newyearseve.winstar.com Open in urlscan Pro
2606:2c40::c73c:67e1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newyearseve.winstar.com/
Submission Tags: phishingrod
Submission: On July 19 via api (July 19th 2023, 10:18:02 am UTC) from DE — Scanned from DE

Summary HTTP 148 Redirects Links 91 Behaviour Indicators

Summary

This website contacted 64 IPs in 11 countries across 71 domains to perform 148 HTTP transactions. The main IP is 2606:2c40::c73c:67e1, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is newyearseve.winstar.com.
TLS certificate: Issued by GTS CA 1P5 on July 18th 2023. Valid for: 3 months.

This is the only time newyearseve.winstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
10	2606:4700::68... 2606:4700::6812:ccc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:806e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	108.156.60.27 108.156.60.27	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:873b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.60.123 108.156.60.123	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:81e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	34.90.79.92 34.90.79.92	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 11	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2606:4700::68... 2606:4700::6812:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.80.24.65 54.80.24.65	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.5.236 104.18.5.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	104.18.9.110 104.18.9.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1 3	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2 15	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1 2	3.251.15.90 3.251.15.90	16509 (AMAZON-02) (AMAZON-02)
1	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.125.25.39 3.125.25.39	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2.19.126.157 2.19.126.157	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	18.195.76.244 18.195.76.244	16509 (AMAZON-02) (AMAZON-02)
2 2	52.86.229.195 52.86.229.195	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:cd9b:e73a:8f3e:7955	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6 7	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 4	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	99.80.77.237 99.80.77.237	16509 (AMAZON-02) (AMAZON-02)
2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.215.57.219 52.215.57.219	16509 (AMAZON-02) (AMAZON-02)
1	52.218.89.179 52.218.89.179	16509 (AMAZON-02) (AMAZON-02)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 5	193.135.9.135 193.135.9.135	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	139.162.141.41 139.162.141.41	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	91.210.226.72 91.210.226.72	48314 (IP-PROJECTS) (IP-PROJECTS)
1	34.252.7.215 34.252.7.215	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.47 65.9.66.47	16509 (AMAZON-02) (AMAZON-02)
1	54.145.25.36 54.145.25.36	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.34.168.218 63.34.168.218	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.220.167 18.194.220.167	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.138.150 3.125.138.150	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:25e... 2600:9000:25e8:4400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
148	64

28 2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

newyearseve.winstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:ccc9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:806e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

6820846.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10388130.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-27.ams1.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-123.ams1.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:81e (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.adreadyclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.79.92 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.101.148.198 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:17ea (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.80.24.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-24-65.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.5.236 (None, )

ASN13335 (CLOUDFLARENET, US)

pixelconnector.adready.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.9.110 (None, )

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.251.15.90 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-15-90.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.25.39 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-25-39.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.157 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-157.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.76.244 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-76-244.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.229.195 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-229-195.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:cd9b:e73a:8f3e:7955 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 77.243.51.122 (Denmark) 6 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.77.237 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-77-237.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.57.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-57-219.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.89.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.135.9.135 (Germany) 4 redirects

ASN48314 (IP-PROJECTS, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.72 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.7.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-7-215.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-47.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.25.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-25-36.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.168.218 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-168-218.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.220.167 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-220-167.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.138.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-138-150.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Littleton, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:4400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	winstar.com newyearseve.winstar.com	160 KB
19	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 7340 a2.adform.net — Cisco Umbrella Rank: 9627 c1.adform.net — Cisco Umbrella Rank: 601 dmp.adform.net — Cisco Umbrella Rank: 8063	45 KB
16	doubleclick.net 8 redirects 6820846.fls.doubleclick.net — Cisco Umbrella Rank: 830524 10388130.fls.doubleclick.net — Cisco Umbrella Rank: 824132 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	8 KB
11	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1729	30 KB
10	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 7883	249 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1267 se.semasio.net — Cisco Umbrella Rank: 23613	4 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 19512 tags.adsafety.net — Cisco Umbrella Rank: 83423	10 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2609 www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 117	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 447	3 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3072	9 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56 region1.google-analytics.com — Cisco Umbrella Rank: 1771	21 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 413	831 B
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1631 load77.exelator.com — Cisco Umbrella Rank: 3825	2 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 622 i6.liadm.com — Cisco Umbrella Rank: 2091	2 KB
3	reson8.com ds.reson8.com — Cisco Umbrella Rank: 3672	159 B
3	google.de www.google.de — Cisco Umbrella Rank: 5665	806 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 507	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13617	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 910	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 210	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	529 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3286	972 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 658	647 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 868	484 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1589	928 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 346	861 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2855	693 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 626 pixel.rubiconproject.com — Cisco Umbrella Rank: 382	453 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 651	853 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	adready.com pixelconnector.adready.com — Cisco Umbrella Rank: 52606	948 B
2	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 8919	373 B
2	dstillery.com 2 redirects action.dstillery.com — Cisco Umbrella Rank: 7405	360 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	155 KB
2	gstatic.com www.gstatic.com	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	201 KB
1	sojern.com pixel.sojern.com — Cisco Umbrella Rank: 6449	162 B
1	e-volution.ai 1 redirects sync.e-volution.ai — Cisco Umbrella Rank: 2908	464 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 405	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 31407	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 789	239 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1328	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 426	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 2117	72 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 525	490 B
1	audrte.com a.audrte.com — Cisco Umbrella Rank: 2519
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 26983	443 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 740	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 616	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 28735	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 32873	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2676	273 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1114	344 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 554	637 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 321	125 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615	114 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4165	400 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 27322	467 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4247	783 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 158	417 B
1	adreadyclick.com tracker.adreadyclick.com — Cisco Umbrella Rank: 51577	5 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 7752	558 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2352	1 KB
1	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 19316	11 KB
1	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5076	978 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4150	86 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2103	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2094	22 KB
0	1dmp.io Failed sync.1dmp.io Failed
148	71

	Domain	Requested by
28	newyearseve.winstar.com	newyearseve.winstar.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
11	pixel.mathtag.com	1 redirects 10388130.fls.doubleclick.net pixel.mathtag.com a2.adform.net
10	cdn2.hubspot.net	newyearseve.winstar.com
6	10388130.fls.doubleclick.net	3 redirects www.googletagmanager.com
5	cm.adsafety.net	4 redirects c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	se.semasio.net	3 redirects c1.adform.net
4	tags.srv.stackadapt.com	10388130.fls.doubleclick.net tags.srv.stackadapt.com
4	adservice.google.com	10388130.fls.doubleclick.net 6820846.fls.doubleclick.net
3	dmp.adform.net	c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	a2.adform.net	1 redirects 10388130.fls.doubleclick.net s2.adform.net
3	ds.reson8.com	10388130.fls.doubleclick.net
3	www.google.de	newyearseve.winstar.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	pixel.onaudience.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	i.liadm.com	2 redirects
2	x.bidswitch.net	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	www.facebook.com	newyearseve.winstar.com
2	pixelconnector.adready.com	tracker.adreadyclick.com
2	action.media6degrees.com	10388130.fls.doubleclick.net
2	action.dstillery.com	2 redirects
2	connect.facebook.net	newyearseve.winstar.com connect.facebook.net
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	6820846.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	newyearseve.winstar.com www.googletagmanager.com
1	pixel.sojern.com	c1.adform.net
1	pixel.rubiconproject.com	c1.adform.net
1	sync.e-volution.ai	1 redirects
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	a.audrte.com	c1.adform.net
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	i6.liadm.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	10388130.fls.doubleclick.net
1	s2.adform.net	10388130.fls.doubleclick.net
1	tag.simpli.fi	10388130.fls.doubleclick.net
1	www.googleadservices.com	1 redirects
1	www.google.com	newyearseve.winstar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tracker.adreadyclick.com	www.googletagmanager.com
1	cdn.callrail.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.calltrk.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	app.hubspot.com	newyearseve.winstar.com
1	js.hsleadflows.net	newyearseve.winstar.com
1	js.hs-banner.com	newyearseve.winstar.com
1	js.hs-analytics.net	newyearseve.winstar.com
0	sync.1dmp.io Failed	c1.adform.net
148	87

This site contains links to these domains. Also see Links.

Domain
www.winstar.com
register.winstarworldcasino.com
adagaming.com
artesianhotel.com
www.myblackgoldcasino.com
mybordercasino.com
www.chickasawtravelstop.com
chisholmtrailcasino.com
mygoldmountaincasino.com
goldsbycasino.com
jetstreamcasino.com
madillgaming.com
newcastlecasino.com
theriverstarcasino.com
www.riverwind.com
www.saltcreekcasino.com
mytexomacasino.com
treasurevalleycasino.com
washitacasino.com
www.facebook.com
twitter.com
www.snapchat.com
www.youtube.com
www.instagram.com
www.winstarworldcasino.com
goo.gl
www.winstarvillage.com
www.ncpgambling.org

Subject Issuer	Validity	Valid
newyearseve.winstar.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-27` - `2023-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.audrte.com Amazon RSA 2048 M01	`2023-02-08` - `2024-03-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M02	`2023-02-27` - `2023-09-20`	7 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://newyearseve.winstar.com/
Frame ID: 921CD49D8044C3047E360D7438CA74BB
Requests: 70 HTTP requests in this frame

Frame: https://6820846.fls.doubleclick.net/activityi;dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: DCB27CEBC338DC80FC7C7BE337E3BFB5
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 23717A6FBF17993A7B33E20A671E02CA
Requests: 19 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 68456716881E6D72E372FED36D4361C4
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F
Frame ID: 110285897C0C51C56D4D3F795E767D67
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ec64b7-b855-4700-a2af-4f8f1586e4a1&no_iframe=1&mt_adid=241907&source=mathtag
Frame ID: 5FBB42FC56FF2CD14B6AA387AAACAEDA
Requests: 2 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1794048593&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCJyTyMPFmoADFVXimgodAEEI1g%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d3573495263822%3bauiddc%3d834471921.1689761877%3bgtm%3d45He37h0%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Frame ID: 2CF56304D06C6C0CE879370533437722
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Frame ID: 6AB905389F5659E2990D2D8B283F4F00
Requests: 47 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=20dc64b7-b855-4900-8a1e-2f7f52fc540f&no_iframe=1&mt_adid=241848&source=mathtag
Frame ID: 05DDDA6BF95515F80005A75890CBD65B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

winstar

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

148
Requests

83 %
HTTPS

29 %
IPv6

71
Domains

87
Subdomains

64
IPs

11
Countries

1129 kB
Transfer

3478 kB
Size

95
Cookies

91 Outgoing links

These are links going to different origins than the main page.

URL: https://www.winstar.com/
Title: .st0{fill:#FFFFFF;} .st1{fill:#C7B24E;} winstar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-login/
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/winstar-world-casino-hotel/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-venues/
Title: Casino Venues

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/
Title: Casino Games

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/category/electronic-games/
Title: Game Finder

Search URL Search Domain Scan URL

URL: https://www.winstar.com/promotions/category/gaming/
Title: Gaming Promotions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/
Title: Stay

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/the-inn-at-winstar/
Title: The Inn at WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/stay/accomodations/fun-town-rv-park-at-winstar/
Title: Fun Town RV Park at WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/events/?tribe_paged=1&tribe_event_display=list&tribe-bar-entertainment-venue-field=1436
Title: Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/entertainment/nightlife/
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.winstar.com/reopening-entertainment/
Title: COVID-19 Updates

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/
Title: Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/fine-dining/
Title: Fine Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/casual-dining/
Title: Casual Dining

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/cafes-and-quick-bites/
Title: Cafés & Quick Bites

Search URL Search Domain Scan URL

URL: https://www.winstar.com/dining/bars-and-lounges/
Title: Bars & Lounges

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/
Title: Amenities

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/wellness-and-spa/
Title: Wellness & Spa

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/pools-and-cabanas/
Title: Pools & Cabanas

Search URL Search Domain Scan URL

URL: https://www.winstar.com/amenities/shopping/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/
Title: Meet

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/conventions-and-corporate-events/
Title: Conventions & Corporate Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/wedding-events/
Title: Weddings

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/social-events/
Title: Social Events

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/catering/
Title: Catering

Search URL Search Domain Scan URL

URL: https://www.winstar.com/meet/meeting-planners/
Title: Meeting Planners

Search URL Search Domain Scan URL

URL: https://www.winstar.com/request-for-proposal/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/my-winstar/
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/club-passport/
Title: Club Passport

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/tiered-card-program/
Title: Tiered Card Program

Search URL Search Domain Scan URL

URL: https://www.winstar.com/rewards/
Title: Rewards

Search URL Search Domain Scan URL

URL: https://www.winstar.com/promotions/list/
Title: Promotions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map
Title: Casino Map

Search URL Search Domain Scan URL

URL: https://www.winstar.com/gaming/casino-games/list/
Title: Game Finder

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-login
Title: My WinStar

Search URL Search Domain Scan URL

URL: https://register.winstarworldcasino.com/cgi-bin/lansaweb?PROCFUN+RN+RESNET+WSH+funcparms+UP(A2560):;RAINHTL;;1;2;0;;;;;;;;;;;;;;;?/&__hstc=40036989.a06af176329ce66fbf0cc468a172dc25.1539750112894.1539764056360.1539766601550.4&__hssc=40036989.1.1539766601550&__hsfp=2320959684
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/gift-cards/
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/shuttle-service/
Title: Shuttle Service

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/casino-and-hotel-valet/
Title: Hotel Valet

Search URL Search Domain Scan URL

URL: https://www.winstar.com/tax-document-requests/
Title: Tax Document Requests

Search URL Search Domain Scan URL

URL: https://adagaming.com/

Search URL Search Domain Scan URL

URL: https://artesianhotel.com/

Search URL Search Domain Scan URL

URL: https://www.myblackgoldcasino.com/

Search URL Search Domain Scan URL

URL: https://mybordercasino.com/

Search URL Search Domain Scan URL

URL: https://www.chickasawtravelstop.com/

Search URL Search Domain Scan URL

URL: https://chisholmtrailcasino.com/

Search URL Search Domain Scan URL

URL: https://mygoldmountaincasino.com/

Search URL Search Domain Scan URL

URL: https://goldsbycasino.com/

Search URL Search Domain Scan URL

URL: https://jetstreamcasino.com/

Search URL Search Domain Scan URL

URL: https://madillgaming.com/

Search URL Search Domain Scan URL

URL: https://newcastlecasino.com/

Search URL Search Domain Scan URL

URL: http://theriverstarcasino.com/

Search URL Search Domain Scan URL

URL: https://www.riverwind.com/

Search URL Search Domain Scan URL

URL: https://www.saltcreekcasino.com/

Search URL Search Domain Scan URL

URL: https://mytexomacasino.com/

Search URL Search Domain Scan URL

URL: https://treasurevalleycasino.com/

Search URL Search Domain Scan URL

URL: https://washitacasino.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WinStarWorldCasino

Search URL Search Domain Scan URL

URL: https://twitter.com/winstarworld

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/winstarworld

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Winstarcasino

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winstar_world/

Search URL Search Domain Scan URL

URL: https://www.winstarworldcasino.com/feed/rss?__hstc=40036989.a06af176329ce66fbf0cc468a172dc25.1539750112894.1539750112894.1539750112894.1&__hssc=40036989.2.1539750112895&__hsfp=2320959684

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/cw2ApAsm6pD2

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/directions/
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/frequently-asked-questions/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/stewardship/
Title: Corporate Stewardship

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/news-and-media-hub/
Title: News and Media

Search URL Search Domain Scan URL

URL: https://www.winstarvillage.com/
Title: Central Park at WinStar Village

Search URL Search Domain Scan URL

URL: https://www.winstar.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/house-rules/
Title: House Rules

Search URL Search Domain Scan URL

URL: https://www.winstar.com/footer/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ncpgambling.org/
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-beijing#component_0
Title: Beijing

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-cairo#component_0
Title: Cairo

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-london#component_0
Title: London

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-madrid#component_0
Title: Madrid

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-newyork#component_0
Title: New York

