winterhawks.com Open in urlscan Pro
13.92.242.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winterhawks.com/
Effective URL:
https://winterhawks.com/
Submission Tags: falconsandbox
Submission: On February 10 via api (February 10th 2023, 7:11:01 pm UTC) from US — Scanned from DE

Summary HTTP 193 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 21 domains to perform 193 HTTP transactions. The main IP is 13.92.242.205, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is winterhawks.com. The Cisco Umbrella rank of the primary domain is 821417.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 20th 2022. Valid for: a year.

This is the only time winterhawks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	13.92.242.205 13.92.242.205	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:21c... 2600:9000:21c7:5800:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
26	2600:9000:214... 2600:9000:214f:ce00:17:9b36:4280:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.216.129.205 52.216.129.205	16509 (AMAZON-02) (AMAZON-02)
21	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
25	52.217.194.57 52.217.194.57	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
3	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	3.217.236.112 3.217.236.112	14618 (AMAZON-AES) (AMAZON-AES)
2	34.206.102.167 34.206.102.167	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
4	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
3	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4001:c19::5e	15169 (GOOGLE) (GOOGLE)
193	30

26 13.92.242.205 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

winterhawks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:5800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:214f:ce00:17:9b36:4280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.whl.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.129.205 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.217.194.57 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

chl-network.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.236.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-236-112.compute-1.amazonaws.com

lscluster.hockeytech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.102.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-102-167.compute-1.amazonaws.com

chlfanbase.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

d9b7b9d4513317ca3ef34bacd123b0c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
54d7ed9f6d8a9cb5eef8b3cf117afd25.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4001:c19::5e (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 d9b7b9d4513317ca3ef34bacd123b0c8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140 54d7ed9f6d8a9cb5eef8b3cf117afd25.safeframe.googlesyndication.com	384 KB
29	amazonaws.com s3.amazonaws.com chl-network.s3.amazonaws.com — Cisco Umbrella Rank: 550187	557 KB
26	whl.ca cdn.whl.ca — Cisco Umbrella Rank: 577603	2 MB
26	winterhawks.com 1 redirects winterhawks.com — Cisco Umbrella Rank: 821417	401 KB
24	twitter.com platform.twitter.com — Cisco Umbrella Rank: 742 syndication.twitter.com — Cisco Umbrella Rank: 1013	747 KB
20	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	405 KB
8	twimg.com abs-0.twimg.com — Cisco Umbrella Rank: 1954 abs.twimg.com — Cisco Umbrella Rank: 1887 pbs.twimg.com — Cisco Umbrella Rank: 768	14 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 67 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	219 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	45 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	150 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8800	696 B
2	chlfanbase.ca chlfanbase.ca — Cisco Umbrella Rank: 533470	2 KB
2	hockeytech.com lscluster.hockeytech.com — Cisco Umbrella Rank: 147928	57 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	239 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 23	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	136 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
1	jwplatform.com content.jwplatform.com — Cisco Umbrella Rank: 3630	41 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 687	30 KB
193	21

	Domain	Requested by
26	cdn.whl.ca	winterhawks.com
26	winterhawks.com	1 redirects winterhawks.com
25	chl-network.s3.amazonaws.com	winterhawks.com
21	platform.twitter.com	winterhawks.com platform.twitter.com syndication.twitter.com
19	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net winterhawks.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.googletagservices.com	winterhawks.com securepubads.g.doubleclick.net
4	abs-0.twimg.com	syndication.twitter.com
4	s3.amazonaws.com	winterhawks.com
3	pbs.twimg.com	syndication.twitter.com
3	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
3	syndication.twitter.com	platform.twitter.com syndication.twitter.com
3	cdnjs.cloudflare.com	winterhawks.com cdnjs.cloudflare.com
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	chlfanbase.ca	code.jquery.com
2	lscluster.hockeytech.com	code.jquery.com
2	www.facebook.com	winterhawks.com
2	www.google-analytics.com	winterhawks.com www.google-analytics.com
2	connect.facebook.net	winterhawks.com connect.facebook.net
1	abs.twimg.com	platform.twitter.com
1	54d7ed9f6d8a9cb5eef8b3cf117afd25.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d9b7b9d4513317ca3ef34bacd123b0c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	winterhawks.com
1	fonts.googleapis.com	winterhawks.com
1	content.jwplatform.com	winterhawks.com
1	code.jquery.com	winterhawks.com
193	31

This site contains links to these domains. Also see Links.

Domain
chl.ca
whl.ca
pdxhwk.com
whllive.com
www.ticketmaster.com
www.iheart.com
watch.chl.ca
spokanechiefstickets.evenue.net
1047thelizard.ca
selectyourtickets.com
radioplayer.vistaradio.ca
ticketsnorth.evenue.net
tickets.seattlethunderbirds.com
everettsilvertips.3dcartstores.com
shopwinterhawks.com
www.audacy.com
www.riversidepayments.com
www.facebook.com
twitter.com
instagram.com
www.periscope.tv
www.pacificoffice.com
www.jackinthebox.com
www.avidcider.com
www.lesschwab.com
www.fredmeyer.com
chlfanbase.ca
www.chl.ca

Subject Issuer	Validity	Valid
chl.ca Go Daddy Secure Certificate Authority - G2	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
jwplayer.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
cluster.leaguestat.com Amazon	`2022-12-25` - `2024-01-22`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://winterhawks.com/
Frame ID: 35434CC42453464E046159CBACF9B6F5
Requests: 112 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwinterhawks.com
Frame ID: E9E168F413A2588229E644E90F810F0A
Requests: 2 HTTP requests in this frame

Frame: https://d9b7b9d4513317ca3ef34bacd123b0c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7992189422E54C9BB5A8E5A56532DC30
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Frame ID: BFE4537DAE7C621250E8FE19A0B643DA
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG5Q6q1t5iqcRKIMVd192E0lC8rOPIvEnXwc9yMGLFE1MiTWr00hArgrKlzqJ5MWaE9NhA_1KHbuY377OdM3Arhv51-YlQad4wZfqp-QplwiD4aCd_adVVM75rQLvUS3kgAhgSSisfuh6xAfHn38HZwacAIJ1TI2x2BETs2mvFpRdg9DFg8klQH0UEN3FLAbRLhuTch9Pv13nf9UbXVXnx80Hha28OxYgm8IICVO3I1Lvf_EueIGqaLYXLpwMrRzhOUWBZU-ifzHQLsAgDKjTYsqFPPBgUxPLluw5RQxD0VXRSDVZ864n_lmZuaUdxjz5Cz1fGgTRAgELDMw0UDqwQ&sai=AMfl-YRzYP02VpXzW0K7tZyafX6bb3BB50m-Bz6ZJ_ZqbF18jIuxppsq8IKeR75mfYtWv25EDVcfg5rCrxXF-niKjElU5n8fkHjW3EO_GKA5K-Fazy5l26_N0weMCfz92alW3njLKXlUwEs6sDJ4y8y6&sig=Cg0ArKJSzD74PVUwGEVvEAE&uach_m=[UACH]&adurl=
Frame ID: B566576C2D1E2ED7EBBF025EA90B276E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk8qKg-3dVM-eh731P2hjJG41ViErbDUF8nTMVRin1xeoLH-fQ5UXk2nqqNFJJjgkq1Y2QLLGg5Eq1jDsPy6111wu1e5uSq1d4nIjsD-yYm3GYGXtmql2CmjP2_LFBVJ_u1FzQKIXM8STHS9toe0BgJ-aw_ZGoAQp2nMac0JMpQZY8Ay9M1qUsAumuwKBnCmfgmb05b0BwA6Du9LdkGwNNZWsxIPj5RvelaSSMtRIIqe66zeySCqVPlrdS8kXQ4Mof7HhQll7Ttb3bOIIZluS4ibm0pOV-jIZ_Mdzibx2by4jrJeONgIia2BsvRiDJK4DqOTaQg0NhBoQz4Gk2So2K&sai=AMfl-YT_4K477CSCixC0mvgtrK_c9-JVSTLBxfbr1_WDU-KnDq4GbZopPlDCXR7MmdSRazzuBeqjPRcslklIiUHWB_QdKAFG1-fYtYkqboFVyca4RSc1BpfwdYbwLvAGmnLzX5QqNT0ejxY4dv80vpsu&sig=Cg0ArKJSzJJ-7bhOYkNaEAE&uach_m=[UACH]&adurl=
Frame ID: E495A3E5748318684C4BFF9118308F41
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2hCdTO16rML37NYF0lCyGraoBI11p4zs32cazRsiWvSc6Pu93TrLMmtgBX2ieDhZRs9jm6CvqLq2Eaiqgy43D1Gi--ejg555A_Gn_scYPTvX_0J735eUPPV5NwrEY9bRY5E9OAuqiEp1nUlbo5MfUH3NznKZVKnbFhkGdFn5Bh_K3pli0hzHQNDF37HQ6xPfPXDKmHupLOOr1easu16QceTOuBi8mm8N2o_uPMJLqFKnME9jTkGO0K9c9Yxa3J6t8WQSHFuLP7TfdoIe0Wc-MeuGNHL60CBOxt3w-XDtmlwHZSlUAWkxi_gLFlYrGlJRWSujYSUWlk9_U1xS7O0_Z&sai=AMfl-YS6B26_-8dBY-BHWZbescDljIhZjjcVyRzp1ZhxV4rkawGjMszMYirm6J-3Csm51oit7K5I1gz3XFuWT57MOtzTM_oAdiXB19QSDSuFisUiQjOheKyTnRG-JHNROthdbzQTrVvyB5IuzeFMG24&sig=Cg0ArKJSzKuqZp7BCBsLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DD3767CAA89C04E8D29A9E2D0408AC06
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2EAD617B584C51D1EE1E92400370C1D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40E72EF276A0575BABBA5D2CF3AFF123
Requests: 2 HTTP requests in this frame

