-treasurevalleycasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 120ms
116ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-treasurevalleycasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7cdc65100f33d14f35d64a6a57237f7bbc49a6eb0dfb1c95984642d1e2b8a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
age: 85734
x-amz-request-id: 6G0G8JEVJEVBAR2E
edge-cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-treasurevalleycasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "df2fabf268d97e4452655e874c1cbc1e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _SUcF7YoC0Gse0YT8IMX4kXn30ztWvZu
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=3365
x-cache: Miss from cloudfront
cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 2244
x-amz-id-2: FaXzOOFi0hlkCgUhkqGQu2O2J0WF1CiP/sF8YRyIWFWf1kmaNUhjqISnEjP7xf6FHpAJQMuWCJQ=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytk5kQ6ooUh0k1Kl%2BXvzJ2a6cJZHPHvPTYiWykuRFy4VJNdVHHwtHp1YAtOUVJGE6%2FdZNK7nLyTyTOnE0OU%2Fhl2x%2FH2iPUW%2BHQ9iXnXN7%2Bvlud7gy14HtxMzTuZjDaRRN7X7If7sRhuFD8J8bHMZhtkGpuK7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 825b36653e0c1994-FRA
x-amz-cf-id: XCNBFaopGpb26CKv5lgn8Ydvgd7L3TdHrBjqa74aNhy47cqo-e9S1w==

GET
H3 200 logo-washitacasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 3 KB
4 KB 983ms
979ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-washitacasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34d4be36c17e8e93b4aeebc9641afe9bb677cb06f157e33e20c08e485c4a13c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: AFKAB5YB3TKRB4YZ
x-amz-version-id: EMtezGLG.SmVidAAesVQTZFAlKT.gPGw
edge-cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 2632
x-amz-id-2: sR3+Ko8f147iP2Ha0/c4RcuKWeDsgTSs/kj8TX3HqX8s/1NvP/y3prm/kR1vakEUtnY6MAW/nsVBgbMgceaBaA==
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "ab09c5c85f22f772e73d108c43cba424"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCcEQGXqbL5MHtqSKX0GAzfaokGF%2F%2B4wIGpOEwxurbljZMBmybwgoLTCbymXAlg7R5igK%2FZJ8d410veinK%2FxQQskKnIL1aOayyF2IPJGWvPPJFkF0CFCZCjzukVAF9FhH7W79rT1Mjk8WzDgeQbu6%2FJdhJbf"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e0e1994-FRA
x-amz-cf-id: Vc0zHodFGHPeHXCJh4MgLN3RXgJHYluha1-R77v1OXKgA1CQ5Qkwfg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 winstar_logo_new.svg
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 9 KB
5 KB 84ms
80ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/winstar_logo_new.svg

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 85735
x-amz-cf-pop: FRA56-P7
x-amz-request-id: BDKH9NTG6H2V6F56
content-encoding: br
edge-cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: CCiFdR5lVMuU5PjWh7Vu5PseI5ieorRz
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2eXCitf0Mw2t5n32Fbx7lMc1o4zDTTrEn+jAzGByXwW4qtvTT9bgkoeM2GgancFRLhLNwBUmYY8=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: W/"50e2b8162235b3d5b57b9d94d0481154"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n7a9aJcuG9WDKoJ9oG0HxcGQ%2B07E7gfkbydZab%2B%2B3m%2F2pDnGMFjeQYrPRK8CWzq449l%2Bqiq3fcHbti6ptPqazzYEq1hrNMoPsR8IaJARwIGF4Pbhk%2FK%2FDe7nVjUze2p7xuAf3WOd%2Fwjnanj9d6ASuGQPqpn"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 825b36653e0f1994-FRA
x-amz-cf-id: uoeoXsmWR-OcrFGTskpIUceWvYnulMplXoYUPUrK_oaFbelk9RX4qA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 winstar_google_map.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 6 KB
7 KB 122ms
118ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/winstar_google_map.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b946925340916f3b31488e5364761910fbfbeea44f71d6478987ba1858f6cca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
age: 85733
x-amz-request-id: JF00SRNM3M44VN0A
edge-cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="winstar_google_map.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "8119a7d269e079586154be2ec0935f17"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Cre4s9XRPy7GwpYotpUCw54eim.Tn.vc
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=7799
x-cache: Miss from cloudfront
cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 5842
x-amz-id-2: SqlAgJrTJDmMw+QzsYO/C+BJSzbHFAUM1cUp9daJ5k5uHQL3HYuOCSBHZjN8atxsh1IBog4axS4=
last-modified: Mon, 15 Oct 2018 10:11:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMDEisoqThxY3RHKPhtAap9huvx9tRBmBznG01jW4iDhrEswOMzN3r9O2GN7tRANl4gPrm7PcTSXRdCt4PV%2FyONSKGwItFPuNg7eJ7VmwNeX1K0%2BOQ%2BifTn1jcXNiY6IM%2BPLx%2FF8UvjtcUuz5DKTWYz0ao17"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 825b36653e101994-FRA
x-amz-cf-id: Dt2I7Y8UkSMxS9GwHEpnHCj3yx9FwTqiJN3W9LgZgRApCb0mms68Pw==

GET
H3 200 footer_map.jpg
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 17 KB
18 KB 955ms
951ms Image
image/jpeg 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/footer_map.jpg

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e3fb5b38a0738a68fe363f835acd6291a6da3227077d22c72dd4f401a364763

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-C1
x-amz-request-id: W3NYVEN6BK3C0Q2T
x-amz-version-id: .T7fUTtu9zGC3W14jM3tKd5NtLutdFHb
edge-cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 17550
x-amz-id-2: Ov/04cKf0NxJzIizbX+x4IkjpjF5SNOY2dd0vSx8tSXO7xMPTTs1p6rql5eFyU4OfXibLA6zIwQ=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: "34e2e4012be9c202eaa9e64bf3b8cd9c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcFVsmAViCd36ulDb76U1htFnEPEAJScWGEXJH%2BskWPVWzLPwaPjEwnV%2BR8fycB7nw7Z0GvhTdhV%2FZtRib88M%2Fvqd5xmDLwu02Ts5ffZy83MCOyyOhkNYidRPmk1xzmdeUS2hSqYlog7h1hG44%2FZLLaRfOtU"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36653e121994-FRA
x-amz-cf-id: DYh3Ao6Pov_LC0JJeyNEQuc2P0bS1yLffWlRLI84JFigEeCQufVvtA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 137ms
49ms Script
application/javascript 2606:4700::6812:4ffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4ffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 68203
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dTdGA9qpVUwlH5J9nDtcv0L%2FZrlM0EPVd%2FWsFxaRKb6l0HkJLkcnwPFOnXYvvGG%2FimihFdRrL1xyaKqhHFuff6f9AE3FhtiCGqx5MEmuJrYlfbyFvxG21qsUJKNxJWFeSLVhkhkt7rR6F2DIycOe0r%2Fa0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 825b3665c9b1692b-FRA
x-amz-cf-id: TROLgfKkalxJqk8-6LdehqN_IiZ2UHvtYf3Ji37uzQ11KNeleN535A==
expires: Wed, 13 Nov 2024 00:42:05 GMT

GET
H3 200 Winstar_October2018-main.js Show response
newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473161/1569745634254/Winstar_October2018_Theme/Coded_Files/ 3 KB
2 KB 399ms
388ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473161/1569745634254/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-main.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa47cfb176e0b8f1e4ac5ca452888fb45222a802e555a3368460b70c3b8d065

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: MBYH67PF8JF11CB9
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d1eb4ef9da07c83ba45ac31bf950fd9d"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KrERUaf2d9Nsrz3_RbPh2Xb9M752n3o6
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: fd28e332-cbb7-424e-8da3-3c6e80ab540e
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 195
alt-svc: h3=":443"; ma=86400
x-amz-id-2: k3Oy7GQEAEwnZulyjGRq70CwJvfqw07immz36IiyGzx9P6RcKHryMBm/MxyE5EkHDUhUUeNySsk=
x-request-id: fd28e332-cbb7-424e-8da3-3c6e80ab540e
x-evy-trace-route-configuration: listener_https/all
last-modified: Sun, 29 Sep 2019 08:27:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIwLfZ1HPppkNrqXXHkx3I4xfechTv%2F1ZSk3YVDqUqz%2FFwk3JScPSR8s2c0BOSeEEpPa%2BgYqhZA9R47Ti454e%2BsTPnVXwzuSGIl5XbEj3fOm5SlUj4VrRqsUosLa1ZxCQD%2FQ7H27RQJmhsG6auq4lC1DGlMw"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-d7b5c
access-control-allow-credentials: false
cf-ray: 825b36653dfb1994-FRA
x-amz-cf-id: asOZhsSI4nTmop_8kw2FPqTlWDitgjGhLWrOox3XxBZrBC0S6CuKMw==

GET
H3 200 project.js Show response
newyearseve.winstar.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 89ms
78ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 84476
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQOzYvsMUiaMF%2Fy1vp5MWlZgN3WromGP4EhrFIeuRTlxg4tVQckt0mw4%2BKWydwD1joWUnMABPkRDjTbWqWTetvcKri9z1f99gA1d%2F18u3jSP33tix%2BIlkGnvfMmW57F9XW6BADl9UFHyItAHZ7XJnpU5wJFp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 825b36653dfc1994-FRA
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Wed, 13 Nov 2024 00:42:05 GMT

GET
H3 200 project.js Show response
newyearseve.winstar.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 90ms
79ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 450031
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfHx3773PcMc5yw1ZPlv7l3rmRB05cH%2FJKEeYfILV3lSjzLWwF17%2F7ctGGJHTrYr88pXt9XK1nUyEjo%2F1qIqsS7LSfJUXE2FhILnInFfWlEMn%2Bqrz6I86rbsBSeCw5PuDp6xq9Z1XUqV7dhdUqJQxF%2F35FmD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 825b36653e001994-FRA
x-amz-cf-id: uSTHdT_bIh2Ye9SEpFGym7CWaytSjp9H4ojk9AyzM-_fPbAIvxwbGA==
expires: Wed, 13 Nov 2024 00:42:05 GMT

GET
H2 200 module_-2712622_Site_search_input.min.js Show response
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1696439898257/ 6 KB
2 KB 69ms
57ms Script
application/javascript 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1696439898257/module_-2712622_Site_search_input.min.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718d472477201493d1be31e5b01e10998272aa0cd6b98191e043ccbc1787b037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-encoding: br
age: 46769
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"da0124a883faaacc72fa39714b4eae4a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1696439898257
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 00:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 19a6a1dc-ebdf-44ec-b3df-966009600e72
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 212
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 19a6a1dc-ebdf-44ec-b3df-966009600e72
last-modified: Wed, 04 Oct 2023 17:18:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yxv8773rNfEumNRs%2BMSzJsRiAvKsqNHZFzyQawgciCJbAOxvcq8MAkSTSbMFGF00PFxu243RhtZGVUxqvAbpbyoRl1t3R4kXoWfjp7ULARGCNOyO9ASpON5YTh00VZGv7i1H9OsgRKgENFKDWN0%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-5745477c8b-xgsnc
cf-ray: 825b36653a2191d1-FRA