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-paris#component_0
Title: Paris

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-rio#component_0
Title: RIO

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-rome#component_0
Title: Rome

Search URL Search Domain Scan URL

URL: https://www.winstar.com/casino-map/?location=venue-vienna#component_0
Title: Vienna

Search URL Search Domain Scan URL

URL: https://www.winstar.com/my-winstar/my-winstar-register/
Title: Join Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://6820846.fls.doubleclick.net/activityi;dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 45

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 48

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 49

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Request Chain 67

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Request Chain 75

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 76

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 92

https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=2385772756&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJyTyMPFmoADFVXimgodAEEI1g%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D3573495263822%3Bauiddc%3D834471921.1689761877%3Bgtm%3D45He37h0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=2385772756&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJyTyMPFmoADFVXimgodAEEI1g%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D3573495263822%3Bauiddc%3D834471921.1689761877%3Bgtm%3D45He37h0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 100

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1316003751944374088&Expiration=1690971478 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1316003751944374088&Expiration=1690971478

Request Chain 103

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1316003751944374088&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1316003751944374088&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=c345595df6e7436fb31f033a177b236f HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=5f1ef06e9fdc51d6f4ab107726783cfec6b9341bb1993ee98606fded692b0005

Request Chain 107

https://x.bidswitch.net/sync?dsp_id=70&user_id=1316003751944374088 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=1316003751944374088 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3 HTTP 303
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3&_li_chk=true&previous_uuid=1be520c5eec746fb9acadb2159013bdb HTTP 303
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3

Request Chain 108

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1316003751944374088&expiration=1690971478 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1316003751944374088&expiration=1690971478&C=1

Request Chain 109

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1316003751944374088&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1316003751944374088&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=1316003751944374088&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7257472008337881229&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NUZDRDgyQTcxNjMzMzFCQQ&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPhE8T1lNnCOqix-otCkFd8&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPhE8T1lNnCOqix-otCkFd8&sInitiator=internal&google_cver=1&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=3138814902911477935&sInitiator=internal&gdpr=

Request Chain 111

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1316003751944374088 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1316003751944374088&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 112

https://idsync.rlcdn.com/398366.gif?partner_uid=1316003751944374088 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMTMxNjAwMzc1MTk0NDM3NDA4OBAAGg0I1vDepQYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5oKqPIgm2G0ApKbyBChCE&google_cver=1

Request Chain 116

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 117

https://pixel.onaudience.com/?mapped=1316003751944374088&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=35fc9ef4d0ec6059/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 118

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1316003751944374088 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12023071910af494482f6425a0281c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2661833c5693165486eb081c4866da96 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023071910af494482f6425a0281c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2661833c5693165486eb081c4866da96&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA3MTkxMGFmNDk0NDgyZjY0MjVhMDI4MWM&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEMyUZvxmQ4Dm4tfV_V66c5Y&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023071910af494482f6425a0281c HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1316003751944374088

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTMxNjAwMzc1MTk0NDM3NDA4OA HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdSNeRtU2U89uHXc1qSzV8&google_cver=1&google_ula=1641347,0

Request Chain 121

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3138814902911477935&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=1316003751944374088

Request Chain 126

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1316003751944374088&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1316003751944374088&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=42489570991076350853961105073688963027&noredirect=1

Request Chain 127

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1316003751944374088 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216603104582001819388

Request Chain 128

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7257472008337881229

Request Chain 130

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=20dc64b7-b855-4900-8a1e-2f7f52fc540f

Request Chain 131

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=cOO2fvxw1Qm4fR5

Request Chain 135

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=113793142 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=C2bLaYWre9AiYJDwfLxN5u

Request Chain 139

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1316003751944374088&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1316003751944374088&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=c1a57c2c-c5e3-44ac-a7ff-573d0e2e5d21

Request Chain 142

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=1316003751944374088 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

148 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
newyearseve.winstar.com/ 81 KB
14 KB 590ms
269ms Document
text/html 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

141119699dcc0d53ba8befd796167fb59b2472a6bf7cbce4e3482904d7b5b496

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=5,max-age=5
cf-cache-status: HIT
cf-ray: 7e9237ad4d251c09-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Wed, 19 Jul 2023 10:17:56 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBIeWYk0lvGDshxwVfhZR%2FenYr4CJw2r0BY72jrRrfx9dHAV8iJ77KW5XkWk5C5o%2FsQhU52xS76wWlFgwcX6JPrIm5xo3HMrShxzG9WgQBBOUcRi14hOHQnVHXNp9wSUkOR59JyPhbczicq5bNLNS8VRVv%2Br"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 168
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-10-19-td/envoy-proxy-6fc989fd7b-czssj
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hs-prerendered: Thu, 30 Mar 2023 14:55:58 GMT
x-hs-reason: No view mapper found to handle request
x-hubspot-correlation-id: abc4610f-67c0-4a1a-9479-d8b1a6369de3
x-hubspot-notfound: true
x-request-id: abc4610f-67c0-4a1a-9479-d8b1a6369de3
x-trace: 2BC099E51326CAAC4C329D26ABC94AAE1FE5A36A3F000000000000000000

GET
H2 200 jquery-1.7.1.js Show response
newyearseve.winstar.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 67ms
65ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 15920938
x-amz-cf-pop: FRA56-P2
x-amz-version-id: null
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6IS%2BRbuNxejqNXcN0EvyWuFqF3v4GqO27tpkBHLCtmJyZ%2BQ1XGVQEoPW7JDGQ%2Bq%2FqVSZOHpCzfuM02Wk%2F1N0OmSjfY3j%2FCJBU98lq%2B97Tbq6UPxTKog9JQUvHzk9leqkxiyMlPAISIJFEGxRnnrBo74CAiU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7e9237af18021c09-FRA
x-amz-cf-id: Op4bOuiN9rNrDPkreMNbBQFoZGO-EcpnIl-ziirAysQHecCv5Ga9Hg==
expires: Thu, 18 Jul 2024 10:17:56 GMT

GET
H2 200 module_-2712622_Site_search_input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1680183340798/ 2 KB
2 KB 144ms
63ms Stylesheet
text/css 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1680183340798/module_-2712622_Site_search_input.min.css
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0f0b8677a48c5ac19f9a1f29136005e52cce9b9354aaf2a5940bb19c07bcd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f1162827-e220-4c02-9c1a-e7584b291fe7
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 178
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f1162827-e220-4c02-9c1a-e7584b291fe7
last-modified: Thu, 30 Mar 2023 13:35:41 GMT
server: cloudflare
etag: W/"fb150085015c3b7390e78a4b003d937f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680183340798
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi8WrdKfeibk8ybEZOKdUdfFl4yHy%2FZR%2BXIbDhtCOfDA3ajg0N7yqZpqIUC83pOTxixmSsJFOC9kRtvu8I2rRND36Z8%2BLXtewpHgepPOFquaitulYK2AZdfhWmQKuWieYoishpJv%2BbrfjGqZ2r8%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-65zd4
cf-ray: 7e9237af9c01901e-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1680183176417/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 154ms
74ms Stylesheet
text/css 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1680183176417/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 631b15ed-e54d-49d8-9e0f-6982a09037bb
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 155
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 631b15ed-e54d-49d8-9e0f-6982a09037bb
last-modified: Thu, 30 Mar 2023 13:32:58 GMT
server: cloudflare
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680183177474
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vts%2B0gfwuv1hctg6A5ieKAhgA017P%2BskGi%2FXqNnpNqOlaa9dO8g8TXTxCiI9oopwBG4d%2FDESp9857Gh9AfNcam%2BnnGbPOcLHj4366RbKcV48TT0Aquvfz0gaEiyqdVmiCVJO6qs6wRSAVDVBEN0%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-hml5r
cf-ray: 7e9237af9c06901e-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 Winstar_October2018-style.min.css
newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/ 99 KB
33 KB 344ms
343ms Stylesheet
text/css 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf6c5a41e84fdb09a39c5e8b6b2266226978cd99f686d28f5095494fb688f6e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 1CAMYQAZVB7QHJQH
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"6a22354699c92af4aae64519e0dd5339"
vary: origin, Accept-Encoding
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: lotVFteWLvja1fI7OAa..tg_V5RNI3n.
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: dcc46e45-f91f-43ba-b85b-5d74c24198ce
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 173
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +t7cea3v4DoWStXJOnS3rcmCa/6ETWvpK1fnO+Iy9npZw0Seb17mgqHjlJpSPDv+h/33vQE4Nu4=
x-request-id: dcc46e45-f91f-43ba-b85b-5d74c24198ce
x-evy-trace-route-configuration: listener_https/all
last-modified: Sun, 29 Sep 2019 08:27:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EN3IK%2BRDb0NlSVJt6iiju3fZyTO4exmJ0lDdvpR8ifYdSC2y6oOMa4VKR78cyUqOyop2ODP1H4J5LoVHcR8Kd05gZL8MY1OWoMjqRA1h4HT6TshpUg0wiEEJk8FiB%2FjD%2BCbHVrujFXV5sJEY5DNlJ%2FTht86c"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-ph7zk
access-control-allow-credentials: false
cf-ray: 7e9237af18041c09-FRA
x-amz-cf-id: IOxkiyrEXzpvCgrjrfeyWl8SwuRi6N--dQZK69gyhRBKc67_UG5dxw==

GET
H3 200 logo-adagamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 116ms
112ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-adagamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f6e62851ce3a8e5e2a2847a89a5f414678a76b6d02fd730b6f1fce4603e2fe7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
age: 44996
x-amz-request-id: 1CAST4BH81SJN4AC
edge-cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-adagamingcenter.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "e22039bf0d4a2641d613b070518ee3d6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: w4Epn5EdO1osahCKJA4dHK0UlyF7MmXZ
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2896
x-cache: Miss from cloudfront
cache-tag: F-6327676594,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1954
x-amz-id-2: ETl2Y5kawuYTfk0MLindwNNzDrSeS1wyMsKckcYVlSqmzn0rNVxJN9vsG5FWI7IU3lpu6tRIEP4=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5TO7gY0bqn8wj02NVqsq8eJX3A8f4Irl6N%2BeXJBjJAcZaSN90LeJ59Qg3gv00Klhdmx9ftK08D%2BBxIL67D55NGBlw3K3pRNDU5tyjFKwzABvXUS1qDR5YELIOQNwjLhvmv4GqxYHEkRfwITc1OytYIOjeye"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a3a9bb0-FRA
x-amz-cf-id: mWmXO0psu7AG-DHY_6Lc_CBN_IKKsCu3c6sMXwAu-BBTj8Y410MGwQ==

GET
H3 200 logo-theartesianhotel.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
2 KB 117ms
113ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-theartesianhotel.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07c77f883e496ad8d4e9f0ed2c5dab298fbc33492fcba889a8b17303d9bdd1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HRPTX4TXEG6WFT
edge-cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-theartesianhotel.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "ac6fef022d36f101d8faaf0cfee74b9f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KlxawU7no2N7BjIdGuhln1BuElXkdEvu
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2108
x-cache: Miss from cloudfront
cache-tag: F-6328149844,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1368
x-amz-id-2: vP7IJGj8e8Dgcwh1fsU9eTAvspi4vMU2j8ktjzFlT1at5pPfu1MelfjBChlm8WK9CCd/NsTwMmU=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YUuGTCBVLWUMxPx0cMSQQW6yS6aB2cF%2F3UG%2Bvj58dqKzCnUfEWMrmgIbHFXIBAfjg6AHgPjZge0KctZmPrDhebOOIS%2FQY9ym3zs6PhCN8hFmIeD0FJ5iDZAL8touecloY1Bl%2FoiUw6NdC41JzBUxyITnwfp"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a3c9bb0-FRA
x-amz-cf-id: ZZ88HimPqIodgC4R9ZS0cDAqj0geIPrmWu93VPqjEATSkaMmZQEr6w==

GET
H3 200 logo-blackgoldcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
3 KB 141ms
137ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-blackgoldcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

267ae9fc7e94327589406ef7e78f538ab69cfb01447664041d5b81400dcfee66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: 0PVPYFZD4N4W7QXE
edge-cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-blackgoldcasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "51f3509b33848c60bc239ff4662d81e6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: rVKDhABvg6Lwu8SbeolUdie4EpnTXTAZ
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2405
x-cache: RefreshHit from cloudfront
cache-tag: F-6328149835,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1530
x-amz-id-2: gf+RJ34X7GJH84cneK0rM+NmXMBUaMZpMCmnT7WSfLYgPj+oe8SIzqtNSCh9X+uRLZSaMvnPG9U=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLMa9260yXIgo4NftGPv6uNM3L0B9JPxYKBcu%2F8qoAHUytiyfPfzZlELi33%2BKSTwgKbg3mU%2BZnlelfGob9gHYbd%2FG8CdfMEN9y5uTZ%2FbOGmrP2IcKqlenU%2F9lNtjeGc0gw%2BFkddgzwCT%2FlQ%2FvYUAqA0dN%2FMm"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a3d9bb0-FRA
x-amz-cf-id: LaVT2fEA19EC0JPC7j45Qlp6GqZgWmZVzob1qOUfGYti_6-8KBJNHA==

GET
H3 200 logo-bordercasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
3 KB 87ms
83ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-bordercasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f8715eda59cc7899e6baab3931be3a3e2cb6d0a0eba6c134334c2f9cb506ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
age: 44996
x-amz-request-id: 5690GMG2XRSPQM2T
edge-cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-bordercasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "6587c770abbbbd62cd043ec19ad480ca"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _eiKaC1gRExRTkXTNA9SokLMmKH4djLJ
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2169
x-cache: RefreshHit from cloudfront
cache-tag: F-6328149830,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1390
x-amz-id-2: LOwbIfp7xFLlZH4gwCLA8rZg3aPBZgOJkS8qzAYkH9c9mCtBbBPk7su+b7KUiqddD3VTLJhBppg=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcNAm1eu0Ssxp3hGxTKcVA3pPWxHIUuggoCBOix15TtR%2BKVKCn7pFib5Ct3LNHz9%2BBZCYF16SqngFosr1KcA%2FI1w5kB6sir%2BqpGngXcRWHIMr%2B%2F8WLjCedeYTA3XlkZghTXCDmpSkUPh7gtrOncZ8vTbhvYF"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a3e9bb0-FRA
x-amz-cf-id: Zt46UP3Fgmst4OEqO5je6LNKCjB6Hrz_5X26VknWOKQBLTE_kWZdsg==

GET
H3 200 logo-chickasawtravelstop.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
2 KB 89ms
86ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-chickasawtravelstop.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a4c89a85569636f96d06697848153b19e560acf5d6778b8c39f2885c5ed9c78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
age: 44996
x-amz-request-id: 1CAXJF9S8W7QCGKD
edge-cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-chickasawtravelstop.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "d4007843b126b6e9e036594094e6c178"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: JsgX7w5FSU6VVxL0H4J_4oZ4lOJyB2GN
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=1662
x-cache: Miss from cloudfront
cache-tag: F-6328149859,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1070
x-amz-id-2: GmoebDtbiEZZMBW0LOuDghyASgmLApPyjzpsGgBUz5cALL4jJKEbrm0ZKZxTAkMVhG4Nj8ENv/s=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVLZfXsWbU6UJxnAUBj%2B1DOikLYGFdyEugjv8PnvnOtQZqgHpMqlbL0a76LI4urgKtQMJgIt9FM1502MbuYBUVF3ejkUEn6Yhu05Yzn97GVCFpw1I8xIh4TGJpLl0m5HbYGw6HUHOZ4bRQpHAUKtXRf0Ctrh"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a409bb0-FRA
x-amz-cf-id: Gq9bdFmlUKJbAEtCXf8GAFRULQNnHO3veWtuYyfyPjiXPWbKnTGMrQ==

GET
H3 200 logo-chisholmtrailcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
2 KB 141ms
137ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-chisholmtrailcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a5424d8ffd810913a198e928a9bcee85b7a2c4773eb7c721115e5990162534