Frame: https://54d7ed9f6d8a9cb5eef8b3cf117afd25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 51A30A50872E14483B8658B82F77786B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzg7akWvB0Odtv-HWUxsGlXjBJk4CpfnHIY9EyhH1yZcll9f8lZtYJuZYPHNbaqanMIBJWWnNiespQ-d2DacKdSxWplYaEe4S6UEeCgX0sCPUOXBNfkEObKsDwz5WM22RZEkOdgNkYBzAltxpUwvKM1a-dbp9sMnEFCynEXjYMqtVc7LVRzkIYDlP3PQwlm2UkCi2baOPB-ZEkgVMMXjddCZXroQTsOEFYGE1qbIezq_1rEM1TenSYnwCy8nX0jBoXyvlPvvNDdDNxFYbCzdh93vHv7aGI-6pKU1HUPu-nA04ngDiStZptYIglnHpdNgGQG52XVRlG8knSWVOwifwnjMaym6LABCs9Q6Ps97fZ_LsR-Jlt&sai=AMfl-YSaqHrUHIhqd6uQZQbfTWFLqcbkUpU1CLJkIZvPQ_5bC2HvkpuoEPbLfxTPLJ98qQ0nBPU_lKr0M_VTX3AXCQ2CTxorLgkYJWG9hdHFmuSn-6EozV4zPob8_jUm-g&sig=Cg0ArKJSzD1OEzLkImWTEAE&uach_m=[UACH]&adurl=
Frame ID: B7925B86904F2ABAB809C2D7195EA1A7
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93FCC7703DA885746F9EF0A759DE350B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F06E93672F03883B488C8B5138D77D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portland Winterhawks – Official site of the Portland Winterhawks

Page URL History Show full URLs

http://winterhawks.com/ HTTP 301
https://winterhawks.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

193
Requests

100 %
HTTPS

76 %
IPv6

21
Domains

31
Subdomains

30
IPs

4
Countries

4924 kB
Transfer

11569 kB
Size

8
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: http://chl.ca/

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-04
Title: SatFeb 4

Search URL Search Domain Scan URL

URL: http://whl.ca/gamecentre/1019119/boxscore

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-05
Title: SunFeb 5

Search URL Search Domain Scan URL

URL: http://whl.ca/gamecentre/1019124/boxscore

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-08
Title: WedFeb 8

Search URL Search Domain Scan URL

URL: http://whl.ca/gamecentre/1019136/boxscore

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-11
Title: SatFeb 11

Search URL Search Domain Scan URL

URL: http://pdxhwk.com/listen/

Search URL Search Domain Scan URL

URL: http://whllive.com/

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/TriCity-Americans-tickets/artist/833511
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-12
Title: SunFeb 12

Search URL Search Domain Scan URL

URL: https://www.iheart.com/live/seattle-thunderbirds-radio-9166/

Search URL Search Domain Scan URL

URL: https://watch.chl.ca/whl_chl

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/portland-winterhawks-tickets/artist/806672
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-16
Title: ThuFeb 16

Search URL Search Domain Scan URL

URL: https://spokanechiefstickets.evenue.net/cgi-bin/ncommerce3/SEGetEventInfo?ticketCode=GS%3ACHF%3AECHF23%3AECHF27%3A&linkID=twcorp-chf&shopperContext=&pc=&caller=&appCode=&groupCode=CHF20&cgc=&dataAccId=883&locale=en_US&siteId=ev_twcorp-chf
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-19
Title: SunFeb 19

Search URL Search Domain Scan URL

URL: https://1047thelizard.ca/

Search URL Search Domain Scan URL

URL: https://selectyourtickets.com/
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-20
Title: MonFeb 20

Search URL Search Domain Scan URL

URL: https://radioplayer.vistaradio.ca/cirx

Search URL Search Domain Scan URL

URL: https://ticketsnorth.evenue.net/cgi-bin/ncommerce3/SEGetEventList?groupCode=CSG&linkID=pghc&shopperContext=&caller=&appCode=
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-22
Title: WedFeb 22

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-25
Title: SatFeb 25

Search URL Search Domain Scan URL

URL: https://spokanechiefstickets.evenue.net/cgi-bin/ncommerce3/SEGetEventInfo?ticketCode=GS%3ACHF%3AECHF23%3AECHF28%3A&linkID=twcorp-chf&shopperContext=&pc=&caller=&appCode=&groupCode=CHF20&cgc=&dataAccId=883&locale=en_US&siteId=ev_twcorp-chf
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-02-26
Title: SunFeb 26

Search URL Search Domain Scan URL

URL: https://tickets.seattlethunderbirds.com/
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-03-04
Title: SatMar 4

Search URL Search Domain Scan URL

URL: https://everettsilvertips.3dcartstores.com/HOCKEY-HAPPY-HOUR-EVERY-FRIDAY-BR-SAVE-UP-TO-43-WITH-A-TICKETDRINK-COMBO_p_2080.html
Title: Tickets

Search URL Search Domain Scan URL

URL: http://whl.ca/scores/2023-03-05
Title: SunMar 5

Search URL Search Domain Scan URL

URL: https://shopwinterhawks.com/collections/team-shop
Title: Team Store

Search URL Search Domain Scan URL

URL: https://www.audacy.com/podcast/the-portland-winterhawks-podcast-1a942/episodes/episode-10-55b00?_branch_match_id=1090701561668786721&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8%2FXSyxNSUyu1EvOz9V3y%2FE3Dy8IzEuvSAIAfa%2FVPiEAAAA%3D

Search URL Search Domain Scan URL

URL: https://www.riversidepayments.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pdxwinterhawks

Search URL Search Domain Scan URL

URL: https://twitter.com/pdxwinterhawks

Search URL Search Domain Scan URL

URL: https://instagram.com/winterhawks

Search URL Search Domain Scan URL

URL: https://www.periscope.tv/pdxwinterhawks

Search URL Search Domain Scan URL

URL: http://whl.ca/standings
Title: View All

Search URL Search Domain Scan URL

URL: https://www.pacificoffice.com/

Search URL Search Domain Scan URL

URL: https://www.jackinthebox.com/

Search URL Search Domain Scan URL

URL: https://www.avidcider.com/

Search URL Search Domain Scan URL

URL: http://www.lesschwab.com/

Search URL Search Domain Scan URL

URL: https://www.fredmeyer.com/

Search URL Search Domain Scan URL

URL: https://chlfanbase.ca/newsletter

Search URL Search Domain Scan URL

URL: https://watch.chl.ca/

Search URL Search Domain Scan URL

URL: http://www.chl.ca/privacy_policy
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winterhawks.com/ HTTP 301
https://winterhawks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