GET
H3 200 4132260.js Show response
newyearseve.winstar.com/hs/scriptloader/ 1 KB
1 KB 231ms
228ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b625d7f90267bf87f28bba332c9248edcca180d0c67b950bafde32ae9bf7cd2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 57934e17-3faa-4709-b7be-a57a547d4582
content-encoding: br
x-envoy-upstream-service-time: 4
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 57934e17-3faa-4709-b7be-a57a547d4582
last-modified: Tue, 14 Nov 2023 00:42:05 GMT
server: cloudflare
x-trace: 2B6FA79198E1191171F465176DBD30DFF9AAA87FCF000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newyearseve.winstar.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5dc9ffbc55-h7k8d
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNBB%2Fm4QAXwFVEhBK5KSrQj3tS0Yxw7y2jQiDjjLkzJ6U22IVVI%2BarBiPC32zIy23lcdMAx3NUBJGnB6TU6rKZQ2SW2pLsJQ%2B1x3O0tuAqYNvk86lWtv%2BB1xC6gRmbK2mGuyhYRfGG53aAZUfk3xT9C%2Fa%2FYI"}],"group":"cf-nel","max_age":604800}
cf-ray: 825b36653e131994-FRA
expires: Tue, 14 Nov 2023 00:43:05 GMT

GET
H3 200 index.js Show response
newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 83ms
80ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 332530
x-amz-cf-pop: TXL50-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFuAgEDyz9vlZLQWrKzB%2Fn9fCKbS4kXt%2BEBy4sQuLrUnVHWLcRBcvJM7FVdukTYKHqqEbSPgHtC3YqAY7x8uRkKeaHuHRpThTA%2BJ82vL%2FYtunU9liKexwozLBInlS2lKc45yJI9xlMwn4vDlR12twPKkiGX6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 825b36653e141994-FRA
x-amz-cf-id: 8NRs2Wm2ubi5t9HUvpgx9SMwAJYAnsUpgxBkSQl1rau6_0XB0E7nLw==
expires: Wed, 13 Nov 2024 00:42:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 464 KB
117 KB 242ms
154ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f65479d8ac42143923455e63c356ab2702ab5732eca99bf8dafce3e687599426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120052
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Nov 2023 00:42:05 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 137ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1LWDFVQ2YJ&gtm=45je3b81v876134144&_p=1699922524965&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&gdid=dZTQ1Zm&cid=764390710.1699922525&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699922525&sct=1&seg=0&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=754
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 136ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M62JR698ND&gtm=45je3b81v876134144&_p=1699922524965&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&gdid=dZTQ1Zm&cid=764390710.1699922525&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699922525&sct=1&seg=0&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=756
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fs_mid_blue_dark_blue.png
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/ 64 B
1 KB 114ms
114ms Image
image/webp 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/fs_mid_blue_dark_blue.png
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c2a14f4df0b94031373a3cb9be23d936f61a276c0b3b123cceadf506f66e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: 2fOW0LmsXhRWlw_JAHAGigCTqetdzF0W
x-amz-cf-pop: FRA56-C1
x-amz-request-id: 32RMMFKHJRVN0RHX
cf-polished: origFmt=png, origSize=110
edge-cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
content-disposition: inline; filename="fs_mid_blue_dark_blue.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 64
x-amz-id-2: RDi5CcDHn1ICedjBrMgViAxV2dMpixuHRpUGbvQBDE5qAwMKV7KCyc4xg+sPl2LF3ZGXVNjdIesT6Y2f+88L50YRYiITbn76pDP1ZNyqOhM=
last-modified: Mon, 15 Oct 2018 10:11:39 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "12dea73d28f469fb0ee2bfe05815786f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWxtB3NOHtKTui%2FEWCx3CqBpp9b%2Bdc8M%2FyOL9TTal1myjb26ei1V%2Ba2hcGCMEl%2FVPZo7kbtqOhEbTkoCIdgYB1tIQ5e4lra5vYtnApYzJdxp%2FP7r5rMqxaj6TtMUziyma3vC8JRzs64asHtMFns%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36673e2035f3-FRA
x-amz-cf-id: sgnJw9T0kIrVB_uECrwuBAas2fDj0XIjJ5tCAsCHIuqQTdNS9saT3Q==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 07-brother1816-regular-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 36 KB
37 KB 1117ms
1070ms Font
application/font-woff2 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/07-brother1816-regular-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: 6NbhAV9OZi3kM4XCKtQTBqvU8U.GtDR9
x-amz-cf-pop: FRA56-C1
x-amz-request-id: DV38JVAHRP7Z5XYM
edge-cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 36932
x-amz-id-2: 9krNhzaO8GYfh8aNGPYTP9NIqR7MmMA2iOfUqTpUZZlD6mr26XFYC3d7kulJdgvL4KiYGPYmzJc=
last-modified: Mon, 15 Oct 2018 10:22:11 GMT
server: cloudflare
etag: "792f3d6bc7b18b43cf24aba8f071c282"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FK2JfYNeEnN59lFnGbygUPAGUqlebLaUS3lCgdXEWw1%2BPV9ckg8WKiHHonuCQ27eUgRicPFfk0frXumb7U5w9SLf514%2BGvUvnwu9SYGKotcuoc77%2FUOghnKPaq2KeBzLZYBmU4w4eedXYa7Ie%2B0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36677ae39b1f-FRA
x-amz-cf-id: EtKs2OKlFuNIzOVAwxJln1YTiwp9VLovvJ9yXNcD1hvTSMaYmYucKw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 fs_blue_dark_blue.png
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/ 68 B
1 KB 103ms
102ms Image
image/webp 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/fs_blue_dark_blue.png
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad53f8852f9d05834e2baf4d6af337666c668230cd94026519273642efb662b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: YoPvDj_Jti8vX7Sw96siMvtHne.0ry8h
x-amz-cf-pop: FRA56-C1
x-amz-request-id: BQZY6BQQY3QXT6PC
cf-polished: origFmt=png, origSize=110
edge-cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
content-disposition: inline; filename="fs_blue_dark_blue.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 68
x-amz-id-2: lkxY4Wuz/qiyofh9GK0Zf+wsfEdkZoO8tP0ek9GOVrw5TtDfO3o+t2lIwtsC4fGnkngusI1XD7auPfEnP+RWlJvqz2D2FDCN
last-modified: Tue, 16 Oct 2018 13:29:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "453f24becb272d4ccd8cdef5542a67cb"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Sti%2B%2FZjX%2BbQKUC2%2FqOBhaKUUt3E2Aueq9ianXK9AWunQ2bctMmmrOeXKQxWs9AfWEQbFn6DZ0pQ0ABWV6IBd7tR3ZkRFpeCFoI2AqAO4TxhpEjOyoRcPWIb4DeHE7nyX4dBkH1mycIXxytEK%2Fw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36674e2335f3-FRA
x-amz-cf-id: seyYDfSC6PAph6cht9ey8CVs4KM1r744dTAfOoanzcxknyhmKZdVMA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
DATA 200
OK truncated
/ 28 KB
28 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1a7e22aaff8ae13a0e2998dec60d2b1e5195f35269db59f4a9bb7c78a02fd5b

Request headers

Referer
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 11-brother1816-bold-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 35 KB
36 KB 1129ms
1093ms Font
application/font-woff2 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/11-brother1816-bold-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: EuuyyAm.a2B9xgoLv8qlux19dQD5xkMQ
x-amz-cf-pop: FRA56-C1
x-amz-request-id: 4F4KDJ1P0MF3X34Z
edge-cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 35480
x-amz-id-2: tAB0Irwh1AQri31khf/A3+V4eXDwRUDBjYIuayeeZaDzzQjoUyYZIdK4n+fZmlQGfpOUM3oOHeU=
last-modified: Mon, 15 Oct 2018 10:25:58 GMT
server: cloudflare
etag: "3353c0c6af922ea10301c175bfa40497"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gahXUEmYX8Z3O4Xlrirpr%2BKpPlHpKlefORW7gn56LVXGd9FB6DP9qFuYkl98uDuItLSlawSekOLtoz6vyIIb1EZIlYva26Nmn1ZcH6%2BhhIkikGRRBjTxys2zIyD%2BUrU4LXsxcI47WvNhZOlMdk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36677ae29b1f-FRA
x-amz-cf-id: coPW0oaz46VVksDetrA34n52pDbOCOhjnEsn6uGvfBMhPh9ynxTjsA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 05-brother1816-book-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 36 KB
37 KB 987ms
951ms Font
application/font-woff2 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/05-brother1816-book-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67be5c64cb2ea58e769dbdf3b2fa46c6c1490828fe2a128622b721fd9f43acc

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: KLJIncy6PMsiA6G6I_ufHnkHMR9B.S41
x-amz-cf-pop: FRA56-C1
x-amz-request-id: 8Z83SMWFBE92GR2F
edge-cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 37248
x-amz-id-2: 6OsUbk8SOQYZT9GrgM713VStgmGnFVdC0bSSwQmsIZAeAPoO3t3zKI81FNwbjolur+s7u8d/ypA=
last-modified: Mon, 15 Oct 2018 10:19:41 GMT
server: cloudflare
etag: "55df6954b7a71f3e2dd0567ab5629249"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQ2BgsWZyHrwOOUtS%2FZhoGLXsdFQzjcwclhPgjGBf7%2FnAQc%2FQqJ5zlHoU8qAcOg2V20Jb%2B1%2BfJkTjgyJZf3ob1W%2BLRooGT38HJVx73A%2BA6zv%2F%2BvRZe82RxZgCUMzNYnkBXO%2B51r5OMYMtcUQP%2BI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36677ae19b1f-FRA
x-amz-cf-id: C_rR_ilBMt0UIQB7DK_V3ABd2rWUA1U_UyQ4FGQspENka2XTbkYhFw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 socicon.ttf
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/socicon/ 46 KB
32 KB 1025ms
990ms Font
font/ttf 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/socicon/socicon.ttf
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6bbb4c2632625af6166ce6afeb938f4ea69dec1d6d9dcda8d365aa441193077