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
age: 131263
x-amz-request-id: N9HY0KJJA5MQYAW1
edge-cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-chisholmtrailcasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "d73835f618bc71964c415845fc4d56a9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 7d935e83126b0b85ded112b940f9c85c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: B5DpOmvch11mXzVseVtlHeywgq_dQ1MS
x-amz-cf-pop: CDG52-P1
cf-polished: origFmt=png, origSize=1932
x-cache: RefreshHit from cloudfront
cache-tag: F-6328149834,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1264
x-amz-id-2: czB6Wj9AcxW6/G1yW5fH3lawNzzXAs//nSG3m5m0n/DAEXS2ZuPyo7DUBgOF3cbmTBVRJHu9gyA=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Net75DRC69fC1QFJogndeNeBYCm24qQV2XlAyD3Idy7Jep0Fcsb7cRw5KuLBRUZiJX4WrGC2MIHKR5X72%2F9d%2B4%2BaF%2FwsH3X8JVtPBiKrezfzFpz4vNBQRcrEMXCbK3sw0uBJihptW0DQOIefyjeymNxyq26"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a429bb0-FRA
x-amz-cf-id: KHdUJkGmwBeP02SBUXzkwdMQ7SCnpAuPcMoLGRNN8elISjRX4fPntg==

GET
H3 200 logo-goldmountaincasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 141ms
138ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-goldmountaincasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa2e00b6ff233ede203cc567b04f237d4bd5b57528e64ba54ec8b46db3252e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: 220C5TZ3M3WH38D0
edge-cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-goldmountaincasino.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "be35363e74b66134bcb87d78422b3bb9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 28zAG1hhxPcP8rzF0G4jN82VbImzwYH.
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=3288
x-cache: RefreshHit from cloudfront
cache-tag: F-6328149841,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 2176
x-amz-id-2: 8TOkL/7TRZ1wcMjMbxcScdPcRTIHDfaGzIvYL4UlnD2LoiAYDkHVe470/UFXAAzYSpu9i4uIazw=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asC2073KmvRa5Os5zfiMkB9PXU%2FG26S64WzEDTmyffLkar3xih1XNzXf%2B%2B1VllniMPqayl205FdH%2BIFyc9vMEU2cKrYGAt4N0IXhesc57e56pZfUikjeswM2bsFai7iTQ5WVbQ42C%2FFGNLBsB23R4%2Fp8vO%2Fj"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a439bb0-FRA
x-amz-cf-id: U_9uh3Zx0ZHyEi20u6_IkofKo3H5KvBKm1yWCrQEuDoyXkLbItz3xA==

GET
H3 200 logo-goldsbygamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
4 KB 84ms
81ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-goldsbygamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2084c1509e67082f10d7d74ed3d239fa9885a62dc04adda0d43a57cb7610fc6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HN5K9TBHP8AFSG
edge-cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-goldsbygamingcenter.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "45151587e78178e0716a98a0478884f1"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: s6xG2gLf4vDchAz.TAHdotjAWYcN78ao
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=3815
x-cache: Miss from cloudfront
cache-tag: F-6328149843,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-amz-id-2: nQl6QCmA0ho/xHj4dErR5AA5xL6fut7IADCjqUtPpLyHcEUvBF6dB2M8Td9ORjvEk5+nus+FVN4=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdYyHEqBWS7U%2BLF%2F0X6haYrkIXI2R23ij8mRHS5ndX60MOGQQOixw6bt6Hgm238KXxQf1NcFVJdDEXk9G%2F8pVsj5DUo2gvZYXOyQa9bB74%2Fh%2BZQjgYGlNstuaTCtmVO%2FHOlAXLJizeGaQDEMhiT1gCCH7qIW"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a479bb0-FRA
x-amz-cf-id: M-L9bjlJJXboMBpzUK7oBDDHKz5GJG0TF79uhp-9DNlvvMrsMiQmjQ==

GET
H3 200 logo-jetstreamcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
3 KB 117ms
114ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-jetstreamcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

86517db5b8e43cf3ecd4ecf0b0e50d7743effb3e477c0fa9c99fe06dfa08fd12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HYS2RVP7ARRBF5
edge-cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-jetstreamcasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "82e962c1b7cd0f32296913945e92880c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yV2pbA74yXQbqlUtAtPT1uobzeOtLEqR
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2195
x-cache: Miss from cloudfront
cache-tag: F-6328149860,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1418
x-amz-id-2: g0OfOLmGaTIUGgIiithn+zKOuQf7d92QOMS4jzC0SynzmomaQANLDabEDqUYquecMaZhgOxjSsg=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3C8rEt8%2Bznj5mUlLWeSaEQ05afCTY9CLA5XxI2SeAJ5ZEmXwwuhwDnxpsUygULQe7wnQBZZqo5tK70TSizOV7qFT2kuM%2F8PsiwZMysApm%2B2%2BNsgd61kW8SdibTf2B6tkbgmUPc9ORPT7csZ%2BmPLYJFQznJHL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a499bb0-FRA
x-amz-cf-id: qq5XzvkMl75CzGjtBxBc7z0p72i59X4HMjUtn9_K9WearYZ0snmgwQ==

GET
H3 200 logo-madillgamingcenter.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
4 KB 142ms
139ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-madillgamingcenter.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd71e5c5c98fa323cd7a369df37870ebc0a6ff6d2720c47c04e41a7017e57373

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: 220CPR7DWJZTHZHS
edge-cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-madillgamingcenter.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "ba61e591f21334bf66104547fd683e7d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Xox5HCzdcxcUtCmMf2Gwm3rSb20a2zbY
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=3752
x-cache: RefreshHit from cloudfront
cache-tag: F-6328149831,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 2526
x-amz-id-2: Yj4pqLrVWns574qY1bngkM6urUx6MBW7Rki3pgRaTkr21NdD+oR3Vgw+FjMfukG3PkylBAhQ2Tk=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=122h31nmI9mULJv3z%2BrYWiGRH%2FPQ0huqXsXYRtkzEF5nJVVZ%2B%2BLr6iL8Cw721nfsc3nofPK51q%2BZHwP%2BFlN52%2Fb4Bq2kjzKH%2FhLUwOPFZFAGOW02Dp4EsZtORH3f4p%2Bf7VcaLXPNmaMjUh5irjIjLE5Cfs%2FL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a4a9bb0-FRA
x-amz-cf-id: 0LS-piKBCMbb8uetECUzrdv0vprwZVSk7irrFIax00EEHjyaJLgPGQ==

GET
H3 200 logo-newcastlecasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
3 KB 90ms
87ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-newcastlecasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3ab1dcfb21eb45b42de0bdc61434d0b5d7094ef46a742176e5dbc1571a5a62a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: M3XJAGC6Z0SM90HA
edge-cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-newcastlecasino.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "3b277a721cb80958606d69fc574230f6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: JxuxL14I1BBjf201CcFaFRGhq1T7VFr6
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2282
x-cache: RefreshHit from cloudfront
cache-tag: F-6327926033,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1480
x-amz-id-2: M1mmfwHwK73gMaKz/tj0jFISnS7/jRqULz2ztF3Grnx2GxXqzQPcXEflnzRYIxoVMBC9Uds9kv9S3ST5LPke628OdF0kUQNg
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V36shU0DaGOhzHBFmTFcAkWodPeybxLNyCRoZZE1Uz7OauHxoTzUKrJQofkddcpE1QpzHPWWYXaMcBME4y5OoggMxw1SL2VU4HIvYyvQTQwvTG82ldCN%2FvnofDuJnpCPpyWB30946bMN8jC9Oyo5kRuNVQHw"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a4d9bb0-FRA
x-amz-cf-id: OS93ERVhqvlaNtTDhbgFZWXEh0iCVz2EjC7CkV8pKn8cO_lJlAefxA==

GET
H3 200 logo-theriverstarcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 1 KB
2 KB 143ms
139ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-theriverstarcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d19014976e41061a96b12a9b84a9b04262c2c5123973751eb0c41fd8c7e689

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HWZ3ES0A66422J
edge-cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-theriverstarcasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "4ba78248dc1ffe227d22515d85e6c4af"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 9a3FCbqn1vj3Z_wWI2mGXv2t2Jpl1uFp
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=1859
x-cache: Miss from cloudfront
cache-tag: F-6328149845,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1184
x-amz-id-2: NvmwACQ1RUvkjB7teiqeJaM7iwcrl4+52sb9AqiGXKvLWk/wE6xuyJsZ8xep3pQ/PBnILeEzkMI=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve9I4wn9JunAQd5eoqx6uXC851z5jctGeHKBy3hw065EeeOzrrDOKlqaaVmC7jUI0H2CnJiGvUfXtYSipqyd8KIes%2BrwMPDVS8NoPA%2BUURFw%2FOd7irzqbpfSEtj0vGG0mp%2BUOElGcfyWcV6i5oNSWNbSgwOf"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a4e9bb0-FRA
x-amz-cf-id: jg_GtkkTM7MvoWO2VAeycRgvtz672f0wappuZTMdNghJGGN46a4DLw==

GET
H3 200 logo-riverwindcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 143ms
140ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-riverwindcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba177485fa127b04f069a0f711e37687821c42f7524ad9503638c606dc9e7499

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HWGH1ZEMHF1QJ9
edge-cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-riverwindcasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "0b8c8ad86e3575434a4e55295ef8f332"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: U4CsENiFD2YPkdxDKuZHPHXEU6NbKdfu
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2542
x-cache: Miss from cloudfront
cache-tag: F-6328149842,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1664
x-amz-id-2: S0NT60l1Uq2Yh1NryN5UAUC7sx9BCrkf2tech7TTZHwhiJpOAd12iWqo7lteHD8GGoh6wZ6+Syw=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0paAl2JF%2BAWygc%2FgrBalECTfRI2CMGHEF4IoxDvlNUDYSraBArxfPN3wjfI6GjrkoB9qSOjLoBVjb%2B%2FeY0xAwfxmqhgavqtgwVrrE4Oo9F6DlsmY%2B%2Fb%2FDPDB%2B11y5TY%2BUMyDI2XqabHVaneN9spNL%2Fy4mV2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a4f9bb0-FRA
x-amz-cf-id: xszZLdXsLb2PVYNi5pgAu2UxGShP52BDvBVL-d4ZANAz3LxCQAwUOQ==

GET
H3 200 logo-saltcreekcasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 168ms
164ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-saltcreekcasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

604c8c50f6380fb7e7109c87c5d37c9ea36b3e71ae8cbbec969d302d2d5af4b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HW3PPXJCWHEM0H
edge-cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-saltcreekcasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "73ac739590a26b08f4bc87c0eec1c3d7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .saMBQpLsncBAch6fw1FORsSGkHAHhJH
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2590
x-cache: Miss from cloudfront
cache-tag: F-6328149857,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1674
x-amz-id-2: fWe7vkOKTL9GVt1I6o6N9T5phfUUYsqvHmSF0FnTOO6rgzW7XQYqmzcyCBbETV1/falBFjEyrjk=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwW3gvMR4U1XSpkW01ii9FAhKZ1emBAu53bvdJdF%2BJPeMQ%2FHXfK%2B4HsBq9bU0eZX64AcsUeOanfFmMA0o68ciI%2Fy24JBZ9vv4C4SdQRj28vaSOPrxw20lJKPGGyC52UMIWnxjTBKQBLxUsvqKNxPcGH5A9MD"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a519bb0-FRA
x-amz-cf-id: j_F1yw_-438gKmZg48Hyeetbz8j9rl0wUy_RP-E4ULZ_FkL2YSNFRg==

GET
H3 200 logo-texomacasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 144ms
141ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-texomacasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79d9146e2eabb29cdd5d18d8ac5536c218f82b9dd07753ff2f0028a92da07f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HS1FSDC6Q6PE27
edge-cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-texomacasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "8f7955f826d5785a3669876e9f00d557"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: HAu7Wsyo4tR7DubDCN8_tKH5SosEX5dW
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2447
x-cache: Miss from cloudfront
cache-tag: F-6327861193,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1578
x-amz-id-2: fGRMowIpUlCKRhdnIuyWVA17crkO/K6aoT9+nrNFpy0EmEH5uNL+DM4jGTTvn+MhSxXeJynj9+i09bDhOEZBOlwU9Cg32aiv
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZPT0j9ljF%2F4v7Vi1LK5XtBJZ%2FCOXb7aS%2B7Zni%2Fsr33Gp5XhvZgYyw5pn4Fsv2ludMm7sS5iHzVmLiZ6DkWWNarD0Eb3VWpMKkQA0qXXQuG6vVJgC9W5kPyFSMnPpcsf97hc6WRch%2BV1UwJUu81i7fDOKZsh"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a529bb0-FRA
x-amz-cf-id: WJNiF3PBL9Umt5usBDxAePz8SzndayJ5GhqOKsL-0XYMs4vVGIt9cA==

GET
H3 200 logo-treasurevalleycasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 117ms
114ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-treasurevalleycasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7cdc65100f33d14f35d64a6a57237f7bbc49a6eb0dfb1c95984642d1e2b8a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
age: 44996
x-amz-request-id: 1CAPDPGVAPGPKEF7
edge-cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-treasurevalleycasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "df2fabf268d97e4452655e874c1cbc1e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _SUcF7YoC0Gse0YT8IMX4kXn30ztWvZu
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=3365
x-cache: Miss from cloudfront
cache-tag: F-6328149851,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 2244
x-amz-id-2: uwfQbFnqLobWrEA0nk/iHHQ3oeWG1NWwu5hYudNMKnoiA20ws+9OkbOi5fd0eQh2/pC4KDe9e68=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wazI6Qrl9wtJ0%2FCybqcUjrc4ATQU4gysjxLlWKBdvwbyK4NmrobsoS09bpJkb3y1CErtJ1WLbNIxmIj%2FrnPxPGOxMAO2bHY0q%2FwCKZaq%2BcM3vN%2BJM9vNV0jA7NmXp%2FwbzDSia5PeQOxJb3Upube3N2rJrFLs"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a549bb0-FRA
x-amz-cf-id: AH8Je3cCEOx_Ok67dYzpMBbaViUkXpxviYNoRS_S1Z9RQafttnb1qg==

GET
H3 200 logo-washitacasino.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 2 KB
3 KB 144ms
141ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/logo-washitacasino.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

248a01b718ec219e1a5394846fd692c7fb1bb66d0f294b05ba0ac3a91fd539e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HW44KFM62RQYBX
edge-cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="logo-washitacasino.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "ab09c5c85f22f772e73d108c43cba424"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: EMtezGLG.SmVidAAesVQTZFAlKT.gPGw
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=2632
x-cache: Miss from cloudfront
cache-tag: F-6328149832,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1724
x-amz-id-2: JDV3bkDOQh9qFF61rODCHrwetXFoNEsvKcRqdTlWLCQrN8W3mWEVkoiMAQq+bSamkrsBP9XCll0=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKpdcc%2FjPfdwh%2Ba0bXn8XUrzn0OvIdTibEYfHI54hSj4%2Bd2i02reWzfW8fW1ifE5tS%2FUawxSgi3Gl034lLSAl5ysp8TATN1mrI%2BDDo5IpnDLyO4vfUPjZBSpA9Adc3hzvxipgSkoXQS7cPOuEpcwmQ4zqQp7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a559bb0-FRA
x-amz-cf-id: vIYn0gUA-wgKm0PIV63QqFqGoa9XnH3ItAYDoNXSpIthXxFoBwbANQ==

GET
H3 200 winstar_logo_new.svg
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 9 KB
5 KB 145ms
141ms Image
image/svg+xml 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/winstar_logo_new.svg