193 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
winterhawks.com/
Redirect Chain

http://winterhawks.com/
https://winterhawks.com/

75 KB
20 KB

422ms
208ms

Document
text/html

13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

59224ea67d5aa56903781a8585ed43fdd2d7dcb2bd00aa1b5b4f577f6aa653c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 114
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 19458
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Feb 2023 19:10:44 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <https://winterhawks.com/wp-json/>; rel="https://api.w.org/"
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Via: 1.1 varnish-v4
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
X-HTTPS: on
X-Varnish: 847710365 845224864
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 10 Feb 2023 19:10:44 GMT
Location: https://winterhawks.com/
Server: Varnish
X-Varnish: 351667450

GET
H/1.1 200
OK polls-css.css
winterhawks.com/app/plugins/wp-polls/ 3 KB
1 KB 105ms
105ms Stylesheet
text/css 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wp-polls/polls-css.css?ver=2.7

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 88
X-Cache: HIT
Connection: keep-alive
Content-Length: 723
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-a94"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Varnish: 848135867 847480765
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:04:56 GMT

GET
H/1.1 200
OK core.css
winterhawks.com/app/themes/base/assets/dist/css/ 246 KB
31 KB 211ms
104ms Stylesheet
text/css 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/assets/dist/css/core.css

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b960786a064acb6d49321b50661407d19bdb255fccc772b8cbc09ba7e75fd17c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 159
X-Cache: HIT
Connection: keep-alive
Content-Length: 31739
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:36:00 GMT
Server: nginx
ETag: "63d15a70-3d9d1"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Varnish: 847710370 847414739
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:06 GMT

GET
H/1.1 200
OK theme.css
winterhawks.com/app/themes/portland_winterhawks/assets/dist/css/ 46 KB
8 KB 311ms
103ms Stylesheet
text/css 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/portland_winterhawks/assets/dist/css/theme.css

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

7c7db879434cdd773cc4d1e052df955b0c6bfbfa7ca601c6ad734e5f06c386fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 162
X-Cache: HIT
Connection: keep-alive
Content-Length: 8024
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:44 GMT
Server: nginx
ETag: "63d15a60-b76b"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Varnish: 351276001 351504225
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:03 GMT

GET
H2 200 jquery-3.5.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 80ms
27ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.0.min.js?ver=3.5.0
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d95"
vary: Accept-Encoding
x-hw: 1676056245.dop259.fr8.t,1676056245.cds256.fr8.hn,1676056245.cds277.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30880

GET
H2 200 0MO0b1Hr.js Show response
content.jwplatform.com/libraries/ 108 KB
41 KB 130ms
39ms Script
text/javascript 2600:9000:21c7:5800:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/0MO0b1Hr.js?ver=4.5.17
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:5800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: e04e0d6996a81441da8774f2568a7dea95f7a34280d0e9540c5ccc91078f4c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:22 GMT
content-encoding: gzip
via: 1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS54-C1
age: 23
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 41374
x-amz-cf-id: Rxho6AKALxIDCZe6g3nk6YzpzP6xfc-Mi9hOH0BdazovExYzR9fSzA==

GET
H/1.1 200
OK lodash.min.js Show response
winterhawks.com/app/themes/base/bower_components/lodash/ 49 KB
19 KB 414ms
205ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/bower_components/lodash/lodash.min.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 156
X-Cache: HIT
Connection: keep-alive
Content-Length: 18514
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 20 Jul 2015 18:25:53 GMT
Server: nginx
ETag: "55ad3d31-c56f"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 349091302 351666925
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:08 GMT

GET
H/1.1 200
OK slick.js Show response
winterhawks.com/app/themes/base/assets/scripts/js/ 69 KB
12 KB 314ms
103ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/assets/scripts/js/slick.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

57d77c8ca1ef7313363b200848555760678e8e85cf356248f5c67180212022c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 162
X-Cache: HIT
Connection: keep-alive
Content-Length: 11620
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-11282"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 351211591 351602476
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:03 GMT

GET
H2 200 WebsiteHeader-1024x200-1024x200.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/07/13152626/ 48 KB
48 KB 281ms
112ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/07/13152626/WebsiteHeader-1024x200-1024x200.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72397114f67b6b23b75b222ec28485726c91e7375d1de7265b4111147a56cb05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 14:03:40 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 13 Jul 2021 22:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 18426
etag: "c9815e97a2d31f047773404d6c0e4944"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 49028
x-amz-cf-id: CnIfDq4VQhSBK3dWJGO_ewRp7ZM4GuCui64TlaZPRV-20BcHKbGs2g==

GET
H2 200 Button-Tickets2-320x80.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/09/20142703/ 14 KB
15 KB 275ms
106ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/09/20142703/Button-Tickets2-320x80.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f686841ee82090a4509f58e149a50b6a43050ba0ddc3ec45543d93dd5ec8189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:59:50 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Sep 2021 21:27:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "7f3003a01805afc8e4ec37559d1dac87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 14546
x-amz-cf-id: fr0QY7qLBcW0m-4naz96x72sr0T38j7guVtiKoYp1imHY4oV1Z5C8w==

GET
H2 200 Button-ListenLive2-320x80.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/09/20143044/ 14 KB
14 KB 277ms
108ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/09/20143044/Button-ListenLive2-320x80.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e37429ad621d5a6978bbc224a988371152aedf039952546769b7e1da24cad15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:59:50 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Sep 2021 21:30:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "a905808b77d7e516681903a0c6382bbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13895
x-amz-cf-id: yBAbSbdwPCArF_c4_xoZgKE2qdsklrIQ6CaMp-sb0XFWrS_UhmZ8Ng==

GET
H2 200 Button-TheApp2-320x80.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/09/20143201/ 16 KB
16 KB 252ms
84ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/09/20143201/Button-TheApp2-320x80.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c8ec9b6c01768711d7f765764202ff1df40a790bc803a206046ea9aaa9a9647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 04:30:01 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Mon, 20 Sep 2021 21:32:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 52845
etag: "80b2fdd0c1cf9982fdbe14af220e7086"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 16057
x-amz-cf-id: ToIKWWdaZ69UxhHv-fpB_ntjg4LOESv1Vx4N1dgtIVwJmcR5L0SkZA==

GET
H2 200 Game-DayLONG-3-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/10102736/ 105 KB
106 KB 592ms
441ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/10102736/Game-DayLONG-3-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73579ea1e51c6fc3988c56864429e3c0498c3680d174386595731768f60edd7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Fri, 10 Feb 2023 18:27:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "93a81cec2ede03f93be755db95d9c7f8"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 107815
x-amz-cf-id: rhvjGynk98SVQX2woiqs7RTW_g9Adgy3CZ5vi-Sd-Ubxlb3PU_iXhA==

GET
H2 200 Podcast-S2Ep10-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/09092927/ 105 KB
105 KB 216ms
64ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/09092927/Podcast-S2Ep10-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdda9dc307a0dccbf42b017786508f7f4ebd6f282ec20da920a5a78f22f9ba42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Feb 2023 17:29:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "ce44b9a7b95d942c269c2868b1b4494d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 107095
x-amz-cf-id: YeAX3zA5BxM2rBwG1CLqLlG3GeVpJ-b9nRC2HTIs69usytmTUEKe1Q==

GET
H2 200 BeerCover-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/06150835/ 79 KB
79 KB 207ms
86ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/06150835/BeerCover-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d45406bf7943d086b568542ae6fa7722a3f74c8674430fe73767a7e9017079ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 02:13:59 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Mon, 06 Feb 2023 23:08:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 61006
etag: "17eabe1f31e64b28896e7e01fda2cb6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 80510
x-amz-cf-id: _ea-mMuEyCZDTZ98gM7g9gSR7an6wZ03utU91E-ql6l2CrgbDbZZ4g==

GET
H2 200 230207_PORvsRD.00_00_01_14.Still026-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/07152517/ 77 KB
77 KB 165ms
44ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/07152517/230207_PORvsRD.00_00_01_14.Still026-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87c0faadba882cd52e4073c03a27dfedffe2a37b56f8b3f9597f8030398113d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 04:30:01 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 23:25:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 52845
etag: "5b4d3eac1226841286cc692144536b02"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 78438
x-amz-cf-id: 7vrtrxi02XfV-toGcR3S93Dq-z7CSnH9Pv_ODm2U6MLR4sdUwcA9ig==