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
x-amz-version-id: r5Ngcn0PY_qbcWhp3fZjiFNANSXeC_de
x-amz-cf-pop: FRA56-C1
x-amz-request-id: DV3AYSWZX3JHJNXT
edge-cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: N78OR5M3DilN9Bf12T+9Fx5Or5bVpJqsXAsARJFgznRIMRjt375bnOYdC0Yk0iV3GPWtmut/wyKu8bV3cgDOCw==
last-modified: Mon, 15 Oct 2018 10:29:18 GMT
server: cloudflare
etag: W/"89760316f014d1ef335340b1a71b7ba3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGPu4yv3gYG3C9bKX9wZQrRy3tQaV%2FhGeSGmBNW40eqvqiTPiWqqO5cdz80E4Lh9PKO6%2FKmP0KSUMgqtlhGaH2HgD%2B5KsgJ6VWk8yenfQbxIOdC%2BTGncWx5pEwKIs2UHHEcvbnYMENEuB00dJcQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 825b36677adf9b1f-FRA
x-amz-cf-id: IYtR30tp2hQYnJzYtOR-GXBs1xZ8jVPOqz-QBwEJlBnbWUquefvIyQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 09-brother1816-medium-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 37 KB
38 KB 1066ms
1031ms Font
application/font-woff2 2606:4700::6810:70d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/09-brother1816-medium-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:70d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: ZIy0nGY5MP5b8b5rVBIVvEw2otYxJ83T
x-amz-cf-pop: FRA56-C1
x-amz-request-id: 4F4QTCHA1ZGPBVXE
edge-cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 38096
x-amz-id-2: Jcttu+FEIKfXu5tE7KltXiDQVYK1pOeWkJX90UR+JrpGeQjwDodsxtj+P0pk1eVHzKHtNdBCUG2D72nLmEpjE5oDZMtCAFPp6KH3oRkXLFA=
last-modified: Mon, 15 Oct 2018 10:24:14 GMT
server: cloudflare
etag: "b0f918f568eb228fdf650756c088878a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH7%2F%2BomLHMUQdoGsE7ipc8GDL0tZUN4Tk6kzAjZg79jcaQ5RaEEmA56fPlU6iwI%2BinM%2BZFujFg4TlfsNgae6WgCawl3u%2FBZBCZfUINx0gl34cy%2FVFUuWF6XYzW3IGnMJ0CWageP3EoINHsbySME%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 825b36677ae09b1f-FRA
x-amz-cf-id: Q5PjaflvP9rULlaNqNwervaJi_spTsHXZAs2yRtsE4p72dBTgFGveg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 140ms
50ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=11p1p1l1l5&rnd=26134984.1699922525&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&dma_cps=sypham&dma=1&gtm=45He3b81n81TTP9H29v79432195

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 23:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 14 Nov 2023 01:49:41 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 Nov 2023 00:47:45 GMT

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/ 36 KB
11 KB 260ms
141ms Script
text/javascript 18.245.60.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-121.fra60.r.cloudfront.net

Software

Resource Hash

713ce084fce83a934d54c9d52d5775e457f414e3f6c6ed00c4bbe2892abddb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: f5d7f503-c8db-4eb7-b728-1d22f60de33c
x-runtime: 0.006198
referrer-policy: strict-origin-when-cross-origin
etag: W/"713ce084fce83a934d54c9d52d5775e4"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: U7QgCfzN-LA0wnXx7hdzMhMJ0o9uqDmVN-JZHD3B7Nzb2KhqphaoHg==

GET
H2 200 4132260.js Show response
js.hs-scripts.com/ 1 KB
1 KB 410ms
326ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/4132260.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab72de84e47f83aa15b2cb87a294b84b063b095cf0e2f506f7e31dfd4a3b5bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6fbe657b-add3-4a07-8534-6de6d8049869
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6fbe657b-add3-4a07-8534-6de6d8049869
last-modified: Mon, 13 Nov 2023 23:54:32 GMT
server: cloudflare
x-trace: 2BAB0A3446B1A837857A5DB8EB669BDC6C0A8AC184000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newyearseve.winstar.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5dc9ffbc55-ht8vf
cf-ray: 825b366869d99012-FRA
expires: Tue, 14 Nov 2023 00:43:05 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/ 32 B
559 B 246ms
140ms Script
text/javascript 18.245.60.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-48.fra60.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
via: 1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-length: 32
x-xss-protection: 1; mode=block
x-request-id: e6209411-cc79-4ffb-8cdf-853c3acc5581
x-runtime: 0.005347
referrer-policy: strict-origin-when-cross-origin
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: m709YP5ikYyozGMcwMLKN1W0DZBBdYitisD2HO_zqmjC5SsSvjW9OA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 123ms
43ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Nov 2023 00:42:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6VSEOP2Wmz5tNqVy9A9HxA9c6wfxi+HMF9dbj1MC71VFRltyLWPUN2P+LHQ45d4bnmrMSe2TvYIuivOU3TT00w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK flip.js Show response
tracker.adreadyclick.com/ 16 KB
6 KB 140ms
46ms Script
application/javascript 2606:4700:20::681a:91e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.adreadyclick.com/flip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:91e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c90dffaa0f249869c9d88706df1539e60bfa12ed2749f4ece718f417acc356d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1699445765
Age: 2956
Transfer-Encoding: chunked
x-guploader-uploadid: ABPtcPqZ1H1CcnJybgknxI2EgCBccmzjJvRtqrQcs29LhiMKk8Xn0HI5BHXfwaLAUG8exb156unypfJfjxdtTYlg5yZprg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
last-modified: Wed, 08 Nov 2023 12:16:08 GMT
Server: cloudflare
etag: W/"8ffd9d5d67b62e498f481c212f50e12f"
Vary: Accept-Encoding
x-goog-generation: 1699445767880174
Content-Type: application/javascript
x-goog-hash: crc32c=3+sOxg==, md5=j/2dXWe2LkmPSBwhL1DhLw==
Cache-Control: public, max-age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DQpOuW8q8cWwCYyvBFKrp1CPx4JjW3ErwlUVKuPwP3QxiH32UYrYWGeP45uNG7HoxFJQgFbfEaGO2xNIxIpEbThK%2BJsV82ENCIViJ2pOfbE4onmfu%2F8ReyytX%2FNkoRrQY%2BqNXMRXMxHIXXXSUO42jaqe6rIEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 16829
CF-RAY: 825b36687f6b6add-FRA
expires: Tue, 14 Nov 2023 00:27:18 GMT

GET
H2

200

src=6820846;dc_pre=CLrRoPKgwoIDFdgIogMdkVwDbA;type=winss0;cat=winst0;ord=156223300572;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=6820846;type=winss0;cat=winst0;ord=156223300572;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
https://ade.googlesyndication.com/ddm/activity/src=6820846;dc_pre=CLrRoPKgwoIDFdgIogMdkVwDbA;type=winss0;cat=winst0;ord=156223300572;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma...

42 B
107 B

78ms
78ms

Image
image/gif

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=6820846;dc_pre=CLrRoPKgwoIDFdgIogMdkVwDbA;type=winss0;cat=winst0;ord=156223300572;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=6820846;dc_pre=CLrRoPKgwoIDFdgIogMdkVwDbA;type=winss0;cat=winst0;ord=156223300572;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10388130;dc_pre=CK_PoPKgwoIDFbcOogMdl9sIog;type=pagev0;cat=homep0;ord=5107505211087;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10388130;type=pagev0;cat=homep0;ord=5107505211087;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;...
https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CK_PoPKgwoIDFbcOogMdl9sIog;type=pagev0;cat=homep0;ord=5107505211087;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;d...

42 B
118 B

79ms
77ms

Image
image/gif

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CK_PoPKgwoIDFbcOogMdl9sIog;type=pagev0;cat=homep0;ord=5107505211087;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CK_PoPKgwoIDFbcOogMdl9sIog;type=pagev0;cat=homep0;ord=5107505211087;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10388130;dc_pre=COrRoPKgwoIDFUELogMdnQQD-Q;type=place0;cat=place0;ord=1;num=6250784449971;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10388130;type=place0;cat=place0;ord=1;num=6250784449971;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0...
https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=COrRoPKgwoIDFUELogMdnQQD-Q;type=place0;cat=place0;ord=1;num=6250784449971;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sy...

42 B
107 B

80ms
78ms

Image
image/gif

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=COrRoPKgwoIDFUELogMdnQQD-Q;type=place0;cat=place0;ord=1;num=6250784449971;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=COrRoPKgwoIDFUELogMdnQQD-Q;type=place0;cat=place0;ord=1;num=6250784449971;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10388130;dc_pre=CJnWoPKgwoIDFVgOogMdzDQO2w;type=newpl0;cat=place00;ord=1;num=9893362552603;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=10388130;type=newpl0;cat=place00;ord=1;num=9893362552603;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=...
https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CJnWoPKgwoIDFVgOogMdzDQO2w;type=newpl0;cat=place00;ord=1;num=9893362552603;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=s...

42 B
107 B

80ms
80ms

Image
image/gif

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CJnWoPKgwoIDFVgOogMdzDQO2w;type=newpl0;cat=place00;ord=1;num=9893362552603;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=10388130;dc_pre=CJnWoPKgwoIDFVgOogMdzDQO2w;type=newpl0;cat=place00;ord=1;num=9893362552603;gtm=45He3b81v79432195;gcs=G100;gcd=11p1p1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4132260.js Show response
js.hs-analytics.net/analytics/1699922400000/ 69 KB
22 KB 255ms
168ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1699922400000/4132260.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8884abd292611b4eff8d4b3956fb172fab6ab9a689666da5f8ba35c7d9eeaede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: DV3A0AP27P6KZKBH
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 70e08797-41d8-47bf-a761-19567fd6ebd3
x-envoy-upstream-service-time: 20
x-amz-id-2: TigmqbNwpsVvmcCMGXPmCh0cxlhYgkTn+6MuYxQDksEyqwow7sfEkGti0qFZpyQ86vPp3GukU/Q=
x-evy-trace-listener: listener_https
x-request-id: 70e08797-41d8-47bf-a761-19567fd6ebd3
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:00:51 GMT
server: cloudflare
etag: W/"40ee99cc6fd8fefdc0baac46b64519c9"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-htrdg
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 825b36693cf971d9-FRA
expires: Tue, 14 Nov 2023 00:47:05 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 308ms
224ms Script
application/javascript 2606:4700::6812:7c0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js&cfRay=825b36694cc29960-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df7c200fc1e8a1a0c9d50df4fbec7e86"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js
date: Tue, 14 Nov 2023 00:42:05 GMT
x-amz-version-id: RTyeMetKvg_dT1r75rKZucXAeC83sdPJ
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 8bb1d5b3-7bd6-493a-b25d-f9046b68613f
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 78
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8bb1d5b3-7bd6-493a-b25d-f9046b68613f
last-modified: Wed, 25 Oct 2023 14:35:17 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-pw49x
cf-ray: 825b36694cc29960-FRA
x-amz-cf-id: BapVoFDC5yDUC64uhdaSkW414CVtYmsNAzAD9z9FYF4hXA-5DOlAwA==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4132260/ 66 KB
20 KB 407ms
323ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4132260/banner.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 178c1d1c754ec10b62d76c220659a1d3699004047bbdf37c5c936fff4c3cdc5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
x-amz-version-id: RMFetWNKPiKusDy98TA2FF_4.QWBKZ13
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 8BB2HF2TDEXX8A3K
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 85055836-a99d-4248-b6d5-fc27410634f8
x-envoy-upstream-service-time: 98
x-amz-id-2: V9TFccfyqnYDuAP2I9POJTcqFN1JEk8cJeK9RHWUn525y73Hlp0bdwjVCOxalsfy+MFyEvkdhSM=
x-evy-trace-listener: listener_https
x-request-id: 85055836-a99d-4248-b6d5-fc27410634f8
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 16:16:47 GMT
server: cloudflare
etag: W/"958abdfef6a526eaea79c493740daaea"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.winstar.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-fc6l5
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 825b3669bdc61e5b-FRA
expires: Tue, 14 Nov 2023 00:47:05 GMT