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 0bad7b24b2c9dfacca95c8ce0c8c3706.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 44997
x-amz-cf-pop: CDG52-P1
x-amz-request-id: TXRYP0T3NV95VZ04
content-encoding: br
edge-cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
cache-tag: F-6328149838,FD-6327856169,P-4132260,FLS-ALL
x-amz-version-id: CCiFdR5lVMuU5PjWh7Vu5PseI5ieorRz
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4VvZQQTKIUhOuSP9KBCohiPwVX8yXrfS39WJjRfmSxa0HhukWYTJXrAtUh1Anv2jj2GoQZ3A4NVeS/vBfcKT1w2pg8EsJjXQ
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
etag: W/"50e2b8162235b3d5b57b9d94d0481154"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUa%2F60LUqaZX5DPYrThexNhDiZrBL%2B%2FgXGRkVrkL7GLARhAqf6KqmL4ttC0VZgm0uFI%2BsonUSEvVHcdSawT2Rt87zsbK54Bhmnbzr4Vk6mKuzlcIBWLoAJGeHVlMwywbQ8mSrvOcWgZiZ1tDtWiFCNvIJhof"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 7e9237b00a589bb0-FRA
x-amz-cf-id: SdFLEZ02wnmQ1EkcAau5ui0C9S1VGGGYjr4tzDwilw_UJJJZi3p_2w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H3 200 winstar_google_map.png
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 6 KB
7 KB 168ms
165ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/winstar_google_map.png

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b946925340916f3b31488e5364761910fbfbeea44f71d6478987ba1858f6cca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
age: 44996
x-amz-request-id: 1CATN5K2H9T3H86B
edge-cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="winstar_google_map.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "8119a7d269e079586154be2ec0935f17"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Cre4s9XRPy7GwpYotpUCw54eim.Tn.vc
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=7799
x-cache: Miss from cloudfront
cache-tag: F-6328149867,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 5842
x-amz-id-2: JGA+XBRjgYQu1MwNLPmbq7jdyvxq0ANMl8H6LvL+G4N9ewl7NCJR2x+tRUOnwqxKZBdrRMACOCc=
last-modified: Mon, 15 Oct 2018 10:11:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pDMoiA4YE3Jdhl8zc30q0Rt%2BIU%2FdLX9FCVSIt5e4SiNRhTTrtXmjh%2F%2B8D9ocof5V7kOsTx7V7KUUqSxMj%2BARo%2FSxD9JkUsAwCkiIlKZ%2FoZAkfzzrLfItAc5eX%2BWYGGlBbHGkDKR16i35nWqm114OfJ0%2Bejy"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a5a9bb0-FRA
x-amz-cf-id: 7mad8ci6km17qjE5NqCW7fe3-5iiTe1C5H3OxJpPH6L9ZBf4myCAyA==

GET
H3 200 footer_map.jpg
newyearseve.winstar.com/hubfs/Winstar_October2018/Images/ 7 KB
8 KB 169ms
165ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newyearseve.winstar.com/hubfs/Winstar_October2018/Images/footer_map.jpg

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a92b66f49a41da10e0d15beb7526ce9493a570b9ff9f6c9a31ad04e96f44f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
age: 44997
x-amz-request-id: N9HQ463KXMFC91VH
edge-cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="footer_map.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "34e2e4012be9c202eaa9e64bf3b8cd9c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .T7fUTtu9zGC3W14jM3tKd5NtLutdFHb
x-amz-cf-pop: FRA56-P7
cf-polished: qual=85, origFmt=jpeg, origSize=17550
x-cache: Miss from cloudfront
cache-tag: F-6328149847,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 7102
x-amz-id-2: 6KUlk7cia01kFSCEYfF2Uo0HmZThacjEa9shjHgBM3qNmWREfT03amhwLaAeQMRrSEoyr1ylwnE=
last-modified: Mon, 15 Oct 2018 10:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWEjJe2iiePvsoBP%2B%2FhWVnIl8mUWx34h%2FF6%2FeiL%2FtVhLh3h31lP4azglBqyC%2BLn7fG0kjfX%2BpuGumZKS2xsftgx6DwPcGg16aaHVrQ8uE1dKduBs6pmP4bzSf3ltS1oBSlQ7BCIxf164jwLfDZOQthg3xgs4"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b00a5c9bb0-FRA
x-amz-cf-id: aqPeZayFVwh-mDgOiCjqoiPOa45DJiZv-WzVjIp6dm22eKzV6qno_A==

GET
H3 200 Winstar_October2018-main.js Show response
newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473161/1569745634254/Winstar_October2018_Theme/Coded_Files/ 3 KB
2 KB 295ms
294ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473161/1569745634254/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-main.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aa47cfb176e0b8f1e4ac5ca452888fb45222a802e555a3368460b70c3b8d065

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: P3SWX0NDD0NMXBW1
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"d1eb4ef9da07c83ba45ac31bf950fd9d"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 88b63cb2f8aab28c7291262ffc15282e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KrERUaf2d9Nsrz3_RbPh2Xb9M752n3o6
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: e383fd8e-3780-4174-a056-a91ab3155631
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 137
alt-svc: h3=":443"; ma=86400
x-amz-id-2: g+99DjXxlM1h7cBMcnM3zgQBvmfq3CQdUsW382wPWZFx0pDTWD8ZzHN1mH6Qn9m2yeCTlqMzA1o=
x-request-id: e383fd8e-3780-4174-a056-a91ab3155631
x-evy-trace-route-configuration: listener_https/all
last-modified: Sun, 29 Sep 2019 08:27:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5K%2BxHX64plJSh0Gzq4uIB97osSAn%2BHqOLwsOFLp%2FYwvCIvNoDMsegfyXJMGNcCfvnwCYcsZ5mvy5HI1QJQmu3krQI7hUY6thwEpu7sDzyxlA2mfJBpJ8yJz2JF9MQVHhZbf3I8%2FK%2FcnNPO82Qc%2BA2dxTKFv"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7e9237affa2f9bb0-FRA
x-amz-cf-id: P_ZIy5xFJIiuOKPGlzbBlsar_E_2Of46GhRbqkUPztvtoR6ZwkPE_g==

GET
H3 200 project.js Show response
newyearseve.winstar.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 114ms
110ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 11087361
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lexBmKkUOF25DLVHZ2FnM7kBK10%2FgtmWo0NYfQGM27CvKmnpRdmpzl95MThB9XYUGYPm76Y1Ilygf6eXQyp5I62hwRo%2FP2AzNIhUzc35k2V3oa3Q%2BkIIXA7hOnEapRgvrJOCy9RIlN%2BMg9n3wIXZaV7d7%2Fu8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7e9237b00a379bb0-FRA
x-amz-cf-id: n-wCgFq_tXu75HdwN5yHV7QlFUeiN9b92x8cHfArPXJP-lfFO3xe7Q==
expires: Thu, 18 Jul 2024 10:17:56 GMT

GET
H3 200 project.js Show response
newyearseve.winstar.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 115ms
111ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 59d2fae2830d603c79da39156799a1fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 11105932
x-amz-cf-pop: BOM50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN1V%2BzAy9kJ7ygSJW8xRM8QWkFAF2iUTaMcLvkXlXMDUKWqkgJYO7QtyztRaL0GLCo6rP%2FXEfS%2FkAFUFBor3auPJ8BdnAbGI0JL0olcXHWt6VX548sCK5sDUqXrlLNjtpz7p%2B3ByuOcIkvkuaCS2a59vkDrz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7e9237b00a399bb0-FRA
x-amz-cf-id: qoiu1RfC4804skIIy0lJk7a0xFPTnWkPquUgpeQAB5aScoQbyprP-g==
expires: Thu, 18 Jul 2024 10:17:56 GMT

GET
H2 200 module_-2712622_Site_search_input.min.js Show response
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1680183339849/ 532 KB
64 KB 60ms
54ms Script
application/javascript 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1680183339849/module_-2712622_Site_search_input.min.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f4d3b80aca2322ec4b496d5940807d201cda376084079bf12b11439c5d5ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 26431111-f786-44ee-ab5d-c32a3f00651b
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 398
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 26431111-f786-44ee-ab5d-c32a3f00651b
last-modified: Thu, 30 Mar 2023 13:35:40 GMT
server: cloudflare
etag: W/"e4472cd33abad075307c5c8b0e2b6758"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680183339851
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dcZ8nk4qLlYpGzMvyIRN26RseiZUk%2BG4Q%2FxmIlvAWuveX9zZP9bniU2YHe7ouaxo2DY6WwiFjW8PZpulWewAZsD8pMcsrsKNNKdh2TA5eRMzY78PV0oCVzaq8NTOPmGAhSDtLN7S4xrAb9expU%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-hml5r
cf-ray: 7e9237b00c8b901e-FRA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2

GET
H3 200 4132260.js Show response
newyearseve.winstar.com/hs/scriptloader/ 1 KB
1 KB 177ms
174ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b01da0f93819407284da44798f13f56c3ca4ecff50ccfcd82bad4da97b004264

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 210f104c-6117-4ed1-969a-0829ae86a295
x-envoy-upstream-service-time: 5
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 210f104c-6117-4ed1-969a-0829ae86a295
last-modified: Tue, 18 Jul 2023 21:47:59 GMT
server: cloudflare
x-trace: 2B91B4D6A3B9D479C97BFE0867528785CEE3A35F80000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newyearseve.winstar.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-ltr78
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRiOn8bYMZ6nEnjDLFt8pnbNYs0Da72sb6MYdqpi9NGAe8RJo7fSwEKmmt3pwxk778c4FII2a0bbRfijnHXfR%2FI3oziyo6dk7UnttpOy7Limfb6Kg3MBN21xvfo9Aj3g9iQgF3cJm1xXZMirW2znb9893QSi"}],"group":"cf-nel","max_age":604800}
cf-ray: 7e9237b00a5d9bb0-FRA
expires: Wed, 19 Jul 2023 10:18:56 GMT

GET
H3 200 index.js Show response
newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/ 11 KB
5 KB 169ms
166ms Script
application/javascript 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 13804300
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: zqfoHVEO7SsMjSP1JrsnDQf9ix87l6qJ
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Feb 2023 15:43:08 GMT
server: cloudflare
etag: W/"d57b3d84e0be8dd0aef0781d100c0d14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ILfKMvjYNAYnTXz3ELmUi6WUammkRgWwvnPeFyo7E%2FeIomb2ovMZK9A6TwF63K4jadEAieyyqqZyh3Ssalpg8Rxska57OIeeLm7XA9%2F%2FCTcyx3XQK%2B1P5D%2FPV6WnxwkHI3MuNfFnuKUL03NvqQ4o4d%2F0Xkh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7e9237b00a5e9bb0-FRA
x-amz-cf-id: LZoQ5rwWBe7yG-ndGTK3QocdekpnxF1cIw4-RF4i7Lkgg7CEMWJgtw==
expires: Thu, 18 Jul 2024 10:17:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 428 KB
110 KB 227ms
102ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13c416776eaebe30b9ce92dc28caefb447bc283733105146e2af69811a287670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112361
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jul 2023 10:17:56 GMT

GET
H3 200 fs_mid_blue_dark_blue.png
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/ 64 B
1 KB 103ms
103ms Image
image/webp 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/fs_mid_blue_dark_blue.png
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c2a14f4df0b94031373a3cb9be23d936f61a276c0b3b123cceadf506f66e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
age: 131263
x-amz-request-id: X5T08XARDQB7590C
edge-cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
content-disposition: inline; filename="fs_mid_blue_dark_blue.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "12dea73d28f469fb0ee2bfe05815786f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
via: 1.1 ba7789e51500bb7b69a0c33a90aec410.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2fOW0LmsXhRWlw_JAHAGigCTqetdzF0W
x-amz-cf-pop: CDG52-P1
cf-polished: origFmt=png, origSize=110
x-cache: Miss from cloudfront
cache-tag: F-6328149829,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 64
x-amz-id-2: PtzZ+iP9icfCk9J/iwsmMMn06z6WTh4ovQBb9WUxxW0KjPho2u0nRhff6HzToAXCx6ZBUttlSaIHabJH37FOSynTgKgh8/UILxsDKBpYTjA=
last-modified: Mon, 15 Oct 2018 10:11:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFPEyg7Umgz88Y%2B8semHItcxGPgqErSGR5veGE3IfkpZopDkAdwKBcl7jNLyj9B%2BgFmCm7LujyuF4Mj1sZQl54VPNF7S4skvMb11vqH5xPLOT2WiNWlbhPFNhydswhr0nWx8l4MEu8JA5YmKmM8%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b1595d9b25-FRA
x-amz-cf-id: 8T9fyVCEsd72QKg5dlNM-cN65LPoxLbnTKlhU5o3SRz-ASfzEOpgIg==

GET
H3 200 07-brother1816-regular-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 36 KB
37 KB 1028ms
994ms Font
application/font-woff2 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/07-brother1816-regular-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: 6NbhAV9OZi3kM4XCKtQTBqvU8U.GtDR9
x-amz-cf-pop: AMS1-C1
x-amz-request-id: AYBX8BRK8AZ5XTKJ
edge-cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328156364,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
alt-svc: h3=":443"; ma=86400
content-length: 36932
x-amz-id-2: Fe7T2suo0t1SvR6ZyaCcB+veyrSd2++ec9LBCGD5Ggak1j6l/rXgTH9Kwr0xeAs1JAjtqoPkv30=
last-modified: Mon, 15 Oct 2018 10:22:11 GMT
server: cloudflare
etag: "792f3d6bc7b18b43cf24aba8f071c282"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAgZ80PDMKz7p5y642cDRXeB8xZydDXBJ%2BJV1v3P6vlsYPP2uVUnaM6oAdkrdcVyfqgB7cbnpK4QTjDdgyaL01yNV6vuJQ%2FaF3DixuYgE4BWzHba0bQQLgpBucIzuoLJ8rXzOEQUppA1qhxh6g8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7e9237b18eda3681-FRA
x-amz-cf-id: 5ZFwgl12otHnT47a-hjU7VCJQZmwKVbnqqULl52HMm98GErhycW5Tg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2

GET
H3 200 fs_blue_dark_blue.png
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/ 68 B
1 KB 104ms
104ms Image
image/webp 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Images/fs_blue_dark_blue.png
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad53f8852f9d05834e2baf4d6af337666c668230cd94026519273642efb662b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
age: 108534
x-amz-request-id: 52S8PY3S3EFDC88D
edge-cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
content-disposition: inline; filename="fs_blue_dark_blue.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "453f24becb272d4ccd8cdef5542a67cb"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 19 Jul 2023 10:17:56 GMT
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: YoPvDj_Jti8vX7Sw96siMvtHne.0ry8h
x-amz-cf-pop: FRA56-P7
cf-polished: origFmt=png, origSize=110
x-cache: Miss from cloudfront
cache-tag: F-6341782269,FD-6327856169,P-4132260,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 68
x-amz-id-2: p4H+fHVLm94o89WUfAJRKan+TITDnDkNCJpDvt9+tZUFAr+spiRaK8qflkjcLgLy0WmGz26uBx8=
last-modified: Tue, 16 Oct 2018 13:29:47 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1p9wjLstS9aHducLxbdOlY3H9YNHtVDFmsVYbplR6KKaUNqJxtNl2hOv%2FJqb84o4xwFC6CaMhJ4vx8IQfZf5xxlOEEFbA43EMk397OS%2FU92z7LBoqAIMNPDDFfZL7ce8%2F5Plt6clCEFiMiSZa6w%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e9237b159659b25-FRA
x-amz-cf-id: ew-HCAWhX2Jq5ZQLiZWUvjwN8MTy4PuPshO0wx5KL6tUY8grGDZN4A==

GET
DATA 200
OK truncated
/ 28 KB
28 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1a7e22aaff8ae13a0e2998dec60d2b1e5195f35269db59f4a9bb7c78a02fd5b

Request headers

Referer
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 11-brother1816-bold-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 35 KB
36 KB 1053ms
1023ms Font
application/font-woff2 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/11-brother1816-bold-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
via: 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: EuuyyAm.a2B9xgoLv8qlux19dQD5xkMQ
x-amz-cf-pop: AMS1-C1
x-amz-request-id: REVP6AEF7PPR8PRA
edge-cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328159055,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
alt-svc: h3=":443"; ma=86400
content-length: 35480
x-amz-id-2: 5Xw5gPy1yuZxc6xBuyYoYi5hNWv4HlnqPFcwmZd6rDpdEjOUKR7/vruJVqHj1qM7xHH81JbdkSs=
last-modified: Mon, 15 Oct 2018 10:25:58 GMT
server: cloudflare
etag: "3353c0c6af922ea10301c175bfa40497"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er3K5jT25z6lv94LrQ7nTSKWrWgyNmzEhMHW4osEe9Effm4cypZY5I8qaTBwsLmpki0wrUxGHHQRGXDz6QuUrLmjVcMQmKUADfiyh8C%2BxLYVEKo3w2N%2FCx%2BvGl58z8bXIHU0DJeeH%2BWMUL2xw40%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7e9237b18ee13681-FRA
x-amz-cf-id: lvZgBWDxniif5Ed05UufDtsk4wzofrZ9LA6GbmNiDP6CfR7UzYnNoQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2