GET
H2 200 Recap-3-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/07223639/ 107 KB
108 KB 218ms
97ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/07223639/Recap-3-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37b85bbba94c797617e03539b8b76d20919f9af349a3cbd0f2eda28d09cdbd4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 07:44:24 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 06:36:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 41182
etag: "c7e3802dc4ca63d1963e1f4629ef03e2"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 110051
x-amz-cf-id: 4w0BTUGOis96W8nkjrluUbNPjtlLj_eEeZj7Kca2970BB030DbQ7Uw==

GET
H2 200 Game-DayLONG-1-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/06162514/ 115 KB
115 KB 199ms
79ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/06162514/Game-DayLONG-1-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2cbb92ab07244e38624ea134fe52e6c95c65d78755fd73555277dbdee64980a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 04:30:01 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 00:25:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 52845
etag: "4bab23475166a88ffade27b2012d9e15"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 117436
x-amz-cf-id: 5csVKfnlJjh4-3hYTS5P4uIT6diOgPAWVyI7M0I4beDpLv0fGLOWUw==

GET
H2 200 WinterhawksWeekly22-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/06093233/ 112 KB
112 KB 233ms
112ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/06093233/WinterhawksWeekly22-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb0dfb1e1e412a4a09d35e5ed8d180ee828535b4b6cb8f37ee5e77bf46460592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 07:44:27 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Mon, 06 Feb 2023 17:32:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 41179
etag: "8c50a21f82b98f63a813b926569d9121"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 114693
x-amz-cf-id: 970aSYznH3G8vb1_rgejkyjpsDYwDC3mtV9t4AKRC16LQbEneFFv2A==

GET
H2 200 LuciusCover-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/06125424/ 62 KB
62 KB 63ms
62ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/06125424/LuciusCover-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc519218d3df40f946f41d5ec30d4352969320afba118a41b09843c423071c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Mon, 06 Feb 2023 20:54:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 18426
etag: "e6e510d7e9ffd59f7833733e83280be5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 63128
x-amz-cf-id: 5ZaqH4ujQi9pTnFHW1eRua554AIIW6Y3QY2yFiVCXNe46eUGSfHpeA==

GET
H2 200 Clinched2023long-730x411.jpg
cdn.whl.ca/uploads/portland_winterhawks/2023/02/04215111/ 104 KB
104 KB 60ms
59ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2023/02/04215111/Clinched2023long-730x411.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b5a685b7c97adef0f149dd00c92a489d0dadc12eab4b1f26118fa0589bc1960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 10:54:54 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Sun, 05 Feb 2023 05:51:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 29752
etag: "9b31cacbd19bb45f9a9ee7ed8a648bdb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 106282
x-amz-cf-id: pN856Y5UJBQwVJ_Ww4EmchbCBBRXsCUsMriy-u_Hesp-rjG1n6St8w==

GET
H2 200 7.14.21-Team-Store-320x100.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/07/14102338/ 12 KB
13 KB 229ms
108ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/07/14102338/7.14.21-Team-Store-320x100.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec80387186a69d6897211a3780d48798ac2e99c59622c2b20a232019ba6042fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 17:23:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "8beca0b44ee4bb13b037f3d4c760cdb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 12501
x-amz-cf-id: KaLayQ15qQMS8S4E6XD5RUVllIWeL1gyGXH07vDiOOdqRBohodxjiA==

GET
H2 200 WebButton-Tickets-320x100.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/07/27122430/ 18 KB
18 KB 218ms
103ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/07/27122430/WebButton-Tickets-320x100.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e4c431acffe61664b87a09240bcc5903a610736874cf23764ff7304d38b9460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 07:44:28 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 19:24:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 41178
etag: "7b70ba6419b7f942e2007ff91fb83d68"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 18255
x-amz-cf-id: 1uI_6-1aH5wPXRyh7B4fxE4xF0vod238oHU0Zp-z92ygy7NJ-EJISg==

GET
H2 200 WebButton-WAHA-320x100.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/09/30173512/ 18 KB
19 KB 226ms
106ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/09/30173512/WebButton-WAHA-320x100.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35f1325fe06bd17f407838798abc94498c203f780d65c9b0eca6def6e8640601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:59:50 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Fri, 01 Oct 2021 00:35:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "0cb396b4b9cfdbf917df17304db0ab63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 18815
x-amz-cf-id: DL50SvPK_kAZqoIV2c63R9qsOKJEL87SfV9lS_fYJzuOaj3_esce7w==

GET
H2 200 RiversidePayments-web.jpg
cdn.whl.ca/uploads/portland_winterhawks/2022/12/13115800/ 89 KB
90 KB 230ms
109ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2022/12/13115800/RiversidePayments-web.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30b1b7e6b654797313d656262bd699c5f8032fec5f6e0a6fb85d8a476cf8d7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 10:54:54 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 19:58:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 29752
etag: "12e18cc6bed4e3f743b8e9eeb7f6b905"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 91259
x-amz-cf-id: 4jncAuJm9UyFn_fGD7l9O5hSOuMecuT8oMHLXO72l7vyb96qle6KIQ==

GET
H/1.1 200
OK facebook_32-3.png
s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142203/ 888 B
1 KB 358ms
132ms Image
image/png 52.216.129.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142203/facebook_32-3.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 32e6c249ab0ed89a4757599ae658aa8b375dd0b293def707512c1c304cdd1d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Last-Modified: Fri, 22 Mar 2019 22:35:18 GMT
Server: AmazonS3
x-amz-request-id: BHK97WDY9KJ8ADS4
ETag: "2ff29ad93f974aed1282a6614cc7344f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 888
x-amz-id-2: E8sIKcwAZVAFJTzUTNm5UL3PqgUlrC09azlNX0G/PMeccMCZAFRh/9j4pfWjw/r7Vns0xRhqESA=

GET
H/1.1 200
OK twitter_32-3.png
s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142202/ 997 B
1 KB 359ms
133ms Image
image/png 52.216.129.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142202/twitter_32-3.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 16746621dcf07b090a84e36e51ae2e086cd8e33ac766b710ba77ac8cb434a50e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Last-Modified: Fri, 22 Mar 2019 22:35:17 GMT
Server: AmazonS3
x-amz-request-id: BHKA68DB3F6MYCF9
ETag: "69548c12268e8f251cdcd9738b66064e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 997
x-amz-id-2: hYEqLk30QJZkxQ4px/V6PhqG904kmMeaM+tuRt8D/KFbB7G/qwEQiPksKcT5UMGbmz8bYXrWnQY=

GET
H/1.1 200
OK instagram_32-1.png
s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142201/ 3 KB
3 KB 361ms
135ms Image
image/png 52.216.129.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142201/instagram_32-1.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cf36ae2031bc2bd5ba66b1874678c9a1adf5b340b6e0eca6a8cbfd8232580ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Last-Modified: Fri, 22 Mar 2019 22:35:14 GMT
Server: AmazonS3
x-amz-request-id: BHK87DM80AQFPCRX
ETag: "77f1638e86326d8d6ede7f7dd92f55bb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2803
x-amz-id-2: kRxtuz2hDk1JS34ACh6GOrbtQtXSZ0pGiwk24ag+f/oVo/JB+gPOzOrGiOe5mW5B47lbf8NFO2Q=

GET
H/1.1 200
OK periscope_1-1.png
s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142201/ 2 KB
2 KB 363ms
137ms Image
image/png 52.216.129.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/whl-network/archive/whl.uploads/app/uploads/portland_winterhawks/2018/10/10142201/periscope_1-1.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 358adf2e67db12d997e5ce9888410f47a207da5c7e9a31f935607157141f3f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Last-Modified: Fri, 22 Mar 2019 22:35:15 GMT
Server: AmazonS3
x-amz-request-id: BHK7TB5BEE8JKWFE
ETag: "b00d6785f2e87e5cd2a7965880fd019d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2017
x-amz-id-2: PXzc5qqg09kSDJhcK4CQXLym4dVDg2eqgjo6RpkwnKTcC4P9WLhl+AqtUlC29Adv+BTj6YAOlXA=