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
979 B 565ms
483ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=4132260&callback=jsonpHandler

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5775b618-e263-471b-9848-19c15449e254
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=825b3669fb9f4d68&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 5775b618-e263-471b-9848-19c15449e254
server: cloudflare
x-trace: 2B3C4631C4C49811B3E6A368B70C48281897E2AD2F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-x7fjm
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 825b3669fb9f4d68-FRA

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 295949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18760
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 14:29:36 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 41ms
40ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1750702061&t=pageview&_s=1&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCgAiAABBAAAAAAAIk~&cid=764390710.1699922525&tid=UA-28262588-1&_gid=1010834120.1699922526&gtm=45He3b81n81TTP9H29v79432195&cd2=1699922525390.nc22sjb&cd3=2023-11-14T01%3A42%3A05.390%2B01%3A00&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&z=1797761433

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:52:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20970
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

80 B
472 B

134ms
48ms

XHR
application/json

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Tue, 14 Nov 2023 00:42:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD
access-control-allow-origin: https://newyearseve.winstar.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 727075671205102 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 110ms
108ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727075671205102?v=2.9.138&r=stable&domain=newyearseve.winstar.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

174d64fcda1d095834dc8fdd8c5774081eaee27a9e43d8287591709ee6a3a199

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Nov 2023 00:42:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: mJoUSxmkTKaAiXuYbIPOdov6VvAqDl3GoiLGiBDCLdutj05UTIOTEuJ92fdDjtiOvi12XoR5HLXUPdOUJ/vkhQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 120ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727075671205102&ev=PageView&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&rl=&if=false&ts=1699922525769&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699922525765.700966343&cs_est=true&ler=empty&it=1699922525630&coo=false&rqm=GET

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Nov 2023 00:42:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK validate Show response
pixelconnector.adready.com/ 297 B
653 B 436ms
333ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/validate?id=94820ea4-dcf0-4edb-8324-04ea01d34e0e

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c31908f05e8f95bbe4e2f1c7545336fe63e25a575144117af9c65853c301b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:06 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://newyearseve.winstar.com
Connection: keep-alive
CF-RAY: 825b366c09ce71a9-FRA

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 23:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3145
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 14 Nov 2023 01:49:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
47ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=11r1r1l1l5&rnd=26134984.1699922525&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&dma_cps=sypham&dma=1&gtm=45He3b81n81TTP9H29v79432195&auid=93...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=11r1r1l1l5&rnd=26134984.1699922525&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&dma_cps=sypham&dma=1&gtm=45He3b81n81TTP9H29v794...

42 B
285 B

49ms
49ms

Ping
image/gif

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=11r1r1l1l5&rnd=26134984.1699922525&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&dma_cps=sypham&dma=1&gtm=45He3b81n81TTP9H29v79432195&auid=931637524.1699922526

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=11r1r1l1l5&rnd=26134984.1699922525&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&dma_cps=sypham&dma=1&gtm=45He3b81n81TTP9H29v79432195&auid=931637524.1699922526
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;... Show response
6820846.fls.doubleclick.net/ Frame B9A7
Redirect Chain

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=...
https://6820846.fls.doubleclick.net/activityi;dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;...

514 B
647 B

56ms
55ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6820846.fls.doubleclick.net/activityi;dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

73e00c66ad8073c0ab5da9c876bc5408753f4140a3f5d38731474f04bb155eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Tue, 14 Nov 2023 00:42:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6820846.fls.doubleclick.net/activityi;dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1750702061&t=pageview&_s=1&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6DjACEABBAAAACAAIk~&jid=1561126592&gjid=679865854&cid=764390710.1699922525&tid=UA-28262588-1&_gid=1438027615.1699922526&_r=1&gtm=45He3b81n81TTP9H29v79432195&cd2=1699922525390.nc22sjb&cd3=2023-11-14T01%3A42%3A05.390%2B01%3A00&gcs=G111&gcd=11r1r1l1l5&dma_cps=sypham&dma=1&gcu=1&sst.gcut=2&z=1826802394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=... Show response
10388130.fls.doubleclick.net/ Frame 7D1F
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;d...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G1...

3 KB
1 KB

54ms
54ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

f62c9d9e4c9a28928d1d32744dcf0f63f5e1d018654446dc1a869a5962822793

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Tue, 14 Nov 2023 00:42:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/ 2 KB
2 KB 139ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/?random=1699922526050&cv=11&fst=1699922526050&bg=ffffff&guid=ON&async=1&gtm=45He3b81v79432195&gcd=11r1r1l1l5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&hn=www.googleadservices.com&frm=0&auid=931637524.1699922526&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f33fa5b1ee4baf6722e7c07e35b501ac6895bc4cf8637ab4954111c2a0bd3ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1215
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypha... Show response
10388130.fls.doubleclick.net/ Frame A08D
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sy...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;...

522 B
606 B

57ms
55ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e0f71b9e1bf7a09ec5a7e412a2b9863bd58273c36d3909b46ddc9457e0fa30be

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Tue, 14 Nov 2023 00:42:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=syph... Show response
10388130.fls.doubleclick.net/ Frame 575D
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=s...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195...

523 B
651 B

54ms
53ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ecd7934a12debe89bf34c365cffcf7208e5362cd8583df290e3e65637457d946

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 314
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Tue, 14 Nov 2023 00:42:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 00:42:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1LWDFVQ2YJ&gtm=45je3b81v876134144&_p=1699922524965&_gaz=1&gcs=G111&gcd=11r1r1l1l5&dma_cps=sypham&dma=1&gdid=dZTQ1Zm&cid=764390710.1699922525&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699922525&sct=1&seg=0&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&dt=&en=user_engagement&ep.ga_temp_client_id=764390710.1699922525&_et=776&tfd=1540
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 146ms
49ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1LWDFVQ2YJ&cid=764390710.1699922525&gtm=45je3b81v876134144&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11r1r1l1l5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 464 KB
117 KB 84ms
83ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99acc2a860827d724eb1deab7e7d15efb2397c1c5ee7db00be4e246f2291ff3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120005
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Nov 2023 00:42:06 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
180 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1LWDFVQ2YJ&cid=764390710.1699922525&gtm=45je3b81v876134144&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11r1r1l1l5&z=1078345035

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 135ms
48ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28262588-1&cid=764390710.1699922525&jid=1366289243&gjid=642723652&_gid=1438027615.1699922526&_u=aDhACEABBAAAACAAIk~&z=1960922375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 122ms
48ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28262588-1&cid=764390710.1699922525&jid=1561126592&gjid=679865854&_gid=1438027615.1699922526&_u=6DjACEABBAAAACAAIk~&z=415138266

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/991190777/ 42 B
108 B 50ms
49ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991190777/?random=1699922526050&cv=11&fst=1699920000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v79432195&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaNZHpq1ziRL2bkECSki10G5b3KHFFsTQ&random=30078442&rmt_tld=0&ipr=y

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/991190777/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/991190777/?random=1699922526050&cv=11&fst=1699920000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v79432195&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaNZHpq1ziRL2bkECSki10G5b3KHFFsTQ&random=30078442&rmt_tld=1&ipr=y

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;...
adservice.google.com/ddm/fls/z/ Frame B9A7 42 B
401 B 416ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 6820846.fls.doubleclick.net
URL: https://6820846.fls.doubleclick.net/activityi;dc_pre=COLjxvKgwoIDFZB24AodLYEIEw;src=6820846;type=winss0;cat=winst0;ord=937867701279;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6820846.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame 575D 42 B
107 B 400ms
78ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ_Vx_KgwoIDFSHbEQgdVtkAEw;src=10388130;type=newpl0;cat=place00;ord=1;num=6248936605771;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb...
adservice.google.com/ddm/fls/z/ Frame A08D 42 B
107 B 409ms
88ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CMLYx_KgwoIDFckw4AodJlMPxw;src=10388130;type=place0;cat=place0;ord=1;num=3372099685345;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bf18cdb0-0102-0139-376b-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 7D1F 0
448 B 364ms
45ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/bf18cdb0-0102-0139-376b-06abc14c0bc6
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
x-request-id: F5dWiAnzwBeDtoJ-AnEB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 7D1F 6 KB
6 KB 376ms
58ms Script
text/javascript 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506714&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x33 config_version:"3168" /
Resource Hash: d4c208655390cacd043650fe979fcbc3cdf3c393f8a4d36553e9940b3fad48ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:06 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x33 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6063
Expires: Tue, 14 Nov 2023 00:42:05 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 7D1F 6 KB
6 KB 375ms
57ms Script
text/javascript 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506713&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x10 config_version:"3168" /
Resource Hash: 98857b2cea21a557c84618c43a4baf71f831b48e87e541aa463109686412711a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:06 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x10 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6063
Expires: Tue, 14 Nov 2023 00:42:05 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 7D1F 6 KB
6 KB 376ms
59ms Script
text/javascript 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506712&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x10 config_version:"3168" /
Resource Hash: 1a351d83db462c5b74255e7e9fde4137c32f5a9746c1943f2b3252cd693368da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:06 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x10 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6063
Expires: Tue, 14 Nov 2023 00:42:05 GMT

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 7D1F
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
230 B