GET
H3 200 05-brother1816-book-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 36 KB
37 KB 1101ms
1072ms Font
application/font-woff2 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/05-brother1816-book-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67be5c64cb2ea58e769dbdf3b2fa46c6c1490828fe2a128622b721fd9f43acc

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: KLJIncy6PMsiA6G6I_ufHnkHMR9B.S41
x-amz-cf-pop: AMS1-C1
x-amz-request-id: WYAG6MZSQBRAR9JT
edge-cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328154606,FD-6328154376,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
alt-svc: h3=":443"; ma=86400
content-length: 37248
x-amz-id-2: BQBkeQjOB93lQXvCtbNrkfF642VZpwachwMlfsNQw8M/zMDdxgz6Y0386j+7QrGjxye6cZQj9dE=
last-modified: Mon, 15 Oct 2018 10:19:41 GMT
server: cloudflare
etag: "55df6954b7a71f3e2dd0567ab5629249"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjW6gTJhJptDoItE14f%2FAQqJT8351wgc2FnjV8PQGoARXK3uNcd3LUVylIZqFsPODtsf1DRvwbWZwiFHyje4AYBkWE9WJxqu8kEjhT8OaVQNm4TgoqlrsdoysGCgY7FjZUMQhVbXZSpASVzCtx8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7e9237b18ee03681-FRA
x-amz-cf-id: gGiIuJSE5oEkZKkk8-K6vTEHLAfpQWbl-on2pL27fB0Aax8Ccda-uA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2

GET
H3 200 socicon.ttf
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/socicon/ 46 KB
32 KB 795ms
766ms Font
font/ttf 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/socicon/socicon.ttf
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6bbb4c2632625af6166ce6afeb938f4ea69dec1d6d9dcda8d365aa441193077

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
via: 1.1 e13e8f228afcbd0862f27c6ebd714878.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
x-amz-version-id: r5Ngcn0PY_qbcWhp3fZjiFNANSXeC_de
x-amz-cf-pop: AMS1-C1
x-amz-request-id: XEA1H0NEKYG8GMZE
edge-cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
cache-tag: F-6328160907,FD-6328160866,P-4132260,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
alt-svc: h3=":443"; ma=86400
x-amz-id-2: OoEs/hIgCpQvYsQnaXqc/EBjTh0xZ1OB8fQjCmxmM/6hJYf3hmD7JAlsKAwdeEKHUMtqp+LFLOw=
last-modified: Mon, 15 Oct 2018 10:29:18 GMT
server: cloudflare
etag: W/"89760316f014d1ef335340b1a71b7ba3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmMEzmDeFAomdH44b2tffuk3aFvoNLF2H1ER%2B6svDcyU4YRnjvP1OSEU4VqfVQzQ7yAWSZgGTN6MngD2pPP59%2Fn7hVLtzSwGhw7pphJ66XI2trl8IV5VY3jeQsB9Nd8XLWF3fj%2FH2zqLXCDxwUI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 7e9237b18ede3681-FRA
x-amz-cf-id: Vx5C8zgrYLXZyz_C2UN4ycxXyPbhlrYKpTzxChbav7_b7WtJzjXdDw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2

GET
H3 200 09-brother1816-medium-web.woff2
cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/ 37 KB
38 KB 143ms
115ms Font
application/font-woff2 2606:4700::6812:ccc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/4132260/Winstar_October2018/Fonts/Brother%201816/09-brother1816-medium-web.woff2
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs-fs/hub/4132260/hub_generated/template_assets/6327473163/1569745631314/Winstar_October2018_Theme/Coded_Files/Winstar_October2018-style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ccc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
x-amz-version-id: ZIy0nGY5MP5b8b5rVBIVvEw2otYxJ83T
x-amz-cf-pop: FRA56-P7
x-amz-request-id: 414GKAFXX4HG3FND
edge-cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
cache-tag: F-6328158010,FD-6328154376,P-4132260,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
alt-svc: h3=":443"; ma=86400
content-length: 38096
x-amz-id-2: TlRYi0OhjQqAF6CO55XFqc1CXwnS7GbLO23nstkfGSY/mZ+m9S65xai4q9SfjJ0SCw8+GlA+bAU=
last-modified: Mon, 15 Oct 2018 10:24:14 GMT
server: cloudflare
etag: "b0f918f568eb228fdf650756c088878a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vHtkM39F2sNezu8ap0oZwq9IsrI9Sy5T%2F111cOLIa7awTnYqpe8ovJFb5se0%2BOuUwLaBGtuemiHOnCfFDqGMlWIgORNLHO06%2B5auCKAQEcRPcR8ZYWsDc5Xp6qaWOBmQ5yA8TDU3O4e4rXVukc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7e9237b18edb3681-FRA
x-amz-cf-id: -jlHL0p9mlmJn3ukIi2QYmL2OFk96sR2uBv5Ux9CdylBZn6UvREerw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20

GET
H2 200 4132260.js Show response
js.hs-analytics.net/analytics/1689761700000/ 69 KB
22 KB 241ms
164ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1689761700000/4132260.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 079fd07df43f60a75950fd808b1d13172ab3f83e82364c07bba31c15369210ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: XEACDRCJEP26CA26
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7c3f7e1d-88cc-416a-9c99-e3b2e9a2d54f
x-envoy-upstream-service-time: 15
x-amz-id-2: GTC9z4oHDQpDjYIireZsSXlMOgn4mRJlEOrgxycsnxfwK7MXz+cTq2eXXNSbwug9NokKa5oFUIQ=
x-evy-trace-listener: listener_https
x-request-id: 7c3f7e1d-88cc-416a-9c99-e3b2e9a2d54f
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 15 Jun 2023 14:44:52 GMT
server: cloudflare
etag: W/"e18b1f9db5faa83837ff56ab7d7c60de"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7e9237b27afe381c-FRA
expires: Wed, 19 Jul 2023 10:22:56 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4132260/ 209 KB
64 KB 216ms
146ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4132260/banner.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cad7c912466a6e378bac5d13c77412519f5ad75bc7590f7c74d83b079893fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
x-amz-version-id: fIH4ObqeONuVDbe7Llln7VnqH5BGSFpG
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: VCC4G4VZGTT69T33
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 56
x-amz-id-2: PjAAz+pKHktcMDAa57eI136GPOoQ1eJ6h8ddgQsseqWrwj+MsBigStgncRFmiZWaZ9uKi8GjfgQ=
x-evy-trace-listener: listener_https
x-request-id: 9319ad57-ae84-4abf-bf58-bb2507f3f14a
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 22 Jun 2023 16:14:14 GMT
server: cloudflare
etag: W/"20172cd50a6cbcad49c8907961f4c985"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.winstar.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7e9237b26c9130e7-FRA
expires: Wed, 19 Jul 2023 10:22:56 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 539 KB
86 KB 255ms
187ms Script
application/javascript 2606:4700::6811:806e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/scriptloader/4132260.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e8744466c5ff918e7c5dc146e8dec70cfcdbdd60b773f2bcaa5e5409d7512b

Request headers

Referer: https://newyearseve.winstar.com/
Origin: https://newyearseve.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1223/bundle/main/lead-flows-release.js&cfRay=7e9237b26a9d923d-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"ec18ee4dbbad7ceab888c3cda4eb9705"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1223/bundle/main/lead-flows-release.js
date: Wed, 19 Jul 2023 10:17:57 GMT
x-amz-version-id: RJnwkomo1rBqmkgtVuuzVEpsjxOWMbB.
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: ef11f067-7b25-4c3d-947b-b66f2b6dc3dd
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 42
x-evy-trace-route-configuration: listener_https/all
x-request-id: ef11f067-7b25-4c3d-947b-b66f2b6dc3dd
last-modified: Tue, 18 Jul 2023 09:47:02 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-ksc82
cf-ray: 7e9237b26a9d923d-FRA
x-amz-cf-id: ZNWuiWbIqiwm9ntOXq-JQ7kEmLXe5XrHP68ZPpMN0HA96sPmprFmQw==

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
978 B 293ms
225ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=4132260&callback=jsonpHandler

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cd2f93e8-6e9f-4dcb-aa77-7db4ceb52618
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7e9237b26f5c9152&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: cd2f93e8-6e9f-4dcb-aa77-7db4ceb52618
server: cloudflare
x-trace: 2B6DAB3B69FB7459A3C277640B361E4E58061A3768000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-s8xd8
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7e9237b26f5c9152-FRA

GET
H2

200

activityi;dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=... Show response
6820846.fls.doubleclick.net/ Frame DCB2
Redirect Chain

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore...
https://6820846.fls.doubleclick.net/activityi;dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;...

454 B
605 B

102ms
99ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6820846.fls.doubleclick.net/activityi;dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

85ae630525ef97b637e6556d0b2c41c512e752233b9426837c8857a5909c05ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Wed, 19 Jul 2023 10:17:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6820846.fls.doubleclick.net/activityi;dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 340ms
57ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 09:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4400
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jul 2023 11:04:37 GMT

GET
H2

200

activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore... Show response
10388130.fls.doubleclick.net/ Frame 2371
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb...

3 KB
1 KB

99ms
98ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

8ff05617fc9fdd8f1254894f1f20bb4888e89275248abff1172e229172683b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1112
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Wed, 19 Jul 2023 10:17:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/ 3 KB
2 KB 375ms
93ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/?random=1689761876879&cv=11&fst=1689761876879&bg=ffffff&guid=ON&async=1&gtm=45He37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&hn=www.googleadservices.com&frm=0&auid=834471921.1689761877&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

678ba3003c80fd831a662d692f8235c1c2254363202a067f1a7aefbc0a790a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 338ms
57ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jul 2023 10:39:37 GMT

GET
H2

200

activityi;dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=... Show response
10388130.fls.doubleclick.net/ Frame 6845
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl...

462 B
567 B

98ms
97ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

dc842476878790f09de6f7f990c127b58c3147c9dc625b43ef7628fe77388478

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 269
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Wed, 19 Jul 2023 10:17:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver... Show response
10388130.fls.doubleclick.net/ Frame 1102
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafv...

463 B
608 B

98ms
96ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

bf2062a427fedf6a9fae7fc2daf517a1ebe5f77d187583d73aa80ea7324aa772

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearseve.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Wed, 19 Jul 2023 10:17:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 10:17:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/ 36 KB
11 KB 214ms
126ms Script
text/javascript 108.156.60.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-27.ams1.r.cloudfront.net

Software

Resource Hash

7714b6fb624c71006e57ac66b8aaa3722bfa62809ad2e6186dc0bc26207d8ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c38563a65534cacc21516bd5450b0818.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: ec615b65-616b-47f4-960f-ac9a91eb737f
x-runtime: 0.008645
referrer-policy: strict-origin-when-cross-origin
etag: W/"7714b6fb624c71006e57ac66b8aaa372"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: jAWRmG4LfMP9SxqYtDBs8lr6DyPE2EX9Kb14CHwDAAIoM3fAd9T6tw==

GET
H2 200 4132260.js Show response
js.hs-scripts.com/ 1 KB
1 KB 218ms
146ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4132260.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1fdeac0fb33261d02bffec5f96594c6ea1bf88c61a51cbbb56d462933acab06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c200f463-0afe-407c-896e-ff03870b2cfa
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c200f463-0afe-407c-896e-ff03870b2cfa
last-modified: Wed, 19 Jul 2023 07:40:04 GMT
server: cloudflare
x-trace: 2BCD7C0178361ADC5241D8D90A370BA9FC4DCED05F000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://newyearseve.winstar.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-ds89m
cf-ray: 7e9237b31af59219-FRA
expires: Wed, 19 Jul 2023 10:18:57 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/ 32 B
558 B 217ms
130ms Script
text/javascript 108.156.60.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-123.ams1.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
via: 1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
content-length: 32
x-xss-protection: 1; mode=block
x-request-id: 4d28f93c-0242-44a1-b47d-c7ea3048697f
x-runtime: 0.011821
referrer-policy: strict-origin-when-cross-origin
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: dS8EOmq9sr8K2qZjrBfZMFOsXoE8YibCoz_1j2e5hj1x8WfDwe-C4w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 163ms
28ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jul 2023 10:17:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: ArQ7TiP2VS2+DB7OroglZpTDVg/ZGtvCB57JVKuOGBtHKSdDWfoVGhYILCoZ+1QKV72/4gnVy36npQcVPz0yvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK flip.js Show response
tracker.adreadyclick.com/ 15 KB
5 KB 167ms
41ms Script
application/javascript 2606:4700:20::681a:81e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.adreadyclick.com/flip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:81e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644cd051e1a99703736b2f4a00b68031af230af72b5ee80137b7146e676802a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674060236
Age: 1154
Transfer-Encoding: chunked
x-guploader-uploadid: ADPycdvBcAgO8tNX8BFXPPqU90RYLHssO_AWsDrDa9PngTS4YThMad6ojXC8Exeq6nZ1sE4j2nsKOdfEKK8BichaMBHfYA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
last-modified: Wed, 18 Jan 2023 16:43:58 GMT
Server: cloudflare
etag: W/"55e1c0470e07223e302d41841b945057"
Vary: Accept-Encoding
x-goog-generation: 1674060238304546
Content-Type: application/javascript
x-goog-hash: crc32c=UJ3EKw==, md5=VeHARw4HIj4wLUGEG5RQVw==
Cache-Control: public, max-age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZZdHQytfLJHSTvDD2pwijRJmNbNtvgsq36DQOmicrMo1%2BkmXy4Fg555EHWSU7%2BFnhqvciXiKe2sG0I%2BODvIuBmCtGRW9XqxdaxuEeS1rltwqh8klRTSGuLh7L4MF2hFmyaBK%2BlllEPD%2BgCUf%2FK05CginqEUAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 15776
CF-RAY: 7e9237b45eee9255-FRA
expires: Wed, 19 Jul 2023 10:07:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
91 KB 100ms
99ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

deefc2edff180044c17173d1c9550583a89ebd667024e9239656492d17e0d12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jul 2023 10:17:56 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 119ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1LWDFVQ2YJ&gtm=45je37h0&_p=866470861&_gaz=1&cid=1007551798.1689761877&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689761877&sct=1&seg=0&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 105ms
35ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1LWDFVQ2YJ&cid=1007551798.1689761877&gtm=45je37h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 99ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M62JR698ND&gtm=45je37h0&_p=866470861&cid=1007551798.1689761877&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689761877&sct=1&seg=0&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 203ms
80ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1LWDFVQ2YJ&cid=1007551798.1689761877&gtm=45je37h0&aip=1&z=1097659037

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
19 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 18:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18760
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jul 2024 18:14:31 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 67ms
65ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=866470861&t=pageview&_s=1&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=339789443&gjid=26727906&cid=1007551798.1689761877&tid=UA-28262588-1&_gid=352721267.1689761877&_slc=1&gtm=45He37h0n81TTP9H29&cd2=1689761876872.zteezn1&cd3=2023-07-19T10%3A17%3A56.872%2B00%3A00&z=2128834403