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 165ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Age: 440
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6727)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 crop_937562_18_1409248042.png
cdn.whl.ca/archive/whl.uploads/app/uploads/portland_winterhawks/2016/01/20131410/ 11 KB
11 KB 222ms
107ms Image
image/png 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/archive/whl.uploads/app/uploads/portland_winterhawks/2016/01/20131410/crop_937562_18_1409248042.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5defd39f537078175689b2c41d8edc24dd308172466ef4f397d57edaa90bfda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Fri, 22 Mar 2019 19:45:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "78b3defde3a914bcf31aad5e12141de9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 11212
x-amz-cf-id: WsOQybcT92smdFZT1q89B7UnTgU7EDjKvNJWkMfJnqG_-PGBv_yhiA==

GET
H2 200 1200px-Jack_in_the_Box_2009_logo.svg_-320x306.jpg
cdn.whl.ca/archive/whl.uploads/app/uploads/portland_winterhawks/2014/07/08153115/ 17 KB
18 KB 145ms
25ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/archive/whl.uploads/app/uploads/portland_winterhawks/2014/07/08153115/1200px-Jack_in_the_Box_2009_logo.svg_-320x306.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2abc2e75f03fc78d852028504ac3be821c64e6b5339ca1b2cc3bf912d2857cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 04:30:01 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2019 04:24:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 52845
etag: "74580be83e5055355f0636c1e21bdd2c"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 17864
x-amz-cf-id: RvPsJeFDapIJ_IC_5Qf1w4pXH0txxVqXyB3lmBT56-biilclSTFjDw==

GET
H2 200 Avid-Logo-RGB-01-Bk-320x115.jpg
cdn.whl.ca/uploads/portland_winterhawks/2022/10/04160626/ 7 KB
7 KB 148ms
27ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2022/10/04160626/Avid-Logo-RGB-01-Bk-320x115.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a0333fe00723e5287fa813e4cd7d8e713e6a3e6edafa00875a423ac104a14c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:59:50 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 23:06:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "e8b50484b41a64a8b7bcb923a2ff4837"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7201
x-amz-cf-id: EQ3wmktQPVH7PKH1NRbBEUMPw40kK7WTmcqvc3unqChSQKezq5q5Dw==

GET
H2 200 Big-Box_EveryGameLive.png
cdn.whl.ca/uploads/portland_winterhawks/2021/09/16155502/ 58 KB
58 KB 231ms
110ms Image
image/png 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/09/16155502/Big-Box_EveryGameLive.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f0bff617b5a41e81bb0f9cd8fed6a74fc935b132a39d5a56223c54059f30c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Thu, 16 Sep 2021 22:55:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "3f030567d763f73e9d7f464849622061"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 58964
x-amz-cf-id: DmsX3-7SxV-btPoC_fr9RRiSUbXV7N9XmBXMh0ENEagStZpU3fv71g==

GET
H2 200 Les-Schwab-Bottom-Bar-Ad.png
cdn.whl.ca/uploads/portland_winterhawks/2021/07/08161926/ 18 KB
18 KB 59ms
58ms Image
image/png 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/07/08161926/Les-Schwab-Bottom-Bar-Ad.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e544a6521410631afbe5d8039501bef7b5422b63b9a51ce232ec85780ee5644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 07:44:36 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jul 2021 23:19:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 41170
etag: "03157417ca6efa8174d8888006da9628"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 18288
x-amz-cf-id: --j6Bo8A2T17lra_Jz7dw2sPWlDgxaexSghvO8itmJk9gbaj_XRIGw==

GET
H2 200 FredMeyer_Color-320x165.jpg
cdn.whl.ca/uploads/portland_winterhawks/2022/10/05112956/ 8 KB
8 KB 62ms
62ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2022/10/05112956/FredMeyer_Color-320x165.jpg
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 390e0acb2143adf2cb7d4ebf246e16fe6eb9bdfc5a4eaad4c0ac34a05dd28c9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:59:50 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 05 Oct 2022 18:29:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4256
etag: "4fa5c9b38c38d3337ecc3113f54727fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 8109
x-amz-cf-id: o6RrgHAm7hG-bhyBAvPt5qBCGlgh64e3DVYfHQIhvT59Z0gEuXJjuQ==

GET
H/1.1 200
OK subscribe_en_gray.png
chl-network.s3.amazonaws.com/logos/Events/ 35 KB
35 KB 445ms
137ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/logos/Events/subscribe_en_gray.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ace0a137d8350277658c83324c40ede2e9f33e2f77d191e2dc8840f3999f47d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Last-Modified: Wed, 21 Aug 2019 04:06:26 GMT
Server: AmazonS3
x-amz-request-id: BHK7TW5E7KGTBAD0
ETag: "c22284176a457d206dee0c6150a76e35"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 35645
x-amz-id-2: GcnzaCXzcFUhgyGTNJppWtY6fFCo2gRoyNvPImfWFwWRqcEJa8OZTsfma4zZNBiV5HXsy/JI2ak=

GET
H/1.1 200
OK whl.jpg
winterhawks.com/app/themes/base/assets/images/footer/ 35 KB
35 KB 108ms
107ms Image
image/jpeg 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winterhawks.com/app/themes/base/assets/images/footer/whl.jpg

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

0b88581dafd7a3451529c8aa25b5af8af2e1ca5f328e09ed2d33bd9c74b61990

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Via: 1.1 varnish-v4
Age: 87
X-Cache: HIT
Connection: keep-alive
Content-Length: 35635
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-8b33"
X-HTTPS: on
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Varnish: 847512380 848005559
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Sun, 12 Mar 2023 19:09:18 GMT

GET
H2 200 react-with-addons.js Show response
cdnjs.cloudflare.com/ajax/libs/react/0.12.1/ 610 KB
105 KB 26ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/react/0.12.1/react-with-addons.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fcecb85081c80a441eb0316eb39732e436875c554928f45f8bc509ce0f2f8d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3014702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107457
last-modified: Mon, 04 May 2020 16:15:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbd-98818"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wj5twfgauRwxF1XFPw4np9u65tSVMsbINZ7yGD5r3gH%2BHnZb25d5YOVyK%2B4Uep1eZ4yQhutf47RAzHBAOzLnucUFzfrVQpk1W5REoRA0p6ndAYPzvwUpVLsx%2B3fAxs3Dakr2jAVFzeOs%2FQaGB1jH%2B7yq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7977258d7e9368f2-FRA
expires: Wed, 31 Jan 2024 19:10:45 GMT

GET
H/1.1 200
OK effects.css
winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/style/ 51 KB
4 KB 103ms
103ms Stylesheet
text/css 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/style/effects.css?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2b237f159651404325b27d766fb06380344fcf90ad1150e787c5e566d328edd5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 61
X-Cache: HIT
Connection: keep-alive
Content-Length: 3398
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-ca5c"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Varnish: 351504669 351537175
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:09:44 GMT

GET
H/1.1 200
OK style.css
winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/style/ 4 KB
2 KB 115ms
107ms Stylesheet
text/css 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/style/style.css?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

93af4fbc2475b737b96aa98143e13e1a4dbead00d10adc6fe5c31e1d4a8edd0d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 229
X-Cache: HIT
Connection: keep-alive
Content-Length: 1317
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-1037"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Varnish: 348997518 350850721
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:06:56 GMT

GET
H/1.1 200
OK dashicons.min.css
winterhawks.com/wp/wp-includes/css/ 45 KB
28 KB 113ms
106ms Stylesheet
text/css 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/wp/wp-includes/css/dashicons.min.css?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

5c68cf1f0dca577bf260a647a1e73410fae9b838e3da448412df4b142e4fc123

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 156
X-Cache: HIT
Connection: keep-alive
Content-Length: 28626
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 13 Mar 2019 01:28:54 GMT
Server: nginx
ETag: "5c885cd6-b51c"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Varnish: 351211594 351634996
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:09 GMT

GET
H/1.1 200
OK thickbox.css
winterhawks.com/wp/wp-includes/js/thickbox/ 2 KB
1 KB 115ms
107ms Stylesheet
text/css 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/wp/wp-includes/js/thickbox/thickbox.css?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