256ms
255ms

Script
text/html

2606:4700:4400::ac40:97ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Server: 2606:4700:4400::ac40:97ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 825b36742bee9bce-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Tue, 14 Nov 2023 00:42:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 825b3671aaba9bce-FRA
content-type: text/html; charset=iso-8859-1

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 7D1F
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
143 B

257ms
256ms

Script
text/html

2606:4700:4400::ac40:97ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Server: 2606:4700:4400::ac40:97ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 825b36741bed9bce-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Tue, 14 Nov 2023 00:42:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 825b3671aabb9bce-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam...
adservice.google.com/ddm/fls/z/ Frame 7D1F 42 B
107 B 394ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=*;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ Frame 7D1F 18 KB
7 KB 435ms
134ms Script
text/javascript 18.196.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.251.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-251-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d001605cc9c4147a9532e24395036a113aa689cd02cd0ebf394300ad09027ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 00:42:06 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

POST
H/1.1 200
OK update Show response
pixelconnector.adready.com/ 22 B
370 B 168ms
167ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/update?s=flip.js

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 14 Nov 2023 00:42:06 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://newyearseve.winstar.com
Connection: keep-alive
CF-RAY: 825b366e2b3971a9-FRA
Content-Length: 22

GET
H2 200 pixie
ib.adnxs.com/ 42 B
224 B 254ms
44ms Image
image/gif 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?pi=27b8aa9e-1972-418a-964d-ddf84b9f950e&e=PageView&script=0
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.21.3
x-proxy-origin: 80.255.7.103; 80.255.7.103; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 5C70 677 B
1 KB 56ms
56ms Document
text/html 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=9b626552-c25e-4600-b20a-7ce7fe18fee9&no_iframe=1&mt_adid=241907&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506714&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x16 config_version:"3168" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Tue, 14 Nov 2023 00:42:06 GMT
Expires: Tue, 14 Nov 2023 00:42:05 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x16 config_version:"3168"

GET
H2 204 insights.gif
ds.reson8.com/ Frame 7D1F 0
32 B 337ms
49ms Image
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=3150819873&evkey=101115462

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 825b3671ab792baa-FRA
vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 7D1F 0
494 B 61ms
60ms Image
image/gif 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x31 config_version:"3168" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:06 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x31 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 14 Nov 2023 00:42:05 GMT

GET
H2 204 insights.gif
ds.reson8.com/ Frame 7D1F 0
96 B 334ms
48ms Image
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=2955149119&evkey=101115460

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 825b3671ab772baa-FRA
vary: Accept-Encoding

GET
H2 204 insights.gif
ds.reson8.com/ Frame 7D1F 0
31 B 333ms
48ms Image
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=4392859732&evkey=101115460

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 825b3671ab782baa-FRA
vary: Accept-Encoding

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 7D1F 81 KB
31 KB 362ms
77ms Script
application/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPiSyPKgwoIDFZrXEQgdxPUEIA;src=10388130;type=pagev0;cat=homep0;ord=1375856339988;gcu=1;auiddc=931637524.1699922526;gtm=45He3b81v79432195;gcs=G111;gcd=11r1r1l1l5;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:06 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000a56da2566bc5e761-00646c8ee1-32957f68-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 5C70 0
494 B 54ms
53ms Image
image/gif 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=9b626552-c25e-4600-b20a-7ce7fe18fee9&no_iframe=1&mt_adid=241907&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x30 config_version:"3168" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=9b626552-c25e-4600-b20a-7ce7fe18fee9&no_iframe=1&mt_adid=241907&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:06 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x30 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 14 Nov 2023 00:42:05 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ Frame 7D1F 65 B
203 B 140ms
139ms Stylesheet
text/css 18.196.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.251.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-251-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3b4c20327426fe3262f4038dfc29a8d53b0d511e8f0a35481f9241b053ec9d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 00:42:06 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ Frame 7D1F 0
2 KB 213ms
131ms Fetch
image/jpeg 18.196.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.251.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-251-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 00:42:06 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ Frame 7D1F 94 B
296 B 132ms
132ms XHR
text/plain 18.196.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=ChdOtDwyeASK-MAAz1kfjg&is_js=true&landing_url=https%3A%2F%2Fnewyearseve.winstar.com%2F%3F&t=&tip=t5K6pLIZ1YgisuImGOYZ9sKsA_X0z1AmkfT461CAlcE&host=https%3A%2F%2F10388130.fls.doubleclick.net&sa_conv_data_css_value=%270-4bde3fcd-f090-5102-4df2-a444983ab04c%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd94bde3fcdf09051024df2a444983ab04c50ff0767&sa-user-id-v3=s%253AAQAKIDYQE_FASCQrRJEYNkCCwCE15UMLp_PboC2B09_uGENnEHwYBCDehMuqBjABOgRzygDyQgT-Oq59.VM1pcjv7oUkWrLzif6HuXXJ243gFDFx47LRJjfRjeTU&sa-user-id-v2=s%253AS94_zfCQUQJN8qREmDqwTFD_B2c.j05JT5%252B7UTCGxASM5K1PqNi3FyLn1ZQX44nVgPVywYs&sa-user-id=s%253A0-4bde3fcd-f090-5102-4df2-a444983ab04c.AkeLzEiVB%252BwoZaa1JBd93t9v2GcVikwPcFL4LOiImQ8
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.251.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-251-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://10388130.fls.doubleclick.net
date: Tue, 14 Nov 2023 00:42:07 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/ Frame 7D1F
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=539414874943&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=539414874943&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bd...

1 KB
2 KB

118ms
118ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=539414874943&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPiSyPKgwoIDFZrXEQgdxPUEIA%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D1375856339988%3Bgcu%3D1%3Bauiddc%3D931637524.1699922526%3Bgtm%3D45He3b81v79432195%3Bgcs%3DG111%3Bgcd%3D11r1r1l1l5%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8260cf216c303ce979cae8d17178d193b142bf0d4d2fea04e6b45db63650a268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1092
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=539414874943&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPiSyPKgwoIDFZrXEQgdxPUEIA%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D1375856339988%3Bgcu%3D1%3Bauiddc%3D931637524.1699922526%3Bgtm%3D45He3b81v79432195%3Bgcs%3DG111%3Bgcd%3D11r1r1l1l5%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame E26B 1 KB
1 KB 116ms
116ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1838194527&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPiSyPKgwoIDFZrXEQgdxPUEIA%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d1375856339988%3bgcu%3d1%3bauiddc%3d931637524.1699922526%3bgtm%3d45He3b81v79432195%3bgcs%3dG111%3bgcd%3d11r1r1l1l5%3bdma_cps%3dsypham%3bdma%3d1%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

079823780386ccdb94eb8fa136e17f3a45c013c2e790533cc1c3a8ba135bc11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 00:42:07 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 3DFD 5 KB
2 KB 134ms
40ms Document
text/html 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=539414874943&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPiSyPKgwoIDFZrXEQgdxPUEIA%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D1375856339988%3Bgcu%3D1%3Bauiddc%3D931637524.1699922526%3Bgtm%3D45He3b81v79432195%3Bgcs%3DG111%3Bgcd%3D11r1r1l1l5%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5c8732bb4a6977624808888c8ba6c74d003898a7dcc6a87ddef3a954183853f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 00:42:07 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ Frame 7D1F 35 B
466 B 249ms
40ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=2840974069206748743&stamp=zJgXSSkXkb0DvP-67D9Y4w2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame E26B 5 KB
6 KB 56ms
56ms Script
text/javascript 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506424&mt_adid=241848&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1838194527&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPiSyPKgwoIDFZrXEQgdxPUEIA%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d1375856339988%3bgcu%3d1%3bauiddc%3d931637524.1699922526%3bgtm%3d45He3b81v79432195%3bgcs%3dG111%3bgcd%3d11r1r1l1l5%3bdma_cps%3dsypham%3bdma%3d1%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x34 config_version:"3168" /
Resource Hash: 51faae410d08072d17fd8091228bb73aebbf0fb584cfdcc67779bef7881e0876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:07 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x34 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 5540
Expires: Tue, 14 Nov 2023 00:42:06 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3DFD 0
384 B 40ms
39ms Image
text/plain 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 3DFD 43 B
199 B 199ms
55ms Image
image/gif 54.75.89.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2840974069206748743&Expiration=1701132127
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.75.89.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-89-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 00:42:08 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 3DFD 0
235 B 161ms
51ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 00:42:08 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 13 Nov 2023 00:42:08 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3DFD 0
214 B 192ms
41ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3DFD
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2840974069206748743&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2840974069206748743&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=3665eb26f5c44e3ab...
https://c1.adform.net/serving/cookie/match?party=9&uid=2d7996b1e777733b98724e77ea0b4d77c2002fc9013a7df82027dd6777499cb1

35 B
591 B

40ms
40ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=2d7996b1e777733b98724e77ea0b4d77c2002fc9013a7df82027dd6777499cb1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=2d7996b1e777733b98724e77ea0b4d77c2002fc9013a7df82027dd6777499cb1
date: Tue, 14 Nov 2023 00:42:08 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3DFD 43 B
163 B 278ms
50ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2840974069206748743&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:07 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55944/ Frame 3DFD 0
125 B 159ms
42ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=2840974069206748743&_origin=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 3DFD 43 B
640 B 214ms
49ms Image
image/gif 2607:ae80:192:1::173
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 00:42:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1699922528068001-384

GET
H2 200 sync
x.bidswitch.net/ Frame 3DFD 43 B
146 B 146ms
44ms Image
image/gif 52.59.98.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.98.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-98-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3DFD
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2840974069206748743&expiration=1701132127
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2840974069206748743&expiration=1701132127&C=1

43 B
337 B

52ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2840974069206748743&expiration=1701132127&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wP%2BdSAczBthfVRg2FV694eu7u55cHe6qVE4T2eyLEJJCqu4BIDu4NmwtCJ9QMY5aeqBjf4d9zbbgVljpOPRufFpFfkMf9t8%2ByuMVPQjTV4E69cNeQsc8K%2B2aS8bgA%2FYbYufd5Suov0bCSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 825b36786e5abb38-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wtaLBG8wt2uohBKSl%2FhSicpTuJpGFB2B1qD%2BOMzsajXNrvCSuRiXGDkcy8KlY5ZIKwBp89vdI%2BTTBXRXNMd%2FtRz%2Fvy9PWLHjKs88HI1wKj2%2BxlHrSUsZMmDNZofC5mOZOBic%2BCUIcgMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=2840974069206748743&expiration=1701132127&C=1
cache-control: no-cache
cf-ray: 825b36780e47bb38-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 3DFD
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2840974069206748743&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2840974069206748743&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=2840974069206748743&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7301111663500916880&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=1564728983403777714&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Mzg1Njc5RjAzNDNDQzhBNQ&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBBUnJTJJqYo9-DP-guu9LI&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEBBUnJTJJqYo9-DP-guu9LI&sInitiator=internal&google_cver=1&gdpr=