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 37ms
36ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28262588-1&cid=1007551798.1689761877&jid=339789443&gjid=26727906&_gid=352721267.1689761877&_u=YCDAiEABBAAAAGAAI~&z=2005844420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 64ms
64ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=866470861&t=pageview&_s=1&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAGAAI~&jid=1318898584&gjid=165956708&cid=1007551798.1689761877&tid=UA-28262588-1&_gid=352721267.1689761877&_r=1&z=1524345717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 727075671205102 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 101ms
100ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727075671205102?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7a5ace32d2dfd6d0955b9d63785cb253cef78a15cf19a6b61c919cff2d4dbb2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jul 2023 10:17:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: TyiR4/BM2V7MxZyK5KRM6R1klNUda73o6+mDPuYAs0OKQM+QheXYjsrIqkprfNvPKBQ/cn6SMZKJs9RigiFgqQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/991190777/ 42 B
455 B 190ms
68ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991190777/?random=1689761876879&cv=11&fst=1689760800000&bg=ffffff&guid=ON&async=1&gtm=45He37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&frm=0&fmt=3&is_vtc=1&random=1894818878&rmt_tld=0&ipr=y

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/991190777/ 42 B
154 B 69ms
69ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/991190777/?random=1689761876879&cv=11&fst=1689760800000&bg=ffffff&guid=ON&async=1&gtm=45He37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewyearseve.winstar.com%2F&frm=0&fmt=3&is_vtc=1&random=1894818878&rmt_tld=1&ipr=y

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

80 B
244 B

66ms
65ms

XHR
application/json

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD
access-control-allow-origin: https://newyearseve.winstar.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 35ms
35ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28262588-1&cid=1007551798.1689761877&jid=1318898584&gjid=165956708&_gid=352721267.1689761877&_u=YCDACEABBAAAAGAAI~&z=1813072982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearseve.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyea...
adservice.google.com/ddm/fls/z/ Frame 1102 42 B
401 B 218ms
95ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CLSayMPFmoADFT_bOwIdYzgDng;src=10388130;type=newpl0;cat=place00;ord=1;num=2517794613914;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyear...
adservice.google.com/ddm/fls/z/ Frame 6845 42 B
107 B 215ms
98ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPKWyMPFmoADFUDYOwIdHhIEGg;src=10388130;type=place0;cat=place0;ord=1;num=2669171594907;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bf18cdb0-0102-0139-376b-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 2371 0
783 B 112ms
34ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/bf18cdb0-0102-0139-376b-06abc14c0bc6

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: F3M9eY4Umj1HxvWZRc6C
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 2371 6 KB
6 KB 136ms
52ms Script
text/javascript 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506714&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438" /
Resource Hash: f899b341a2afc67c96450ed28c0eb2a27d5b162a158dfcdcdfa4fb30db7c728b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6063
Expires: Wed, 19 Jul 2023 10:17:56 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 2371 6 KB
6 KB 140ms
56ms Script
text/javascript 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506713&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438" /
Resource Hash: 590a6a8cb414610012c2d046bea7554d4c4c82728e915d726bdf47aae6c1bf70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6063
Expires: Wed, 19 Jul 2023 10:17:56 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 2371 6 KB
6 KB 153ms
69ms Script
text/javascript 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506712&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438" /
Resource Hash: b75f3796240aff4c5aa9d820e80b5aa6300d48ee5101fd05c8701c73b53108eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6063
Expires: Wed, 19 Jul 2023 10:17:56 GMT

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 2371
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
230 B

146ms
146ms

Script
text/html

2606:4700::6812:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Server: 2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7e9237ba3aed914d-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative2&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Wed, 19 Jul 2023 10:17:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e9237b7ffd7914d-FRA
content-type: text/html; charset=iso-8859-1

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 2371
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
143 B

152ms
151ms

Script
text/html

2606:4700::6812:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Server: 2606:4700::6812:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7e9237ba3ae7914d-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029819&ns=5440&nc=creative&ncv=40&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Wed, 19 Jul 2023 10:17:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e9237b7ffd9914d-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.w...
adservice.google.com/ddm/fls/z/ Frame 2371 42 B
107 B 198ms
96ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.win...
adservice.google.com/ddm/fls/z/ Frame DCB2 42 B
107 B 200ms
97ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=*;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F

Requested by

Host: 6820846.fls.doubleclick.net
URL: https://6820846.fls.doubleclick.net/activityi;dc_pre=CMSLyMPFmoADFRqomgodaC0EmQ;src=6820846;type=winss0;cat=winst0;ord=396662414902;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6820846.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ Frame 2371 17 KB
7 KB 404ms
132ms Script
text/javascript 54.80.24.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.24.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-24-65.compute-1.amazonaws.com
Software: /
Resource Hash: 25360c4827237a4c2aa4bd0f89657b003cb6b304298e7bb1e68ec2e591d0c81d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 10:17:57 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H/1.1 200
OK validate Show response
pixelconnector.adready.com/ 209 B
578 B 408ms
331ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/validate?id=94820ea4-dcf0-4edb-8324-04ea01d34e0e

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268a0b6dc8101ab696b0fe007013c8f7e0efd82fa6f6fe163ef25977b547b76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://newyearseve.winstar.com
Connection: keep-alive
CF-RAY: 7e9237b66f1d9ba0-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 89ms
31ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727075671205102&ev=PageView&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&rl=&if=false&ts=1689761877438&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689761877435.2071659947&cs_est=true&it=1689761877272&coo=false&rqm=GET

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 10:17:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 5FBB 677 B
1 KB 46ms
45ms Document
text/html 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ec64b7-b855-4700-a2af-4f8f1586e4a1&no_iframe=1&mt_adid=241907&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506714&mt_adid=241907&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Wed, 19 Jul 2023 10:17:57 GMT
Expires: Wed, 19 Jul 2023 10:17:56 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438"

GET
H2 204 insights.gif
ds.reson8.com/ Frame 2371 0
32 B 117ms
35ms Image
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=6742844263&evkey=101115462

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7e9237b72ae79b37-FRA
vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 2371 0
494 B 43ms
42ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 19 Jul 2023 10:17:56 GMT

GET
H2 204 insights.gif
ds.reson8.com/ Frame 2371 0
96 B 113ms
34ms Image
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=4055215222&evkey=101115460

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7e9237b72aea9b37-FRA
vary: Accept-Encoding

GET
H2 204 insights.gif
ds.reson8.com/ Frame 2371 0
31 B 108ms
35ms Image
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/insights.gif?rand=7645490620&evkey=101115460

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7e9237b72aec9b37-FRA
vary: Accept-Encoding

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 2371 81 KB
31 KB 269ms
90ms Script
application/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJyTyMPFmoADFVXimgodAEEI1g;src=10388130;type=pagev0;cat=homep0;ord=3573495263822;auiddc=834471921.1689761877;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fnewyearseve.winstar.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:57 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx0000053bcca4dd019c109-00646c8ee1-32950a8f-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 5FBB 0
494 B 68ms
67ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ec64b7-b855-4700-a2af-4f8f1586e4a1&no_iframe=1&mt_adid=241907&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=76ec64b7-b855-4700-a2af-4f8f1586e4a1&no_iframe=1&mt_adid=241907&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 19 Jul 2023 10:17:56 GMT

POST
H/1.1 200
OK update Show response
pixelconnector.adready.com/ 22 B
370 B 164ms
164ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/update?s=flip.js

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://newyearseve.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 19 Jul 2023 10:17:57 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://newyearseve.winstar.com
Connection: keep-alive
CF-RAY: 7e9237b8a9e99ba0-FRA
Content-Length: 22

GET
H2 200 sa.css
tags.srv.stackadapt.com/ Frame 2371 65 B
203 B 129ms
129ms Stylesheet
text/css 54.80.24.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.24.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-24-65.compute-1.amazonaws.com
Software: /
Resource Hash: c1ccafe74b42143a1695d10917beeb5a9d1b0df1c9fc480e3f86042340c67848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 10:17:57 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ Frame 2371 0
2 KB 373ms
124ms Fetch
image/jpeg 54.80.24.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.24.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-24-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 10:17:58 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/ Frame 2371
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=2385772756&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=2385772756&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_...

1 KB
2 KB

111ms
110ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=2385772756&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJyTyMPFmoADFVXimgodAEEI1g%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D3573495263822%3Bauiddc%3D834471921.1689761877%3Bgtm%3D45He37h0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0dbdfcd85189ad468d9ecf133cbcfcae2aa7ad8d4503ca16e97568e98ae8c3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1032
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=2385772756&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJyTyMPFmoADFVXimgodAEEI1g%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D3573495263822%3Bauiddc%3D834471921.1689761877%3Bgtm%3D45He37h0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 29ms
28ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727075671205102&ev=Microdata&dl=https%3A%2F%2Fnewyearseve.winstar.com%2F&rl=&if=false&ts=1689761877940&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnewyearseve.winstar.com%2F404%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1689761877435.2071659947&it=1689761877272&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: newyearseve.winstar.com
URL: https://newyearseve.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearseve.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 10:17:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ Frame 2371 94 B
296 B 129ms
129ms XHR
text/plain 54.80.24.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=ChdOtDwyeASK-MAAz1kfjg&is_js=true&landing_url=https%3A%2F%2Fnewyearseve.winstar.com%2F%3F&t=&tip=5tDJrdELD6o9k1Y0PgMw8cSvVRvePuERxx6oiLOs-Bc&host=https://10388130.fls.doubleclick.net&sa_conv_data_css_value=%270-09b8ab32-69a6-525a-6d79-e10f0149a6b5%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd909b8ab3269a6525a6d79e10f0149a6b5c120f8f7&sa-user-id-v2=s%253ACbirMmmmUlpteeEPAUmmtcEg-Pc.gp6R%252BuBumJDvPF%252B8uN65PwPeVWf6ZiU3xdcTVwjITGQ&sa-user-id=s%253A0-09b8ab32-69a6-525a-6d79-e10f0149a6b5.dDx%252FHn4LYYJYUu4sTPi6Q%252BJNnHL3HYcRF4qh1iKhEOs
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.24.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-24-65.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: https://10388130.fls.doubleclick.net
date: Wed, 19 Jul 2023 10:17:58 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 2CF5 1 KB
1 KB 108ms
107ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1794048593&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCJyTyMPFmoADFVXimgodAEEI1g%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d3573495263822%3bauiddc%3d834471921.1689761877%3bgtm%3d45He37h0%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e0a3b8226c5d94b7b9fe3f0338a99f7cff1330c6d445c7285f0baaac2b2ccd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 19 Jul 2023 10:17:58 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 6AB9 5 KB
2 KB 136ms
42ms Document
text/html 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2199696&ADFPageName=On-Site%20Engagement&ADFdivider=%7C&ord=2385772756&ADFtpmode=2&loc=https%3A%2F%2F10388130.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJyTyMPFmoADFVXimgodAEEI1g%3Bsrc%3D10388130%3Btype%3Dpagev0%3Bcat%3Dhomep0%3Bord%3D3573495263822%3Bauiddc%3D834471921.1689761877%3Bgtm%3D45He37h0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3F&CPref=https%3A%2F%2Fnewyearseve.winstar.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c009d35b1a20408743b36950e80b8a56943246e61794b3d7250617cf5abdb464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://10388130.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Jul 2023 10:17:58 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ Frame 2371 35 B
467 B 221ms
42ms Image
image/gif 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=1316003751944374088&stamp=2YD_lKgaUzEDvP-67D9Y4w2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 2CF5 5 KB
6 KB 55ms
55ms Script
text/javascript 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506424&mt_adid=241848&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1794048593&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCJyTyMPFmoADFVXimgodAEEI1g%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d3573495263822%3bauiddc%3d834471921.1689761877%3bgtm%3d45He37h0%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438" /
Resource Hash: 364982682ab4efe766b4523e4c6fd39fdde82e28e73f943decd72d4ed76a0318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:58 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 5540
Expires: Wed, 19 Jul 2023 10:17:57 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6AB9 0
384 B 43ms
42ms Image
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6AB9
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1316003751944374088&Expiration=1690971478
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1316003751944374088&Expiration=1690971478

43 B
425 B

50ms
50ms

Image
image/gif

3.251.15.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1316003751944374088&Expiration=1690971478
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Server: 3.251.15.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-15-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 10:17:58 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1316003751944374088&Expiration=1690971478
access-control-allow-origin: *
date: Wed, 19 Jul 2023 10:17:58 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 6AB9 0
400 B 117ms
43ms Image
text/plain 23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 10:17:58 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 18 Jul 2023 10:17:58 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 6AB9 0
214 B 123ms
29ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6AB9
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1316003751944374088&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1316003751944374088&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=c345595df6e7436fb...
https://c1.adform.net/serving/cookie/match?party=9&uid=5f1ef06e9fdc51d6f4ab107726783cfec6b9341bb1993ee98606fded692b0005

35 B
600 B

43ms
43ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=5f1ef06e9fdc51d6f4ab107726783cfec6b9341bb1993ee98606fded692b0005

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=5f1ef06e9fdc51d6f4ab107726783cfec6b9341bb1993ee98606fded692b0005
date: Wed, 19 Jul 2023 10:17:58 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 6AB9 43 B
114 B 146ms
47ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=1316003751944374088&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:58 GMT
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55944/ Frame 6AB9 0
125 B 128ms
30ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=1316003751944374088&_origin=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 6AB9 43 B
637 B 160ms
72ms Image
image/gif 2.19.126.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-157.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 10:17:58 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1689761878717042-572
Expires: Wed, 19 Jul 2023 10:17:58 GMT

GET
H/1.1

200
OK

52164
i6.liadm.com/s/ Frame 6AB9
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=1316003751944374088
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=1316003751944374088
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3&_li_chk=true&previous_uuid=1be520c5eec746fb9acadb2159013bdb
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3

43 B
548 B

523ms
129ms

Image
image/gif

2600:1f18:ed:550f:cd9b:e73a:8f3e:7955
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:cd9b:e73a:8f3e:7955 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:18:00 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=03929cd4-3597-4cec-92f2-c184d338deb3
Date: Wed, 19 Jul 2023 10:17:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6AB9
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1316003751944374088&expiration=1690971478
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1316003751944374088&expiration=1690971478&C=1

43 B
766 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1316003751944374088&expiration=1690971478&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 10:17:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 10:17:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=1316003751944374088&expiration=1690971478&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

4354957
se.semasio.net/sync/1/ Frame 6AB9
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1316003751944374088&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1316003751944374088&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=1316003751944374088&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7257472008337881229&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NUZDRDgyQTcxNjMzMzFCQQ&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPhE8T1lNnCOqix-otCkFd8&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPhE8T1lNnCOqix-otCkFd8&sInitiator=internal&google_cver=1&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=3138814902911477935&sInitiator=internal&gdpr=

0
415 B

51ms
51ms

Image
text/plain

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/4354957?sExtCookieId=3138814902911477935&sInitiator=internal&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:18:10 GMT
uip-status: Ok
frontend-id: 09
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
an-x-request-uuid: be2d8355-74c6-48d6-88b1-780624631923
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://se.semasio.net/sync/1/4354957?sExtCookieId=3138814902911477935&sInitiator=internal&gdpr=
x-proxy-origin: 193.32.248.247; 193.32.248.247; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 6AB9 0
344 B 127ms
30ms Image
text/plain 3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1316003751944374088&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:58 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 6AB9
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1316003751944374088
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1316003751944374088&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
366 B

128ms
28ms

Image
image/gif

2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 19 Jul 2023 10:17:59 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 579102
x-accel-date: 1689182777
content-length: 43
x-77-nzt: AcO1rw4WrLH/HtYIAA
x-accel-expires: @1690219577
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 90833930dc0f55d957b8b76405909103
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Wed, 19 Jul 2023 10:17:58 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 6AB9
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=1316003751944374088
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMTMxNjAwMzc1MTk0NDM3NDA4OBAAGg0I1vDepQYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5oKqPIgm2G0ApKbyBChCE&google_cver=1

42 B
60 B

37ms
37ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5oKqPIgm2G0ApKbyBChCE&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:59 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5oKqPIgm2G0ApKbyBChCE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1316003751944374088/gdpr=/ Frame 6AB9 49 B
265 B 152ms
47ms Image
image/gif 99.80.77.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1316003751944374088/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.77.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-77-237.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:58 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.62
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 6AB9 62 B
218 B 243ms
171ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 19 Jul 2023 10:17:59 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 6AB9 43 B
273 B 201ms
132ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:58 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 6AB9
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