5c588697c486d9fab19ec9ad3f47b3592a9fa5363c1aa38ac35dc6e30c1a4222

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 87
X-Cache: HIT
Connection: keep-alive
Content-Length: 888
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 13 Mar 2019 01:28:54 GMT
Server: nginx
ETag: "5c885cd6-997"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Varnish: 847218832 847808448
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:09:18 GMT

GET
H/1.1 200
OK polls-js.js Show response
winterhawks.com/app/plugins/wp-polls/ 3 KB
1 KB 115ms
108ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wp-polls/polls-js.js?ver=2.7

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 87
X-Cache: HIT
Connection: keep-alive
Content-Length: 700
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-bb2"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 351504671 351537034
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:09:18 GMT

GET
H/1.1 200
OK react-mini-router.min.js Show response
winterhawks.com/app/themes/base/bower_components/react-mini-router/dist/ 8 KB
4 KB 199ms
104ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/bower_components/react-mini-router/dist/react-mini-router.min.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8788a6a30bf21825000421a23d09a6a37df58fb2b0e3ce29198896986dcf51b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 156
X-Cache: HIT
Connection: keep-alive
Content-Length: 3305
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 27 Jul 2015 13:58:05 GMT
Server: nginx
ETag: "55b638ed-1fea"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 348997533 350427014
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:10 GMT

GET
H/1.1 200
OK moment-with-locales.min.js Show response
winterhawks.com/app/themes/base/bower_components/moment/min/ 167 KB
46 KB 129ms
107ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/bower_components/moment/min/moment-with-locales.min.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

69d1108b4f184c220f5c3c7780baf395e43679fdc595492c974990627d48fe59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 155
X-Cache: HIT
Connection: keep-alive
Content-Length: 46471
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 28 Jul 2015 04:39:50 GMT
Server: nginx
ETag: "55b70796-29a99"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 351276006 349316737
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:10 GMT

GET
H/1.1 200
OK moment-timezone-with-data.min.js Show response
winterhawks.com/app/themes/base/bower_components/moment-timezone/builds/ 757 KB
40 KB 213ms
212ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/bower_components/moment-timezone/builds/moment-timezone-with-data.min.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

54228ceeac8d975de4b99ad8070bfb419a976a2ac8342e05af5505aadb34ab99

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 229
X-Cache: HIT
Connection: keep-alive
Content-Length: 39913
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 11 Dec 2022 10:11:25 GMT
Server: nginx
ETag: "6395accd-bd47e"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 351504689 350850724
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:06:56 GMT

GET
H/1.1 200
OK jstz.min.js Show response
winterhawks.com/app/themes/base/bower_components/jsTimezoneDetect/ 5 KB
2 KB 110ms
109ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/bower_components/jsTimezoneDetect/jstz.min.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

561f002545e54f4a58fb3a5d4bc881b8d5f55d41fb9bc861a32bb0c8075f0236

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 87
X-Cache: HIT
Connection: keep-alive
Content-Length: 1850
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 25 Feb 2014 15:53:03 GMT
Server: nginx
ETag: "530cbc5f-15be"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 847512372 847480771
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:09:18 GMT

GET
H/1.1 200
OK main.js Show response
winterhawks.com/app/themes/base/assets/dist/scripts/js/ 1 MB
113 KB 161ms
102ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/themes/base/assets/dist/scripts/js/main.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

cff2c87e4604ea4302455aabcb01a42a47e57d4e969809040823faedd9d4fece

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 87
X-Cache: HIT
Connection: keep-alive
Content-Length: 114849
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:36:00 GMT
Server: nginx
ETag: "63d15a70-104392"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 350427829 350203191
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:09:18 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
winterhawks.com/wp/wp-includes/js/ 1 KB
1 KB 119ms
103ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/wp/wp-includes/js/wp-embed.min.js?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 229
X-Cache: HIT
Connection: keep-alive
Content-Length: 750
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 13 Mar 2019 01:28:54 GMT
Server: nginx
ETag: "5c885cd6-57b"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 351211597 351470908
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:06:56 GMT

GET
H/1.1 200
OK front_end_js.js Show response
winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/ 2 KB
1 KB 105ms
104ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/front_end_js.js?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

c7481b4e3aeedf2eeb24dda328415cb0282a363aa2ae276245f07c253c2f32e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 237
X-Cache: HIT
Connection: keep-alive
Content-Length: 706
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-993"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 350427831 351602233
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:06:48 GMT

GET
H/1.1 200
OK thickbox.js Show response
winterhawks.com/wp/wp-includes/js/thickbox/ 13 KB
4 KB 105ms
105ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/wp/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

d1cb79256ad18381fa0fa3517b90188656adf56b03a58f4cea2d0a13d10ec154

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 159
X-Cache: HIT
Connection: keep-alive
Content-Length: 4006
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 13 Mar 2019 01:28:54 GMT
Server: nginx
ETag: "5c885cd6-331c"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 847480933 848070381
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:06 GMT

GET
H/1.1 200
OK jquery.classycountdown.js Show response
winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/ 9 KB
2 KB 102ms
102ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/jquery.classycountdown.js?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b8f2f02c3e9e4b678bff385ec56f8dfc7575dab1e1771760f90e2cce1271d61e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 87
X-Cache: HIT
Connection: keep-alive
Content-Length: 1545
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-2527"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 350040120 351275658
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:04:57 GMT

GET
H/1.1 200
OK jquery.knob.js Show response
winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/ 11 KB
4 KB 105ms
104ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/jquery.knob.js?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e568b89ab7a24e8ca3b48958472485a34dbae97779fa1af4f2fece2105c0fd17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 126
X-Cache: HIT
Connection: keep-alive
Content-Length: 3830
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-2b94"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 351504692 351667011
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:39 GMT

GET
H/1.1 200
OK jquery.throttle.js Show response
winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/ 731 B
996 B 105ms
105ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/jquery.throttle.js?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 162
X-Cache: HIT
Connection: keep-alive
Content-Length: 460
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-2db"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 350040122 348996714
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:08:03 GMT

GET
H/1.1 200
OK jquery.timeTo.min.js Show response
winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/ 15 KB
4 KB 105ms
104ms Script
application/javascript 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterhawks.com/app/plugins/wpdevart-countdown-pro/includes/javascript/jquery.timeTo.min.js?ver=4.5.17

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

60f84e90c5b8308b8b13b3ef2bf2902899eac133f53f562e0432566d773c083e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Age: 237
X-Cache: HIT
Connection: keep-alive
Content-Length: 3644
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 25 Jan 2023 16:35:07 GMT
Server: nginx
ETag: "63d15a3b-3cc4"
X-HTTPS: on
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
X-Varnish: 350427834 351341124
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Expires: Sat, 11 Feb 2023 19:06:48 GMT

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 67ms
26ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 91549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McTCCogGOjPs1QN8YeyqJoGJ2l6GZ1VU%2BwEDx4ToZcbbzE2iQtgTf5PeF61EmN02f2TVjvgBQPgicBwChjJ%2FluQnmHJSLYeuPkepAJo1XT3v27%2BX%2FiAbeIVA5A8QQA40K%2FdWUjpKs3Plie73Ajyh6PW9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7977258c9d3168f2-FRA
expires: Wed, 31 Jan 2024 19:10:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 176ms
76ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,700,300,600

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7fa895719671f50136115e5a8ac3773e46a820cebce1876a5dcb1fa2f095fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 19:06:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Feb 2023 19:10:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
38 KB 162ms
65ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NVL2FS

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1d9b467e4b02d73f01bd0086c4487ce9f977ff09ec3a5595c3defa7545a06f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38188
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Feb 2023 19:10:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 85ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Feb 2023 19:10:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FIv2SAA2WL/ue9PKQ7UX+ag2zCnt4eE+ASvOj3XmyrLmS1P3RR4rHq+06ikWvl+pddJsFM/LmtzDO0aPkRB9cA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 168ms
72ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33a707ba4aa28f51d3187b2952df9b8dd7a425e7d42a693fe78e1d7053f66e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27259
x-xss-protection: 0
server: sffe
etag: "1479 / 739 of 1000 / last-modified: 1676031173"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 19:10:45 GMT