0
415 B

48ms
47ms

Image
text/plain

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEBBUnJTJJqYo9-DP-guu9LI&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:13 GMT
uip-status: Ok
frontend-id: 16
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:13 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEBBUnJTJJqYo9-DP-guu9LI&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 3DFD 0
344 B 175ms
40ms Image
text/plain 3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2840974069206748743&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:08 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 3DFD
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2840974069206748743
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2840974069206748743&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
383 B

159ms
39ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 14 Nov 2023 00:42:08 GMT
x-age-lb: 45579
x-77-cache: HIT
x-accel-date: 1699876949
content-length: 43
x-77-nzt: AZySIYs3Nzf/C7IAAA
x-accel-expires: @1700901122
x-77-age: 45579
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf8787271b98b30060c252654e136e18
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Tue, 14 Nov 2023 00:42:08 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 3DFD 0
98 B 151ms
48ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2840974069206748743/gdpr=/ Frame 3DFD 49 B
265 B 182ms
55ms Image
image/gif 52.211.62.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2840974069206748743/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.62.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-62-59.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.74
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 3DFD 62 B
218 B 299ms
186ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 14 Nov 2023 00:42:08 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 3DFD 43 B
273 B 156ms
47ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 3DFD
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

205ms
68ms

Image
image/gif

52.92.18.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Server: 52.92.18.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:09 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: KT32YJWQP578CRR8
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: RM6ai20YnCi1FtuzP0wyhaRJ0+Q0MmvuVJWTWPVY723xkJQqu5Vjk7kI3YR+je3Pla3glFsuv+k=

Redirect headers

X-Error-Reason: Missing UserId
Date: Tue, 14 Nov 2023 00:42:07 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 3DFD
Redirect Chain

https://pixel.onaudience.com/?mapped=2840974069206748743&partner=68
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
149 B

170ms
56ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 3DFD
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2840974069206748743
https://tags.adsafety.net/v1/cm?cm_uid=CM1202311140058ee5522a7cdd18a601&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=08772581cd8c7eca231184a9182a6b7e
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202311140058ee5522a7cdd18a601&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=08772581cd8c7eca231184a9182a6b7e&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzExMTQwMDU4ZWU1NTIyYTdjZGQxOGE2MDE&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEKSbfTakf2ft2459qmyrMpQ&gdpr_consent=&gdpr=0&google_cver=1
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7301111663501637776
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7301111663501637776
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202311140058ee5522a7cdd18a601
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2840974069206748743

43 B
2 KB

45ms
45ms

Image
image/gif

89.163.240.121
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Server: 89.163.240.121 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm46.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 00:42:09 GMT
Last-Modified: Tue, 14 Nov 2023 00:42:09 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2840974069206748743
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3DFD 0
338 B 178ms
55ms Image
text/plain 54.228.208.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.208.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-208-22.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Tue, 14 Nov 2023 00:42:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1699922528
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 3DFD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Mjg0MDk3NDA2OTIwNjc0ODc0Mw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIzyjHDXbCgj2_iXX9t1334&google_cver=1&google_ula=1641347,0

35 B
591 B

40ms
40ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIzyjHDXbCgj2_iXX9t1334&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIzyjHDXbCgj2_iXX9t1334&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 3DFD
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=1564728983403777714&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=2840974069206748743

43 B
831 B

44ms
44ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=2840974069206748743

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
an-x-request-uuid: 4dfd08d2-76d9-4813-bbfd-514cb7c293d7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=2840974069206748743
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3DFD 0
384 B 62ms
60ms Image
text/plain 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3DFD 0
225 B 169ms
47ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 00:42:08 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 3DFD 43 B
443 B 158ms
41ms Image
image/gif 65.9.66.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-43.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 22:23:21 GMT
Via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 8327
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: 2zpSZ1FhZOu1ELBZGRVSYd5fi0uMrUncmcijuiQFaqQ2gyLr_9lrhA==

GET
H/1.1

200

p
a.audrte.com/ Frame 3DFD
Redirect Chain

https://a.audrte.com/a?adform_uid=2840974069206748743
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MGMwUkRLTVRha2dRMGlsV0piRDFQdlB3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

56ms
56ms

Image
image/png

34.246.239.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Server: 34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:08 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 14 Nov 2023 00:42:08 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3DFD
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2840974069206748743&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2840974069206748743&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=84282161832140005302067492909060343826&noredirect=1

35 B
600 B

41ms
40ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=84282161832140005302067492909060343826&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-1-v054-0a36f617d.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: yLPU3ML1SiE=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=84282161832140005302067492909060343826&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 3DFD
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2840974069206748743
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216663104700000051596

35 B
600 B

40ms
40ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216663104700000051596

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216663104700000051596
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 3DFD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7301111663501637776

35 B
600 B

48ms
40ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7301111663501637776

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7301111663501637776
Date: Tue, 14 Nov 2023 00:42:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 3DFD 62 B
429 B 185ms
184ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 14 Nov 2023 00:42:08 GMT
content-length: 62
content-type: image/gif

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame 3DFD 43 B
418 B 54ms
54ms Image
image/gif 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x29 config_version:"3168" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:08 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x29 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 14 Nov 2023 00:42:07 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3DFD
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=lcbbiNEh1R2Hvi5

35 B
591 B

43ms
43ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=lcbbiNEh1R2Hvi5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 00:42:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-051642093d6c37fb5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=lcbbiNEh1R2Hvi5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3DFD 70 B
148 B 56ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET image.sbmx
global.ib-ibi.com/ Frame 3DFD 0
0

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 3DFD 43 B
921 B 130ms
41ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=2840974069206748743

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 14 Nov 2023 00:42:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 3DFD
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2716704338
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=p8OaGb.ZmFAMHWzc0SgelO

35 B
591 B

40ms
40ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=p8OaGb.ZmFAMHWzc0SgelO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
via: 1.1 google
last-modified: Tue, 14 Nov 2023 00:42:08 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=p8OaGb.ZmFAMHWzc0SgelO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3DFD 23 B
163 B 217ms
65ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Tue, 14 Nov 2023 00:42:08 GMT
pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame 3DFD 0
236 B 163ms
53ms Image
text/plain 2600:9000:211e:e600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
cache-control: no-cache, must-revalidate
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: u3du4h9ajHWWSjS-izSu1c3pnUFmVaEOAhed0f1_oRWHGACiecXrcQ==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3DFD
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=2840974069206748743&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=2840974069206748743&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=8a0732fe-310b-4615-b3f0-3bbcd65bfb7e

35 B
591 B

40ms
40ms

Image
image/gif

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=8a0732fe-310b-4615-b3f0-3bbcd65bfb7e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Tue, 14 Nov 2023 00:42:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=8a0732fe-310b-4615-b3f0-3bbcd65bfb7e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 2840974069206748743
match.contentexchange.me/adform/ Frame 3DFD 0
49 B 155ms
48ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2840974069206748743?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 3DFD 37 B
140 B 125ms
41ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=2840974069206748743&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET 296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame 3DFD 0
0

GET
H2 204 put
e1.emxdgt.com/ Frame 3DFD 0
44 B 144ms
39ms Image
text/plain 3.126.190.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=2840974069206748743
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.190.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-190-82.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:08 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3DFD 0
384 B 60ms
59ms Image
text/plain 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2840974069206748743&agencyId=6276&advertiserId=2081352&src=tp&rnd=348038
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 00:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 3F78 677 B
1 KB 66ms
64ms Document
text/html 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=723f6552-c25e-4100-8875-6f9f6559a4a3&no_iframe=1&mt_adid=241848&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506424&mt_adid=241848&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x15 config_version:"3168" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Tue, 14 Nov 2023 00:42:07 GMT
Expires: Tue, 14 Nov 2023 00:42:06 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x15 config_version:"3168"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame E26B 0
494 B 64ms
62ms Image
image/gif 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1838194527&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCPiSyPKgwoIDFZrXEQgdxPUEIA%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d1375856339988%3bgcu%3d1%3bauiddc%3d931637524.1699922526%3bgtm%3d45He3b81v79432195%3bgcs%3dG111%3bgcd%3d11r1r1l1l5%3bdma_cps%3dsypham%3bdma%3d1%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x25 config_version:"3168" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:07 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x25 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 14 Nov 2023 00:42:06 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 3F78 0
494 B 53ms
53ms Image
image/gif 104.119.108.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=723f6552-c25e-4100-8875-6f9f6559a4a3&no_iframe=1&mt_adid=241848&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.119.108.243 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-119-108-243.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master cdg cdg-pixel-x30 config_version:"3168" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=723f6552-c25e-4100-8875-6f9f6559a4a3&no_iframe=1&mt_adid=241848&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 00:42:08 GMT
Server: MT3 1075 283b7e3 master cdg cdg-pixel-x30 config_version:"3168"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 14 Nov 2023 00:42:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2840974069206748743