157ms
52ms

Image
image/gif

52.218.89.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Server: 52.218.89.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:18:00 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: ERMZDVAYBQFQSFDA
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: ZljjPFnR18Myf8WynIbsz5SYbxxqzyNBW+JjQcoKnaAjSbmXtrvhoyslDudxwvc38qPyrUvBwIE=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 19 Jul 2023 10:17:58 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 6AB9
Redirect Chain

https://pixel.onaudience.com/?mapped=1316003751944374088&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=35fc9ef4d0ec6059/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
265 B

148ms
47ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 6AB9
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1316003751944374088
https://tags.adsafety.net/v1/cm?cm_uid=CM12023071910af494482f6425a0281c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=2661833c5693165486eb081c4866da96
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12023071910af494482f6425a0281c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=2661833c5693165486eb081c4866da96&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzA3MTkxMGFmNDk0NDgyZjY0MjVhMDI4MWM&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEMyUZvxmQ4Dm4tfV_V66c5Y&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12023071910af494482f6425a0281c
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1316003751944374088

43 B
2 KB

30ms
30ms

Image
image/gif

193.135.9.135
IP-PROJECTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Server: 193.135.9.135 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 10:17:59 GMT
Last-Modified: Wed, 19 Jul 2023 10:17:59 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=1316003751944374088
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 6AB9 0
338 B 155ms
46ms Image
text/plain 34.252.7.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.7.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-7-215.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Wed, 19 Jul 2023 10:17:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1689761879
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 6AB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTMxNjAwMzc1MTk0NDM3NDA4OA
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdSNeRtU2U89uHXc1qSzV8&google_cver=1&google_ula=1641347,0

35 B
591 B

42ms
42ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdSNeRtU2U89uHXc1qSzV8&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdSNeRtU2U89uHXc1qSzV8&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 6AB9
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3138814902911477935&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=1316003751944374088

43 B
831 B

61ms
61ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=1316003751944374088

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
an-x-request-uuid: e99a9993-e390-4da7-9f25-f97475ec0caa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.247; 193.32.248.247; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=1316003751944374088
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6AB9 0
384 B 45ms
42ms Image
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6AB9 42 B
472 B 132ms
36ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 19 Jul 2023 10:17:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 6AB9 43 B
443 B 117ms
29ms Image
image/gif 65.9.66.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-47.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 08:33:01 GMT
Via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 6298
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: YEIeajzM8JpMBXRXtsIhmAo2CKNcJKLLiTlTlrxCyW2HFJC00F0UvQ==

GET
H/1.1 502
Bad Gateway a
a.audrte.com/ Frame 6AB9 0
0 1842ms
1462ms Image
text/html 54.145.25.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/a?adform_uid=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.25.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-25-36.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6AB9
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1316003751944374088&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1316003751944374088&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=42489570991076350853961105073688963027&noredirect=1

35 B
600 B

42ms
42ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=42489570991076350853961105073688963027&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v050-0e03aa7e8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: BGHVGO5SSGo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=42489570991076350853961105073688963027&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6AB9
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1316003751944374088
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216603104582001819388

35 B
600 B

42ms
42ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216603104582001819388

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216603104582001819388
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6AB9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7257472008337881229

35 B
591 B

77ms
42ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7257472008337881229

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7257472008337881229
Date: Wed, 19 Jul 2023 10:17:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 6AB9 62 B
429 B 194ms
193ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 19 Jul 2023 10:17:59 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6AB9
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=20dc64b7-b855-4900-8a1e-2f7f52fc540f

35 B
591 B

43ms
42ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=20dc64b7-b855-4900-8a1e-2f7f52fc540f

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 19 Jul 2023 10:17:59 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x13 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=20dc64b7-b855-4900-8a1e-2f7f52fc540f
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 19 Jul 2023 10:17:58 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6AB9
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=cOO2fvxw1Qm4fR5

35 B
591 B

43ms
43ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=cOO2fvxw1Qm4fR5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 10:17:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-039373edd24dbbb61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=cOO2fvxw1Qm4fR5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6AB9 70 B
264 B 48ms
47ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 6AB9 0
72 B 625ms
151ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 6AB9 43 B
1 KB 156ms
49ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=1316003751944374088

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 6AB9
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=113793142
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=C2bLaYWre9AiYJDwfLxN5u

35 B
600 B

44ms
43ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=C2bLaYWre9AiYJDwfLxN5u

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
via: 1.1 google
last-modified: Wed, 19 Jul 2023 10:17:59 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=C2bLaYWre9AiYJDwfLxN5u
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6AB9 23 B
163 B 164ms
61ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Wed, 19 Jul 2023 10:17:59 GMT
pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame 6AB9 0
0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 6AB9 0
239 B 101ms
31ms Image
text/plain 2600:9000:25e8:4400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e8:4400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:59 GMT
cache-control: no-cache, must-revalidate
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-amz-cf-id: U-aIAydfv2rL1lEsxuFvvdiI9f2vQpbxqQ8l7c7LCKQbS8yXxndEtA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 6AB9
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1316003751944374088&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1316003751944374088&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=c1a57c2c-c5e3-44ac-a7ff-573d0e2e5d21

35 B
591 B

44ms
43ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=c1a57c2c-c5e3-44ac-a7ff-573d0e2e5d21

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Wed, 19 Jul 2023 10:17:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=c1a57c2c-c5e3-44ac-a7ff-573d0e2e5d21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1316003751944374088
match.contentexchange.me/adform/ Frame 6AB9 0
49 B 277ms
80ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/1316003751944374088?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:59 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 6AB9 37 B
140 B 92ms
29ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=1316003751944374088&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/ Frame 6AB9
Redirect Chain

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=1316003751944374088
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

125ms
30ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 10:17:59 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 202 adf
pixel.sojern.com/idsync/ Frame 6AB9 0
162 B 152ms
36ms Image
text/plain 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=1316003751944374088
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 6AB9 0
384 B 43ms
42ms Image
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1316003751944374088&agencyId=6276&advertiserId=2081352&src=tp&rnd=599632
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 05DD 677 B
1 KB 50ms
50ms Document
text/html 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=20dc64b7-b855-4900-8a1e-2f7f52fc540f&no_iframe=1&mt_adid=241848&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506424&mt_adid=241848&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x31 config_version:"1438" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Wed, 19 Jul 2023 10:17:58 GMT
Expires: Wed, 19 Jul 2023 10:17:57 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master cdg cdg-pixel-x31 config_version:"1438"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 2CF5 0
493 B 42ms
42ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=2199696&lid=82025683&ctype=0&media=0&PageName=On-Site+Engagement&rnd=1794048593&cpref=https%3a%2f%2fnewyearseve.winstar.com%2f&loc=https%3a%2f%2f10388130.fls.doubleclick.net%2factivityi%3bdc_pre%3dCJyTyMPFmoADFVXimgodAEEI1g%3bsrc%3d10388130%3btype%3dpagev0%3bcat%3dhomep0%3bord%3d3573495263822%3bauiddc%3d834471921.1689761877%3bgtm%3d45He37h0%3buaa%3d%3buab%3d%3buafvl%3d%3buamb%3d0%3buam%3d%3buap%3d%3buapv%3d%3buaw%3d0%3bepver%3d2%3b%7eoref%3dhttps%253A%252F%252Fnewyearseve.winstar.com%252F%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:58 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 19 Jul 2023 10:17:57 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 05DD 0
494 B 55ms
54ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=20dc64b7-b855-4900-8a1e-2f7f52fc540f&no_iframe=1&mt_adid=241848&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=20dc64b7-b855-4900-8a1e-2f7f52fc540f&no_iframe=1&mt_adid=241848&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 10:17:58 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 19 Jul 2023 10:17:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1316003751944374088