GET
H3 200 Material-Design-Iconic-Font.woff2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/ 37 KB
38 KB 52ms
27ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2107314599f31197adccda24c508f48d662707b8e5d9fa482f19deda91413957

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Origin: https://winterhawks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 588469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38384
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-95f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sibg%2BDARCaDm8jPYkPdNOmHB2NRiJ8v8hC0AHTrS%2Bxek74wLeFE27lqAl6SC1gtXMYVdF7gP3yT0A0uZ3gfhTMxFg8jFxGg0GfDcUuMoDMj4lX3cSY4q54kgSDAyEb%2BjiTI8%2F%2BRTZ7k11X3LDqLSR09I"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7977258deff89bb3-FRA
expires: Wed, 31 Jan 2024 19:10:45 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 136ms
35ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,700,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winterhawks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 08:26:15 GMT
x-content-type-options: nosniff
age: 38670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 08:26:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
34ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 17:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7119
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Feb 2023 19:12:06 GMT

GET
H2 200 1858521834420431 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 147ms
146ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1858521834420431?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e44887e88c52fef90114be1936c2d906601fe161d5a75da061521cdf4adb9b8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Feb 2023 19:10:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rnXrFRBUcssrk4JHBhJoqEa8SXNAjWNaM0MFkLmnZTH6PXpFgMZZIi4LXJdoX3aglGznjAz5DkbjigMsOlk5mQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2023020801.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 149ms
33ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fd5af36d4d26d1e4ec9a195476034c22906f899b48cc738afb0d63c9964fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133093
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 09:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Feb 2024 12:03:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 37 B
583 B 180ms
65ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=winterhawks.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

222b09ef60e3c18fb4000ecf5b16d58f827eb3e9a892a5e56e7484b4d8e51bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:45 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 59ms
58ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=438273368&t=pageview&_s=1&dl=https%3A%2F%2Fwinterhawks.com%2F&ul=en-us&de=UTF-8&dt=Portland%20Winterhawks%20%E2%80%93%20Official%20site%20of%20the%20Portland%20Winterhawks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=108718874&gjid=2062943948&cid=698993412.1676056246&tid=UA-72619048-1&_gid=530184608.1676056246&_r=1&_slc=1&z=1361707939

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winterhawks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:10:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winterhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 99ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1858521834420431&ev=PageView&dl=https%3A%2F%2Fwinterhawks.com%2F&rl=&if=false&ts=1676056245773&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676056245771.653647958&it=1676056245533&coo=false&rqm=GET

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Feb 2023 19:10:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 83ms
29ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-72619048-1&cid=698993412.1676056246&jid=108718874&gjid=2062943948&_gid=530184608.1676056246&_u=IEBAAEAAAAAAACAAI~&z=1179270517

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winterhawks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Feb 2023 19:10:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winterhawks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame E9E1 320 KB
104 KB 19ms
19ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwinterhawks.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1459641
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Feb 2023 19:10:45 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H/1.1 200
OK loadingAnimation.gif
winterhawks.com/wp/wp-includes/js/thickbox/ 15 KB
15 KB 105ms
105ms Image
image/gif 13.92.242.205
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winterhawks.com/wp/wp-includes/js/thickbox/loadingAnimation.gif

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.92.242.205 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:45 GMT
Via: 1.1 varnish-v4
Age: 126
X-Cache: HIT
Connection: keep-alive
Content-Length: 15238
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 13 Mar 2019 01:28:54 GMT
Server: nginx
ETag: "5c885cd6-3b86"
X-HTTPS: on
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-Varnish: 847809114 847414881
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Sun, 12 Mar 2023 19:08:40 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E9E1 919 B
648 B 214ms
133ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwinterhawks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time: 112
date: Fri, 10 Feb 2023 19:10:45 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 10 Feb 2023 19:10:46 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: f4be723fd0d0b450
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 6874a3bd7c85dbaa7d992f967f68f674d8203b96439ee8cc954c7b073dfecfeb
content-length: 326

GET
H/1.1 200
OK index.php Show response
lscluster.hockeytech.com/feed/ 23 KB
23 KB 695ms
229ms XHR
application/json 3.217.236.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lscluster.hockeytech.com/feed/index.php?feed=modulekit&key=41b145a848f4bd67&site_id=2&client_code=whl&lang=en&view=scorebar&numberofdaysahead=10&numberofdaysback=3&league_code=&fmt=json&team_id=208
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.min.js?ver=3.5.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.236.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-236-112.compute-1.amazonaws.com
Software: Apache/2.4.54 () PHP/7.3.33 / PHP/7.3.33
Resource Hash: 65d1898c548f69cd9a39bd28cdcca1a182fde462f821ee8c321949a656c646b0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://winterhawks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Feb 2023 19:10:46 GMT
Server: Apache/2.4.54 () PHP/7.3.33
X-Powered-By: PHP/7.3.33
transfer-encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://winterhawks.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK / Show response
lscluster.hockeytech.com/feed/ 33 KB
34 KB 728ms
267ms XHR
application/json 3.217.236.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lscluster.hockeytech.com/feed/?feed=modulekit&view=statviewtype&type=standings&key=41b145a848f4bd67&fmt=json&client_code=whl&lang=en&season_id=279&stat=division&fmt=json&sort=points
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.min.js?ver=3.5.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.236.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-236-112.compute-1.amazonaws.com
Software: Apache/2.4.54 () PHP/7.3.33 / PHP/7.3.33
Resource Hash: 3de0bbc148583a361d8e69259af778618c7ab7ab7d25d4cd5734451807cd2742

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://winterhawks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Feb 2023 19:10:46 GMT
Server: Apache/2.4.54 () PHP/7.3.33
X-Powered-By: PHP/7.3.33
transfer-encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://winterhawks.com
Cache-Control: max-age=240
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK info Show response
chlfanbase.ca/user/ 84 B
878 B 589ms
117ms Script
text/javascript 34.206.102.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chlfanbase.ca/user/info?callback=loginCheckBelleville&_=1676056245352

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.min.js?ver=3.5.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.102.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-102-167.compute-1.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e85252ecc1f9c7d4e522d473b637e5725bc6d1a3d298c5a75152747ef576535b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Rack-CORS: preflight-hit; no-origin
X-Runtime: 0.004814
Date: Fri, 10 Feb 2023 19:10:46 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.4.6 (Ubuntu)
ETag: W/"6f25341959e6fa3a36e45bf3e2595076"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 68df9afe-10f7-4832-b599-8d88aa0ce06d

GET
H/1.1 200
OK info Show response
chlfanbase.ca/user/ 84 B
878 B 575ms
121ms Script
text/javascript 34.206.102.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chlfanbase.ca/user/info?callback=loginCheck&_=1676056245353

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.min.js?ver=3.5.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.102.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-102-167.compute-1.amazonaws.com

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e85252ecc1f9c7d4e522d473b637e5725bc6d1a3d298c5a75152747ef576535b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Rack-CORS: preflight-hit; no-origin
X-Runtime: 0.004665
Date: Fri, 10 Feb 2023 19:10:46 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.4.6 (Ubuntu)
ETag: W/"6f25341959e6fa3a36e45bf3e2595076"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b37cce42-1db4-4a32-bb76-112ffc1abfa3

GET
H2 200 ScoreboardSponsor.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/07/14155615/ 16 KB
16 KB 22ms
21ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/07/14155615/ScoreboardSponsor.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9772615d6ca9b1622252980880c6f175d6405a13315ff07c1e1cd556d632911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 06:56:52 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 22:56:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 44035
etag: "b07960085a553e76d6f17d786d55df92"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 16456
x-amz-cf-id: cuaXwXL9ljfXv0R4ms4LY2YAJ-A5HuubcbXLrDWXzXsJX24fDIqrrg==

GET
H/1.1 200
OK PHW-Primary_Logo.png
chl-network.s3.amazonaws.com/logos/Portland/ 77 KB
78 KB 119ms
119ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/logos/Portland/PHW-Primary_Logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4940f34a3d6aadc51a3ed5e41e6d10d0a8b2c44cc0b94fee4ce1c2bdd70447a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Last-Modified: Tue, 13 Jul 2021 16:09:30 GMT
Server: AmazonS3
x-amz-request-id: 7AQYFAQNT4PR36SE
ETag: "fe40a52d8ba589b53333b642cc205547"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 79157
x-amz-id-2: tEko/j+J6WM/3aO2BxA1x07B817Fj3Vg31Uytxhxq9O9PZnx4J2Vqljoz2g3rRgdgXFup6Dw3QQ=