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=2840974069206748743

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newyearseve.winstar.com/	1970-01-20 16:12:04	Name: __cf_bm Value: ChdB7yjJI6VL59fPoI_LEbZgrUH7l1juUr_MKABxOzc-1699922524-0-AViBdqPrHYjnIEOWo1exvpdSqsn7/ByzsPoRpisLXPhLsWcVwWIRekm0zlUSjmhOcer5NAZ83217oQyMhAgjCX4=
.newyearseve.winstar.com/	1969-12-31 23:59:59	Name: __cfruid Value: 86c46126d0b4dca0c6f1d2487d8a3c5795217d9e-1699922524
.winstar.com/	1970-01-21 00:57:38	Name: calltrk_referrer Value: direct
.winstar.com/	1970-01-21 00:57:38	Name: calltrk_landing Value: https%3A//newyearseve.winstar.com/
.winstar.com/	1970-01-20 18:21:38	Name: _fbp Value: fb.1.1699922525765.700966343
newyearseve.winstar.com/	1969-12-31 23:59:59	Name: ga_events Value: %5B%7B%22clientId%22%3A%22764390710.1699922525%22%2C%22trackingId%22%3A%22UA-28262588-1%22%2C%22name%22%3A%22gtm11%22%7D%5D
newyearseve.winstar.com/	1969-12-31 23:59:59	Name: ga_dl Value: %5B%7B%22clientId%22%3A%22764390710.1699922525%22%2C%22measurementId%22%3A%22G-1LWDFVQ2YJ%22%7D%5D
newyearseve.winstar.com/	1969-12-31 23:59:59	Name: ga_gtm Value: %5B%7B%22clientId%22%3A%22764390710.1699922525%22%2C%22measurementId%22%3A%22G-1LWDFVQ2YJ%22%7D%5D
.winstar.com/	1970-01-21 01:48:02	Name: _ga Value: GA1.2.764390710.1699922525
.winstar.com/	1970-01-20 16:13:28	Name: _gid Value: GA1.2.1438027615.1699922526
.winstar.com/	1970-01-20 16:12:02	Name: _gat Value: 1
.winstar.com/	1970-01-20 18:21:38	Name: _gcl_au Value: 1.1.931637524.1699922526
.winstar.com/	1970-01-20 16:12:02	Name: _gat_UA-28262588-1 Value: 1
.winstar.com/	1970-01-21 01:48:02	Name: _ga_1LWDFVQ2YJ Value: GS1.1.1699922525.1.0.1699922526.60.0.0
.winstar.com/	1970-01-21 01:48:02	Name: _ga_M62JR698ND Value: GS1.1.1699922525.1.0.1699922526.0.0.0
.hubspot.com/	1970-01-20 16:12:04	Name: __cf_bm Value: iJQ1tLYuU4jiEeGtpz6BcHOilsHeSIsiUc3q2y3LM2I-1699922526-0-ATSx/AKRY/MgNHGUS0bfLaRN1X7NpHLZ0Ee/K2KSnjwwF3hzvCAcYUolGvNioFZNW7IgTZQC6Nm+45uNwsVEx0U=
.doubleclick.net/	1970-01-21 01:33:38	Name: IDE Value: AHWqTUnvFtYHYwdhTeOmRN67tVHB0KiK1XSCrZDchoTtk7RmeBcpZiqvL9nKr-tvk-0
.simpli.fi/	1970-01-21 00:59:04	Name: suid Value: AE48629BAB6C4508803DD99DD609740E
.mathtag.com/	1970-01-21 01:37:57	Name: uuid Value: 723f6552-c25e-4100-8875-6f9f6559a4a3
.mathtag.com/	1970-01-20 16:55:14	Name: mt_misc Value: mt_bt:1
tags.srv.stackadapt.com/	1970-01-21 00:57:38	Name: sa-user-id Value: s%3A0-4bde3fcd-f090-5102-4df2-a444983ab04c.AkeLzEiVB%2BwoZaa1JBd93t9v2GcVikwPcFL4LOiImQ8
.srv.stackadapt.com/	1970-01-21 00:57:38	Name: sa-user-id Value: s%3A0-4bde3fcd-f090-5102-4df2-a444983ab04c.AkeLzEiVB%2BwoZaa1JBd93t9v2GcVikwPcFL4LOiImQ8
tags.srv.stackadapt.com/	1970-01-21 00:57:38	Name: sa-user-id-v2 Value: s%3AS94_zfCQUQJN8qREmDqwTFD_B2c.j05JT5%2B7UTCGxASM5K1PqNi3FyLn1ZQX44nVgPVywYs
.srv.stackadapt.com/	1970-01-21 00:57:38	Name: sa-user-id-v2 Value: s%3AS94_zfCQUQJN8qREmDqwTFD_B2c.j05JT5%2B7UTCGxASM5K1PqNi3FyLn1ZQX44nVgPVywYs
tags.srv.stackadapt.com/	1970-01-21 00:57:38	Name: sa-user-id-v3 Value: s%3AAQAKIDYQE_FASCQrRJEYNkCCwCE15UMLp_PboC2B09_uGENnEHwYBCDehMuqBjABOgRzygDyQgT-Oq59.VM1pcjv7oUkWrLzif6HuXXJ243gFDFx47LRJjfRjeTU
.srv.stackadapt.com/	1970-01-21 00:57:38	Name: sa-user-id-v3 Value: s%3AAQAKIDYQE_FASCQrRJEYNkCCwCE15UMLp_PboC2B09_uGENnEHwYBCDehMuqBjABOgRzygDyQgT-Oq59.VM1pcjv7oUkWrLzif6HuXXJ243gFDFx47LRJjfRjeTU
.adform.net/	1970-01-20 16:55:14	Name: C Value: 1
.adform.net/	1970-01-20 17:38:26	Name: uid Value: 2840974069206748743
.adform.net/	1970-01-20 16:13:28	Name: CM Value: 1\|1
.adform.net/	1970-01-20 16:32:12	Name: CM14 Value: 1700008927_1699922527_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 17:38:26	Name: uid Value: 2840974069206748743
.adscale.de/	1970-01-21 00:54:18	Name: uu Value: 3665eb26f5c44e3ab2b6805279d948f6
.adscale.de/	1970-01-21 00:54:18	Name: cct Value: 1699922528009
.casalemedia.com/	1970-01-21 00:57:38	Name: CMID Value: ZVLCYIHIdijprE5uJIg4.AAA
.casalemedia.com/	1970-01-20 18:21:38	Name: CMPS Value: 1145
.casalemedia.com/	1970-01-20 18:21:38	Name: CMPRO Value: 1145
.semasio.net/	1970-01-21 00:57:38	Name: SEUNCY Value: 385679F0343CC8A5
.ih.adscale.de/	1970-01-21 00:54:18	Name: tu Value: 4#3337417487#42~2840974069206748743~472200~0~0
.ads.stickyadstv.com/	1970-01-20 17:38:26	Name: uid-bp-617 Value: 2840974069206748743
.ads.stickyadstv.com/	1970-01-20 16:55:14	Name: UID Value: 432f40e11da14c63b9cc9e19eb4eeea0
.eyeota.net/	1970-01-20 16:12:03	Name: SERVERID Value: 20563~DM
.exelator.com/	1970-01-20 19:04:50	Name: EE Value: "e99a7d551c3bca9707605d3ed838e69a"
.exelator.com/	1970-01-20 19:04:50	Name: ud Value: "eJxrXxzq6XKLQSHV0jLRPMXU1DDZOCk50dLcwNzMwDTFODXFwtgi1cwycXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6IhfXxUUpaQyLSopPBR99ugQAqv4q%252Bg%253D%253D"
.onaudience.com/	1970-01-21 00:57:38	Name: cookie Value: f38724ad41d5cb02
.onaudience.com/	1970-01-20 16:13:28	Name: done_redirects147 Value: 1
.adnxs.com/	1970-01-20 18:21:38	Name: uuid2 Value: 1564728983403777714
cm.adsafety.net/	1970-01-21 00:57:38	Name: UID Value: CM1202311140058ee5522a7cdd18a601
.adsafety.net/	1970-01-21 00:57:38	Name: cm_uid Value: CM1202311140058ee5522a7cdd18a601
.krxd.net/	1970-01-20 20:31:14	Name: _kuid_ Value: P6hXXgJQ
.adnxs.com/	1970-01-20 18:21:38	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E>rJ7xZ<!@wnfH8K4YRH[@9=E'B(e8)lZe8)YJfQC%Xe8>@NATzOlpzHS7%nugO%v4VB%nn=Y(D?I?
tags.adsafety.net/	1970-01-21 00:57:38	Name: UID Value: 08772581cd8c7eca231184a9182a6b7e
tags.adsafety.net/	1970-01-21 00:57:38	Name: DID Value: 08772581cd8c7eca231184a9182a6b7e
tags.adsafety.net/	1970-01-21 00:57:38	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 00:57:38	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 16:55:14	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 00:57:38	Name: ct_uid Value: 08772581cd8c7eca231184a9182a6b7e
.adsafety.net/	1970-01-21 00:57:38	Name: ct_did Value: 08772581cd8c7eca231184a9182a6b7e
.adsafety.net/	1970-01-21 00:57:38	Name: ct_idt Value: 100
.adfarm1.adition.com/	1970-01-20 18:21:38	Name: UserID1 Value: 7301111663501637776
cm.adsafety.net/	1970-01-21 00:57:38	Name: permanent Value: 1
.demdex.net/	1970-01-20 20:31:14	Name: demdex Value: 84282161832140005302067492909060343826
.agkn.com/	1970-01-21 00:57:38	Name: ab Value: 0001%3ApxO3sXuERpgifwgxzWdF%2FjeM6o2f5B1B
.bluekai.com/	1970-01-20 20:34:07	Name: bku Value: aG/99seYDZUVXj9Q
.bluekai.com/	1970-01-20 20:34:07	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwE/TBe98BpxyBMA01eRlBeQlBe1e9JtdYW/=
.audrte.com/	1970-01-20 16:33:38	Name: arcki2 Value: 0c0RDKMTakgQ0ilWJbD1PvPwQ!20220908!1699922528588!ip#80.255.7.103
.audrte.com/	1970-01-20 16:33:38	Name: arcki2_adform Value: 2840974069206748743!20220908!1699922528588
.dpm.demdex.net/	1970-01-20 20:31:14	Name: dpm Value: 84282161832140005302067492909060343826
ads.smartstream.tv/	1970-01-21 00:57:38	Name: DID Value: 08772581cd8c7eca231184a9182a6b7e
ads.smartstream.tv/	1970-01-21 00:57:38	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 00:57:38	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 16:55:14	Name: cm_uid Value: CM1202311140058ee5522a7cdd18a601
.w55c.net/	1970-01-21 01:42:16	Name: wfivefivec Value: lcbbiNEh1R2Hvi5
.w55c.net/	1970-01-20 16:55:14	Name: matchadform Value: 5
.weborama.fr/	1970-01-21 01:37:57	Name: AFFICHE_W Value: DignkTnBYTcO47
.audrte.com/	1970-01-20 16:33:38	Name: arcki2_ddp2 Value: 0c0RDKMTakgQ0ilWJbD1PvPwQ!20220908!1699922528695
.tapad.com/	1970-01-20 17:38:26	Name: TapAd_TS Value: 1699922528793
.tapad.com/	1970-01-20 17:38:26	Name: TapAd_DID Value: 8a0732fe-310b-4615-b3f0-3bbcd65bfb7e
.tapad.com/	1970-01-20 17:38:26	Name: TapAd_3WAY_SYNCS Value:
cm.adsafety.net/	1970-01-21 00:57:38	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaN0FWUkY3SFJkSWFKRnkzVStFRm1QQzFURXdyM1RpK0hQY2wrRThHQWV0UmJ3cTFNVFN2cDdNQUk4dE41ZmhrL3ZVSEF3MHZ4UEpoSzAyNmJTaDJxRVdTUHcva1FmVUVNNmdZZGNqdHUwbkRSWllSdEFEa05mN1hsZXVLZ01HeVJCVWdmeXN3Y0pkNVhUWlFGekdoR2haYlNVOEtVeUN1V2NoYXdOSmVUTStvZm5md0U3dGFwaDIxVnhlaWd3UkxPNWtOUUNHZnFmVkhaTy9PRFF1ai9XZGxycW1zdmFuQVhvKzdFVXlFdlBwcEJhUEZxWGhKWHYvekNuQXZCUlFnUUgxZldiT1B0a2ZWTnhiTW80T0xXcU9WV1dwR0FoRW5ua1QvTlNJUlpSUW5OR1R4UnV2YllQbk5BZWpCQkdsTWJnSmppaHhpNHRsZHZBcEtVQzhRY3RUM092M0FmNU1kdVBncU5ZWDN1THZnbXAvTzdZU2ZrdzZDWEZERWJZQkNHb0lTbERqS3V6VWd5NXhueXVtRGxxeVBoaVlmR0JiVE1XeDF5YlhJZG9hUmVNSXp1M3Z6TjRLQ3dZZVR2Kys3Nk5zbmdKU05ubEZoSy9xS2JoUVlaTTBXS3F2OU5rMGZFYWYxUlZPVHgyQjdBb2pFdlBVZzJFZXNOVzUxb3ZveWJNT3lyS0lUTVVtUEZCelkzNTJZY21Uc2puL2d2UExOWDdvd2c1K1BFQk96OHNGaHlxU1hnQVpIOTZEM2Z2Qmt0b054YjhNbVd3ZHpzVHVQSlZVaTZ4Mkx1Tm9kdzJucXE4eU50NDNQdlZTZlI5WVNNWnh1ZVdEOFYvVEZ2Z1E2ODVSY0NhdHhBMWRndzJ0alplSGViN09GOFB5VWVrUmlYRElDVzJqRURBYXdSOERsdTA1UE43SlhGNXVNU0ZMOERJaFFqZEY5MG9oSnMzdGJTTzQ5SG9mY3F6ZGw2RktuaE1NY2hneHBNNDRvMUNyMmRpdTJiQnEvenUxTFRqR0tmUkRpUnYvWDZ5dWExcktsYVZaTUdZV3NHNE4vMjdURmNUcGxMdEMxdDdSTERtUjI3UWRGcGNFdStKZ2J2c0JIOFE9PQ%3D%3D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newyearseve.winstar.com/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2840974069206748743 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2840974069206748743/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2840974069206748743 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10388130.fls.doubleclick.net
6820846.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
action.dstillery.com
action.media6degrees.com
ad.360yield.com
ad.yieldlab.net
ade.googlesyndication.com
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
api.adrtx.net
app.hubspot.com
beacon.krxd.net
c1.adform.net
cdn.callrail.com
cdn.calltrk.com
cdn2.hubspot.net
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
dmp.adform.net
dpm.demdex.net
ds.reson8.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
newyearseve.winstar.com
pagead2.googlesyndication.com
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pixelconnector.adready.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
static.hsappstatic.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
tag.simpli.fi
tags.adsafety.net
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tracker.adreadyclick.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
global.ib-ibi.com
sync.e-volution.ai
104.119.108.243
104.18.36.155
104.18.5.236
104.18.9.110
13.248.245.213
139.162.147.24
141.94.171.212
142.250.184.198
142.250.186.162
162.19.138.117
172.217.18.2
18.196.251.91
18.198.126.47
18.245.60.121
18.245.60.48
184.30.17.243
185.167.164.49
185.64.191.210
185.86.139.106
185.89.210.122
2.16.97.41
2.23.197.190
2001:4860:4802:32::36
216.58.206.34
2600:9000:211e:e600:1b:5138:8a40:93a1
2606:2c40::c73c:671f
2606:4700:20::681a:91e
2606:4700:4400::ac40:97ee
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:70d1
2606:4700::6810:bd59
2606:4700::6812:4ffd
2606:4700::6812:7c0c
2606:4700::6813:9b53
2607:ae80:192:1::173
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:6ea0:c700::18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.126.190.82
3.127.178.105
3.71.149.231
34.111.113.62
34.246.239.231
34.255.135.5
34.98.64.218
35.156.144.148
35.158.38.152
35.190.24.218
35.234.162.151
35.244.174.68
37.157.2.249
37.157.5.132
37.157.6.243
46.19.11.36
52.211.62.59
52.223.40.198
52.57.124.150
52.59.98.46
52.92.18.16
54.195.166.231
54.228.208.22
54.75.89.96
65.9.66.43
69.173.144.165
77.243.51.122
80.85.85.173
85.114.159.93
89.163.240.121
91.210.226.73
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
079823780386ccdb94eb8fa136e17f3a45c013c2e790533cc1c3a8ba135bc11e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c90dffaa0f249869c9d88706df1539e60bfa12ed2749f4ece718f417acc356d
0cffef7e9bd43b63fd99014a053a6bc856ab6b8b6f53ae4e0831df562d8bd8d7
0e3fb5b38a0738a68fe363f835acd6291a6da3227077d22c72dd4f401a364763
16b2bd1012e3f875671efff1ac63034c8895ed0157ef22b4c0d8bc8cde314efa
174d64fcda1d095834dc8fdd8c5774081eaee27a9e43d8287591709ee6a3a199
178c1d1c754ec10b62d76c220659a1d3699004047bbdf37c5c936fff4c3cdc5b
18c2a14f4df0b94031373a3cb9be23d936f61a276c0b3b123cceadf506f66e31
1a351d83db462c5b74255e7e9fde4137c32f5a9746c1943f2b3252cd693368da
1ad53f8852f9d05834e2baf4d6af337666c668230cd94026519273642efb662b
1e7cdc65100f33d14f35d64a6a57237f7bbc49a6eb0dfb1c95984642d1e2b8a9
23d8306bd4ee9c279fe3fde6fa7492d96bbfcea6885ab14585b23bbdaf4dec10
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
34d4be36c17e8e93b4aeebc9641afe9bb677cb06f157e33e20c08e485c4a13c8
3b4c20327426fe3262f4038dfc29a8d53b0d511e8f0a35481f9241b053ec9d7f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3
4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba688650b4ecfebfd260cfff27e2f7f490e1b0ab9ffb4c9edfac5a9388789b7
4c31908f05e8f95bbe4e2f1c7545336fe63e25a575144117af9c65853c301b57
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1eac27fd8bf7459ab665e1eb41ee050ff82c4888dca4c9b9549fec91190458
51faae410d08072d17fd8091228bb73aebbf0fb584cfdcc67779bef7881e0876
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f
5c8732bb4a6977624808888c8ba6c74d003898a7dcc6a87ddef3a954183853f3
63f8715eda59cc7899e6baab3931be3a3e2cb6d0a0eba6c134334c2f9cb506ee
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713ce084fce83a934d54c9d52d5775e457f414e3f6c6ed00c4bbe2892abddb5d
718d472477201493d1be31e5b01e10998272aa0cd6b98191e043ccbc1787b037
73e00c66ad8073c0ab5da9c876bc5408753f4140a3f5d38731474f04bb155eaa
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7c37e3627758ae8eee1bc7eae847d199e83c32ae218d84ad29c7bdd336b1a866
8260cf216c303ce979cae8d17178d193b142bf0d4d2fea04e6b45db63650a268
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8884abd292611b4eff8d4b3956fb172fab6ab9a689666da5f8ba35c7d9eeaede
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa47cfb176e0b8f1e4ac5ca452888fb45222a802e555a3368460b70c3b8d065
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8dc781ef4d0b5bdd66aaf381627a9af48dbb71d7ba1d67074b5f4cd2ea83c7bc
98857b2cea21a557c84618c43a4baf71f831b48e87e541aa463109686412711a
99acc2a860827d724eb1deab7e7d15efb2397c1c5ee7db00be4e246f2291ff3f
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9b946925340916f3b31488e5364761910fbfbeea44f71d6478987ba1858f6cca
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6bbb4c2632625af6166ce6afeb938f4ea69dec1d6d9dcda8d365aa441193077
a77ac5046e50ea0b5ed78297e38f0f4fa6ac2e4427e8407cd3dbb92abfcfa76e
aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb
ab72de84e47f83aa15b2cb87a294b84b063b095cf0e2f506f7e31dfd4a3b5bbd
ab8a2d1550f03c4243fca644a5edbe0a99a1bca8154c09c3476d734ab4c9496d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b622bee1109736d0daccea46195fb72dc39651d33b5055d88b37c6f1babb3d5e
b625d7f90267bf87f28bba332c9248edcca180d0c67b950bafde32ae9bf7cd2b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd0f0b8677a48c5ac19f9a1f29136005e52cce9b9354aaf2a5940bb19c07bcd6
bf6c5a41e84fdb09a39c5e8b6b2266226978cd99f686d28f5095494fb688f6e1
c1a7e22aaff8ae13a0e2998dec60d2b1e5195f35269db59f4a9bb7c78a02fd5b
c4f475146a0fcff8471ca0cae826dcd90da49b3deed8066db05e4fcc28e726b2
c67be5c64cb2ea58e769dbdf3b2fa46c6c1490828fe2a128622b721fd9f43acc
ce985f900e99d5767a359e6fe93df21a186f81c838ccc6f7fe30b87fe83e0165
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d001605cc9c4147a9532e24395036a113aa689cd02cd0ebf394300ad09027ca1
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d4c208655390cacd043650fe979fcbc3cdf3c393f8a4d36553e9940b3fad48ee
d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e07c77f883e496ad8d4e9f0ed2c5dab298fbc33492fcba889a8b17303d9bdd1b
e0f71b9e1bf7a09ec5a7e412a2b9863bd58273c36d3909b46ddc9457e0fa30be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d957237d81e87709bfd818c28ece38bcc35f71c16ed0b70c4eace4d755cc28
ecd7934a12debe89bf34c365cffcf7208e5362cd8583df290e3e65637457d946
ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33fa5b1ee4baf6722e7c07e35b501ac6895bc4cf8637ab4954111c2a0bd3ca2
f62c9d9e4c9a28928d1d32744dcf0f63f5e1d018654446dc1a869a5962822793
f65479d8ac42143923455e63c356ab2702ab5732eca99bf8dafce3e687599426
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fce0755677e0c97a66300b8346a0882e8a01df4f54147a6ef6e494cff162796a
fcf824312f02027d0465d66db66e2a162385246064153e2b63a439233feafccd
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

newyearseve.winstar.com Open in urlscan Pro 2606:2c40::c73c:671f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

83 %HTTPS

32 %IPv6

71 Domains

87 Subdomains

65 IPs

10 Countries

1137 kBTransfer

3220 kBSize

79 Cookies

91 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newyearseve.winstar.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

83 %
HTTPS

32 %
IPv6

71
Domains

87
Subdomains

65
IPs

10
Countries

1137 kB
Transfer

3220 kB
Size

79
Cookies

158 HTTP transactions
1 data transactions