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 14:05:53	Name: _li_ss Value: CgsKCQj_____BxDTFQ
i6.liadm.com/s	1970-01-20 14:05:53	Name: _li_ss Value: CgA
.newyearseve.winstar.com/	1970-01-20 13:22:43	Name: __cf_bm Value: PS2w4.Zopa_kqeL4KUzO.4mfwOUDUq0HmxRdAHoiVio-1689761876-0-AfbRPEfMLH8xztcPXCrEQd5bWes1FrikKYHV6issvQhV/zA1ga+/coI44+xyM9DlQmjH5+t9rQTiIL4ghOK4g6A=
.newyearseve.winstar.com/	1969-12-31 23:59:59	Name: __cfruid Value: 07951d1d03f31eae940da5347a4d4f392a78b5bb-1689761876
.winstar.com/	1970-01-20 15:32:17	Name: _gcl_au Value: 1.1.834471921.1689761877
.winstar.com/	1970-01-20 22:58:41	Name: _ga_1LWDFVQ2YJ Value: GS1.1.1689761877.1.0.1689761877.60.0.0
.hubspot.com/	1970-01-20 13:22:43	Name: __cf_bm Value: 4o4Movpn7qH7K6.5Pq8ha4uwKRR5Of1VWIisP1AlE_U-1689761877-0-Ab9VkzyICIwETbw5yheXrIU6kYDBQNXbIgG1OiQGYXGthJfSAP/0w/99YsR+PXq89tXXDP424pQ3RqqyS28H/qg=
.winstar.com/	1970-01-20 22:58:41	Name: _ga_M62JR698ND Value: GS1.1.1689761877.1.0.1689761877.0.0.0
.winstar.com/	1970-01-20 22:08:17	Name: calltrk_referrer Value: direct
.winstar.com/	1970-01-20 22:08:17	Name: calltrk_landing Value: https%3A//newyearseve.winstar.com/
.winstar.com/	1970-01-20 22:58:41	Name: _ga Value: GA1.2.1007551798.1689761877
.winstar.com/	1970-01-20 13:24:08	Name: _gid Value: GA1.2.352721267.1689761877
.winstar.com/	1970-01-20 13:22:41	Name: _dc_gtm_UA-28262588-1 Value: 1
.winstar.com/	1970-01-20 13:22:41	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 22:44:17	Name: IDE Value: AHWqTUlSKogR0STQZU-UJA4Rv9PNzjIOAVpqcsK0FOSFrqO7QzkRuW7RN7vZb3A745E
newyearseve.winstar.com/	1969-12-31 23:59:59	Name: ga_events Value: %5B%7B%22clientId%22%3A%221007551798.1689761877%22%2C%22trackingId%22%3A%22UA-28262588-1%22%2C%22name%22%3A%22gtm2%22%7D%2C%7B%22clientId%22%3A%221007551798.1689761877%22%2C%22trackingId%22%3A%22UA-28262588-1%22%2C%22name%22%3A%22t0%22%7D%5D
newyearseve.winstar.com/	1969-12-31 23:59:59	Name: ga_gtm Value: %5B%7B%22measurementId%22%3A%22G-1LWDFVQ2YJ%22%7D%5D
.winstar.com/	1970-01-20 15:32:17	Name: _fbp Value: fb.1.1689761877435.2071659947
.simpli.fi/	1970-01-20 22:09:44	Name: suid Value: 6266C3BB6A384C65B28A713AEA423E8E
.mathtag.com/	1970-01-20 22:48:37	Name: uuid Value: 20dc64b7-b855-4900-8a1e-2f7f52fc540f
.mathtag.com/	1970-01-20 14:05:53	Name: mt_misc Value: mt_bt:1
tags.srv.stackadapt.com/	1970-01-20 22:08:17	Name: sa-user-id Value: s%3A0-09b8ab32-69a6-525a-6d79-e10f0149a6b5.dDx%2FHn4LYYJYUu4sTPi6Q%2BJNnHL3HYcRF4qh1iKhEOs
.srv.stackadapt.com/	1970-01-20 22:08:17	Name: sa-user-id Value: s%3A0-09b8ab32-69a6-525a-6d79-e10f0149a6b5.dDx%2FHn4LYYJYUu4sTPi6Q%2BJNnHL3HYcRF4qh1iKhEOs
tags.srv.stackadapt.com/	1970-01-20 22:08:17	Name: sa-user-id-v2 Value: s%3ACbirMmmmUlpteeEPAUmmtcEg-Pc.gp6R%2BuBumJDvPF%2B8uN65PwPeVWf6ZiU3xdcTVwjITGQ
.srv.stackadapt.com/	1970-01-20 22:08:17	Name: sa-user-id-v2 Value: s%3ACbirMmmmUlpteeEPAUmmtcEg-Pc.gp6R%2BuBumJDvPF%2B8uN65PwPeVWf6ZiU3xdcTVwjITGQ
tags.srv.stackadapt.com/	1970-01-20 22:08:17	Name: sa-user-id-v3 Value: s%3AAQAKIItNGZ8diGdEcvuU6NffIBSetpw53TYYyzI0zx6VWnqsEHwYBCDV8N6lBjABOgTtmLXMQgRGZ3lT.Hi0PraKBtekPYgcLV2qnU85pzrRVnlODdcmdqhrCjhQ
.srv.stackadapt.com/	1970-01-20 22:08:17	Name: sa-user-id-v3 Value: s%3AAQAKIItNGZ8diGdEcvuU6NffIBSetpw53TYYyzI0zx6VWnqsEHwYBCDV8N6lBjABOgTtmLXMQgRGZ3lT.Hi0PraKBtekPYgcLV2qnU85pzrRVnlODdcmdqhrCjhQ
.adform.net/	1970-01-20 14:07:20	Name: C Value: 1
.adform.net/	1970-01-20 14:49:05	Name: uid Value: 1316003751944374088
.adform.net/	1970-01-20 13:24:08	Name: CM Value: 1\|1
.adform.net/	1970-01-20 13:42:51	Name: CM14 Value: 1689848278_1689761878_1_Hu7u4e4e4R7u7u4REREeERERERHhERA
.seadform.net/	1970-01-20 14:49:05	Name: uid Value: 1316003751944374088
.adscale.de/	1970-01-20 22:04:57	Name: uu Value: c345595df6e7436fb31f033a177b236f
.adscale.de/	1970-01-20 22:04:57	Name: cct Value: 1689761878709
.ih.adscale.de/	1970-01-20 22:04:57	Name: tu Value: 4#2615171126#42~1316003751944374088~469378~0~0
.casalemedia.com/	1970-01-20 22:08:17	Name: CMID Value: ZLe4VsdIF69zKPnZ1DvO5QAA
.casalemedia.com/	1970-01-20 15:32:17	Name: CMPS Value: 1131
.casalemedia.com/	1970-01-20 15:32:17	Name: CMPRO Value: 1131
.360yield.com/	1970-01-20 15:32:17	Name: tuuid Value: 4e734966-fe73-474a-8d1c-6bba6c81227a
.360yield.com/	1970-01-20 15:32:17	Name: tuuid_lu Value: 1689761878
.bidswitch.net/	1970-01-20 22:08:17	Name: tuuid Value: 03929cd4-3597-4cec-92f2-c184d338deb3
.bidswitch.net/	1970-01-20 22:08:17	Name: c Value: 1689761878
.bidswitch.net/	1970-01-20 22:08:17	Name: tuuid_lu Value: 1689761878
.semasio.net/	1970-01-20 22:08:17	Name: SEUNCY Value: 5FCD82A7163331BA
.360yield.com/	1970-01-20 15:32:17	Name: um Value: !42,ZIWnZjW6.dJl49ALXIjyx0S3xUjMF.jPlkkGvw0SuPI4,1690971478
.360yield.com/	1970-01-20 15:32:17	Name: umeh Value: !42,0,1751969878,-1
.eyeota.net/	1970-01-20 13:22:42	Name: SERVERID Value: 18564~DM
.rlcdn.com/	1970-01-20 14:49:05	Name: pxrc Value: CNbw3qUGEgUI6AcQABIGCLrqARAA
.exelator.com/	1970-01-20 16:15:29	Name: EE Value: "e60b6400ddf8762a77db6b091f337b14"
.exelator.com/	1970-01-20 16:15:29	Name: ud Value: "eJxrXxzq6XKLQSHVzCDJzMTAICUlzcLczCjR3DwlySzJwNIwzdjYPMnQZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQdEl%252BUWb6IhfXxUUpaQyLSopPBR%252FZdgUAk68qrw%253D%253D"
cm.adsafety.net/	1970-01-20 22:08:17	Name: UID Value: CM12023071910af494482f6425a0281c
.adsafety.net/	1970-01-20 22:08:17	Name: cm_uid Value: CM12023071910af494482f6425a0281c
.onaudience.com/	1970-01-20 22:08:17	Name: cookie Value: 35fc9ef4d0ec6059
.onaudience.com/	1970-01-20 13:24:08	Name: done_redirects104 Value: 1
tags.adsafety.net/	1970-01-20 22:08:17	Name: UID Value: 2661833c5693165486eb081c4866da96
tags.adsafety.net/	1970-01-20 22:08:17	Name: DID Value: 2661833c5693165486eb081c4866da96
tags.adsafety.net/	1970-01-20 22:08:17	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 22:08:17	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 14:05:53	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 22:08:17	Name: ct_uid Value: 2661833c5693165486eb081c4866da96
.adsafety.net/	1970-01-20 22:08:17	Name: ct_did Value: 2661833c5693165486eb081c4866da96
.adsafety.net/	1970-01-20 22:08:17	Name: ct_idt Value: 100
.onaudience.com/	1970-01-20 13:24:08	Name: done_redirects147 Value: 1
.krxd.net/	1970-01-20 17:41:53	Name: _kuid_ Value: PrvFLZb6
cm.adsafety.net/	1970-01-20 22:08:17	Name: permanent Value: 1
.rlcdn.com/	1970-01-20 22:08:17	Name: rlas3 Value: 8z8o0D+N7poMMMYyoOLXPORD1GaOOp1p0cSxA+AJnoA=
.adnxs.com/	1970-01-20 15:32:17	Name: uuid2 Value: 3138814902911477935
.adfarm1.adition.com/	1970-01-20 15:32:17	Name: UserID1 Value: 7257472008337881229
ads.smartstream.tv/	1970-01-20 22:08:17	Name: DID Value: 2661833c5693165486eb081c4866da96
ads.smartstream.tv/	1970-01-20 22:08:17	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 22:08:17	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 14:05:53	Name: cm_uid Value: CM12023071910af494482f6425a0281c
.pubmatic.com/	1970-01-20 14:05:53	Name: KRTBCOOKIE_391 Value: 22924-1316003751944374088&KRTB&23263-1316003751944374088&KRTB&23481-1316003751944374088
.pubmatic.com/	1970-01-20 14:05:53	Name: PugT Value: 1689761879
.adnxs.com/	1970-01-20 15:32:17	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GVUnWR%K!]tbPl1M66+q([OUf!3lXucMd_.9o0Z5>(9aZ^qpOz!CquUn-Z3If)y3KL9D3I?+eqp1yT
.agkn.com/	1970-01-20 22:08:17	Name: ab Value: 0001%3AAxGLbwWTQjFOYLDLOQTiNLEg8wEab4Ih
.demdex.net/	1970-01-20 17:41:53	Name: demdex Value: 42489570991076350853961105073688963027
.w55c.net/	1970-01-20 22:54:22	Name: wfivefivec Value: cOO2fvxw1Qm4fR5
.w55c.net/	1970-01-20 14:05:53	Name: matchadform Value: 5
cm.adsafety.net/	1970-01-20 22:08:17	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaL0FCazZ0K1VPR2gvRGVGOGowSWxaYm1CamtEMkc5VDlkQlBMZmJFSXZ1ZnVYVUxiakVuQy94akpoNU1UWWEyUjlGQUg4TVM1dTRkalFpbHpjWVdCdC8rYm9kcG1uOGhSem9oeU1vVU1tbjJNdXdMWEhKWU8wcllib2JVdU14emRVZHQrOFUwOWh3WS9XYXpNSTJqejRmZkZzUU1UODlpNU9wOWJRSEkrdy9KSkp5WWoydUc5UWhQUHpaVUtPVG83NFF4NTdUSERSTDN4a1kwZWZJZVg2RU81NitvbVdjOEJRUGlueVpyekNFb0o0TzdnSTJFTVNPTytWRnZmS3hJV2cwQzh3YXh6M0R5ek1iWnZUdkRMTUlTSE5CeUFoU0VldkpOTjEzT0h0UXZOWC9OVTBaKzM4QjNwMzdiaGp6TGdKcmxkQ3M4b253TEd4TVJPNkw2aEVMWUFTTllWQ0RzTmtmbVBNZ0dTd3pQSmlKYTJrSEZhN1FSVWsvRVlXOVlKMHJlNHlGMTY2YVVpdmFEUHBDbjhhZlg4eExHVnFjTVZSZWNCYWFQaTRnck4rOVYxUjlzT2EvTFZkUDJDdkJEQ3BLcG9BeDBScmZqSjQ0d1dBWjl2MVhDcmorazc1MmRmdzhYSEpMa0ljWmxRMzI1cjN6dmp3RDZza1BsbHFhZjBVa3I2SHJNVUVOVlVPMHFta2N1a0RKL0huT0tWNzAxSGRVU3liQlo1N0ZuMXY2aU5TTmhZbys4a3ZrNVUybHVxOVEvNitFdS90eUtsTW9QMGY4L3Vvem9KejRxdmpocmFqb1RuWmRlWEVFUXZNbEVxUTZjb05zSDYrVnkrV0FHdWx1YVExbFRNd1c3WDhaWXhSelhiWWU3Wm16clVBSnNEbk5meVlMOEU0bVYveDlIS0FsN25CSFpWVDlMbVAvWDYyYmtSdFBKOWxnSnJCR3BBYnduRzZoZmtZWnRDa0M3aTE1NkltVzhyeGJjR3RzeWFNaWVLQXgwbEhMWDBEQktjS1hOazBaTCtXZVVHdWFUWXRFVWIyVks3Uk9pZUJnQTBLbVFPQXJyMjhRS2NvdFM4NlVabXJGMHhoYWFKNWlGMVE9PQ%3D%3D
.bluekai.com/	1970-01-20 17:47:39	Name: bku Value: aG/99aKT+tHUCMQi
.bluekai.com/	1970-01-20 17:47:39	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEWp1ERy1e1lBEW8BexpBpxymeQe9J00Ye/=
.dpm.demdex.net/	1970-01-20 17:41:53	Name: dpm Value: 42489570991076350853961105073688963027
.weborama.fr/	1970-01-20 22:48:37	Name: AFFICHE_W Value: dt7U@SWEIRB272
.liadm.com/	1970-01-20 22:58:41	Name: lidid Value: 1be520c5-eec7-46fb-9aca-db2159013bdb
.id5-sync.com/	1970-01-20 13:22:42	Name: cf Value:
.id5-sync.com/	1970-01-20 13:22:42	Name: cip Value:
.id5-sync.com/	1970-01-20 13:22:42	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:22:42	Name: car Value:
.id5-sync.com/	1970-01-20 13:22:42	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:22:42	Name: callback Value:
.tapad.com/	1970-01-20 14:49:05	Name: TapAd_TS Value: 1689761879552
.tapad.com/	1970-01-20 14:49:05	Name: TapAd_DID Value: c1a57c2c-c5e3-44ac-a7ff-573d0e2e5d21
.tapad.com/	1970-01-20 14:49:05	Name: TapAd_3WAY_SYNCS Value:
.e-volution.ai/	1970-01-20 13:42:51	Name: v_usr Value: 9b260ffe-1ba9-4adc-ae32-a7394910fbf1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newyearseve.winstar.com/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1316003751944374088/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://a.audrte.com/a?adform_uid=1316003751944374088 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10388130.fls.doubleclick.net
6820846.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
action.dstillery.com
action.media6degrees.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
api.adrtx.net
app.hubspot.com
beacon.krxd.net
c1.adform.net
cdn.callrail.com
cdn.calltrk.com
cdn2.hubspot.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
ds.reson8.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
newyearseve.winstar.com
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sojern.com
pixel.tapad.com
pixelconnector.adready.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
tag.simpli.fi
tags.adsafety.net
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tracker.adreadyclick.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
sync.1dmp.io
104.102.35.84
104.18.5.236
104.18.9.110
107.178.244.119
108.156.60.123
108.156.60.27
109.206.161.21
139.162.141.41
141.94.171.216
142.250.184.230
142.250.185.194
142.250.186.162
162.19.138.83
18.194.220.167
18.195.76.244
18.198.126.47
185.167.164.49
185.64.190.80
185.80.39.216
185.86.139.104
193.135.9.135
2.19.126.157
2001:4860:4802:32::36
2001:4860:4802:34::36
216.46.185.182
23.32.185.192
2600:1f18:ed:550f:cd9b:e73a:8f3e:7955
2600:9000:25e8:4400:1b:5138:8a40:93a1
2606:2c40::c73c:67e1
2606:4700:20::681a:81e
2606:4700::6810:88ce
2606:4700::6811:806e
2606:4700::6812:17ea
2606:4700::6812:19c4
2606:4700::6812:873b
2606:4700::6812:ccc9
2606:4700::6813:9a53
2a00:1450:4001:806::2008
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9a
2a02:6ea0:c700::10
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.122.214.165
3.125.138.150
3.125.25.39
3.251.15.90
3.33.220.150
3.75.62.37
34.111.113.62
34.252.7.215
34.90.79.92
35.190.24.218
35.244.159.8
35.244.174.68
37.157.2.248
37.157.6.237
37.157.6.242
37.252.171.22
46.19.11.36
52.215.57.219
52.218.89.179
52.86.229.195
54.145.25.36
54.80.24.65
63.34.168.218
65.9.66.47
69.173.144.139
69.173.144.165
72.246.169.24
76.223.111.18
77.243.51.122
85.114.159.93
91.210.226.72
95.101.148.198
99.80.77.237
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
079fd07df43f60a75950fd808b1d13172ab3f83e82364c07bba31c15369210ac
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dbdfcd85189ad468d9ecf133cbcfcae2aa7ad8d4503ca16e97568e98ae8c3ca
13c416776eaebe30b9ce92dc28caefb447bc283733105146e2af69811a287670
141119699dcc0d53ba8befd796167fb59b2472a6bf7cbce4e3482904d7b5b496
18c2a14f4df0b94031373a3cb9be23d936f61a276c0b3b123cceadf506f66e31
1ad53f8852f9d05834e2baf4d6af337666c668230cd94026519273642efb662b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e7cdc65100f33d14f35d64a6a57237f7bbc49a6eb0dfb1c95984642d1e2b8a9
2084c1509e67082f10d7d74ed3d239fa9885a62dc04adda0d43a57cb7610fc6b
248a01b718ec219e1a5394846fd692c7fb1bb66d0f294b05ba0ac3a91fd539e6
25360c4827237a4c2aa4bd0f89657b003cb6b304298e7bb1e68ec2e591d0c81d
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
267ae9fc7e94327589406ef7e78f538ab69cfb01447664041d5b81400dcfee66
268a0b6dc8101ab696b0fe007013c8f7e0efd82fa6f6fe163ef25977b547b76c
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e8744466c5ff918e7c5dc146e8dec70cfcdbdd60b773f2bcaa5e5409d7512b
364982682ab4efe766b4523e4c6fd39fdde82e28e73f943decd72d4ed76a0318
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
3f6e62851ce3a8e5e2a2847a89a5f414678a76b6d02fd730b6f1fce4603e2fe7
42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3
49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894
4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52f4d3b80aca2322ec4b496d5940807d201cda376084079bf12b11439c5d5ac8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f
590a6a8cb414610012c2d046bea7554d4c4c82728e915d726bdf47aae6c1bf70
5cad7c912466a6e378bac5d13c77412519f5ad75bc7590f7c74d83b079893fc1
5fa2e00b6ff233ede203cc567b04f237d4bd5b57528e64ba54ec8b46db3252e4
604c8c50f6380fb7e7109c87c5d37c9ea36b3e71ae8cbbec969d302d2d5af4b1
63f8715eda59cc7899e6baab3931be3a3e2cb6d0a0eba6c134334c2f9cb506ee
644cd051e1a99703736b2f4a00b68031af230af72b5ee80137b7146e676802a6
678ba3003c80fd831a662d692f8235c1c2254363202a067f1a7aefbc0a790a43
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7714b6fb624c71006e57ac66b8aaa3722bfa62809ad2e6186dc0bc26207d8ad5
7a4c89a85569636f96d06697848153b19e560acf5d6778b8c39f2885c5ed9c78
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ae630525ef97b637e6556d0b2c41c512e752233b9426837c8857a5909c05ad
86517db5b8e43cf3ecd4ecf0b0e50d7743effb3e477c0fa9c99fe06dfa08fd12
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa47cfb176e0b8f1e4ac5ca452888fb45222a802e555a3368460b70c3b8d065
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8ff05617fc9fdd8f1254894f1f20bb4888e89275248abff1172e229172683b3b
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9b946925340916f3b31488e5364761910fbfbeea44f71d6478987ba1858f6cca
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6bbb4c2632625af6166ce6afeb938f4ea69dec1d6d9dcda8d365aa441193077
aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb
b01da0f93819407284da44798f13f56c3ca4ecff50ccfcd82bad4da97b004264
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ab1dcfb21eb45b42de0bdc61434d0b5d7094ef46a742176e5dbc1571a5a62a
b75f3796240aff4c5aa9d820e80b5aa6300d48ee5101fd05c8701c73b53108eb
ba177485fa127b04f069a0f711e37687821c42f7524ad9503638c606dc9e7499
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd0f0b8677a48c5ac19f9a1f29136005e52cce9b9354aaf2a5940bb19c07bcd6
bd71e5c5c98fa323cd7a369df37870ebc0a6ff6d2720c47c04e41a7017e57373
bf2062a427fedf6a9fae7fc2daf517a1ebe5f77d187583d73aa80ea7324aa772
bf6c5a41e84fdb09a39c5e8b6b2266226978cd99f686d28f5095494fb688f6e1
c009d35b1a20408743b36950e80b8a56943246e61794b3d7250617cf5abdb464
c1a7e22aaff8ae13a0e2998dec60d2b1e5195f35269db59f4a9bb7c78a02fd5b
c1ccafe74b42143a1695d10917beeb5a9d1b0df1c9fc480e3f86042340c67848
c1fdeac0fb33261d02bffec5f96594c6ea1bf88c61a51cbbb56d462933acab06
c67be5c64cb2ea58e769dbdf3b2fa46c6c1490828fe2a128622b721fd9f43acc
c7a5ace32d2dfd6d0955b9d63785cb253cef78a15cf19a6b61c919cff2d4dbb2
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d1a92b66f49a41da10e0d15beb7526ce9493a570b9ff9f6c9a31ad04e96f44f0
d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790
d79d9146e2eabb29cdd5d18d8ac5536c218f82b9dd07753ff2f0028a92da07f4
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dc842476878790f09de6f7f990c127b58c3147c9dc625b43ef7628fe77388478
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deefc2edff180044c17173d1c9550583a89ebd667024e9239656492d17e0d12b
e07c77f883e496ad8d4e9f0ed2c5dab298fbc33492fcba889a8b17303d9bdd1b
e0a3b8226c5d94b7b9fe3f0338a99f7cff1330c6d445c7285f0baaac2b2ccd05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a5424d8ffd810913a198e928a9bcee85b7a2c4773eb7c721115e5990162534
e7d19014976e41061a96b12a9b84a9b04262c2c5123973751eb0c41fd8c7e689
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f899b341a2afc67c96450ed28c0eb2a27d5b162a158dfcdcdfa4fb30db7c728b
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

newyearseve.winstar.com Open in urlscan Pro 2606:2c40::c73c:67e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

83 %HTTPS

29 %IPv6

71 Domains

87 Subdomains

64 IPs

11 Countries

1129 kBTransfer

3478 kBSize

95 Cookies

91 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newyearseve.winstar.com Open in urlscan Pro
2606:2c40::c73c:67e1 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

83 %
HTTPS

29 %
IPv6

71
Domains

87
Subdomains

64
IPs

11
Countries

1129 kB
Transfer

3478 kB
Size

95
Cookies

148 HTTP transactions
1 data transactions