GET
H/1.1 200
OK chl.png
chl-network.s3.amazonaws.com/assets/images/logos/ 12 KB
13 KB 346ms
137ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/chl.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bff5d32096624b6cc94f4657b527c06837d449d3a665c45636b17bcb5e9e0c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Last-Modified: Wed, 21 Aug 2019 23:18:16 GMT
Server: AmazonS3
x-amz-request-id: 7AQMMWX03P8S9QGV
ETag: "23923c1694db583ef94ed0ad4d265b15"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12476
x-amz-id-2: kOXo01giPrQCUfRR7+EOUkRClAaY/rvC4cB1s2iixdfHg9a3BpsK5nWFbHmI9IPAIifDXycifeg=

GET
H2 200 WebBackground.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/07/14101637/ 231 KB
232 KB 32ms
31ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/07/14101637/WebBackground.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f065e917c8a1721d98017f8d3756adea0234db5fca27dda41717bdc005c7c77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 17:16:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 15345
etag: "580328c789fbf1574e32d9631194cfdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 236556
x-amz-cf-id: v2W920PDiqK-u-44Uf7I7iQ20n5pjkbodald_MkFjECnA3SBzlh4Uw==

GET
H2 200 WebBackground2.jpg
cdn.whl.ca/uploads/portland_winterhawks/2021/07/14101649/ 204 KB
205 KB 35ms
35ms Image
image/jpeg 2600:9000:214f:ce00:17:9b36:4280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.whl.ca/uploads/portland_winterhawks/2021/07/14101649/WebBackground2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ce00:17:9b36:4280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d80ca47c5b43805ab5bcd7cc0de574dd55b9a5cd0fcdcb7f0b8b1e7c840e11ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jul 2021 17:16:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 15345
etag: "211bf69dc2b45cf51c1934e293d745ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 208998
x-amz-cf-id: kSV5mCR2p6Qnh5sgEEx7L0EdKspWUUkZdFNgoshhMHbQGLfe_SganQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 166ms
55ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winterhawks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 148ms
55ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winterhawks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
21 KB 110ms
108ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=238503064949185&correlator=3539343254279011&eid=31072029%2C31072290%2C44782477&output=ldjh&gdfp_req=1&vrg=2023020801&ptt=17&impl=fifs&iu_parts=3034%2Cweb.chl%2CWHL%2CPortland_Winterhawks&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&adks=3507241290&sfv=1-0-40&prev_scp=location%3DB%26lang%3Deng&sc=1&cookie_enabled=1&abxe=1&dt=1676056246265&lmt=1676056246&dlt=1676056244949&idt=1022&adxs=315&adys=5037&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwinterhawks.com%2F&frm=20&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&ga_vid=698993412.1676056246&ga_sid=1676056246&ga_hid=438273368&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8da9089e1a1d03e062e1daae2cc2a5c1974305d3ebe499e14a791e9150071a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21152
x-xss-protection: 0
google-lineitem-id: 6126926290
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423144445
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winterhawks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
21 KB 95ms
93ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=238503064949185&correlator=3539343254279011&eid=31072029%2C31072290%2C44782477&output=ldjh&gdfp_req=1&vrg=2023020801&ptt=17&impl=fifs&iu_parts=3034%2Cweb.chl%2CWHL%2CPortland_Winterhawks&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=2&adks=3507241289&sfv=1-0-40&prev_scp=location%3DA%26lang%3Deng&sc=1&cookie_enabled=1&abxe=1&dt=1676056246274&lmt=1676056246&dlt=1676056244949&idt=1022&adxs=315&adys=385&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwinterhawks.com%2F&frm=20&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&ga_vid=698993412.1676056246&ga_sid=1676056246&ga_hid=438273368&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa557e9a75fb65682c6c68e8bfd5093f795e64bfbded2699ee8e2b2edb46044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20527
x-xss-protection: 0
google-lineitem-id: 6139147130
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138422488293
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winterhawks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 111ms
110ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=238503064949185&correlator=3539343254279011&eid=31072029%2C31072290%2C44782477&output=ldjh&gdfp_req=1&vrg=2023020801&ptt=17&impl=fifs&iu_parts=3034%2Cweb.chl%2CWHL%2CPortland_Winterhawks&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=3&adks=825836719&sfv=1-0-40&prev_scp=location%3DA%26lang%3Deng&sc=1&cookie_enabled=1&abxe=1&dt=1676056246281&lmt=1676056246&dlt=1676056244949&idt=1022&adxs=972&adys=547&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwinterhawks.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=698993412.1676056246&ga_sid=1676056246&ga_hid=438273368&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe22d3e07e43c6918fec090e87a3afdf0025b909eabcf27338771127c2d8d427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10204
x-xss-protection: 0
google-lineitem-id: 6125968075
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138406773686
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winterhawks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 144ms
69ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f80ee19c55783c8a576292a55d08c0961aa821808a6ee092f02d2bd1d54958e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11254
x-xss-protection: 0

GET
H2 200 container.html Show response
d9b7b9d4513317ca3ef34bacd123b0c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7992 6 KB
3 KB 232ms
70ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d9b7b9d4513317ca3ef34bacd123b0c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 19:10:46 GMT
expires: Sat, 10 Feb 2024 19:10:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 21ms
20ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1858521834420431&ev=Microdata&dl=https%3A%2F%2Fwinterhawks.com%2F&rl=&if=false&ts=1676056246308&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Portland%20Winterhawks%20%E2%80%93%20Official%20site%20of%20the%20Portland%20Winterhawks%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fchl-network.s3.amazonaws.com%2Flogos%2FPortland%2FPHW-Primary_Logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1676056245771.653647958&it=1676056245533&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Feb 2023 19:10:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK timeline.16b53cc33aaa562f8f41a495bf720289.js Show response
platform.twitter.com/js/ 8 KB
3 KB 19ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1459648
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2964
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/6727)
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 pdxwinterhawks Show response
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame BFE4 18 KB
5 KB 273ms
271ms Document
text/html 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

1bd5ed9235bf529d685cb96dd438ae8a28b167c7f1aefcb3068ddf65d583042e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 4875
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 19:10:46 GMT
etag: "4837-UVv4VodAleWMdXd04woKCAjsX1I"
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 6874a3bd7c85dbaa7d992f967f68f674d8203b96439ee8cc954c7b073dfecfeb
x-response-time: 231
x-transaction-id: b65608c5dc331935
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B566 0
0 73ms
72ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG5Q6q1t5iqcRKIMVd192E0lC8rOPIvEnXwc9yMGLFE1MiTWr00hArgrKlzqJ5MWaE9NhA_1KHbuY377OdM3Arhv51-YlQad4wZfqp-QplwiD4aCd_adVVM75rQLvUS3kgAhgSSisfuh6xAfHn38HZwacAIJ1TI2x2BETs2mvFpRdg9DFg8klQH0UEN3FLAbRLhuTch9Pv13nf9UbXVXnx80Hha28OxYgm8IICVO3I1Lvf_EueIGqaLYXLpwMrRzhOUWBZU-ifzHQLsAgDKjTYsqFPPBgUxPLluw5RQxD0VXRSDVZ864n_lmZuaUdxjz5Cz1fGgTRAgELDMw0UDqwQ&sai=AMfl-YRzYP02VpXzW0K7tZyafX6bb3BB50m-Bz6ZJ_ZqbF18jIuxppsq8IKeR75mfYtWv25EDVcfg5rCrxXF-niKjElU5n8fkHjW3EO_GKA5K-Fazy5l26_N0weMCfz92alW3njLKXlUwEs6sDJ4y8y6&sig=Cg0ArKJSzD74PVUwGEVvEAE&uach_m=[UACH]&adurl=

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame B566 22 KB
9 KB 135ms
35ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 15:23:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame B566 3 KB
1 KB 142ms
42ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 15:23:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B566 156 KB
48 KB 121ms
119ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H2 200 15770477329297131865
tpc.googlesyndication.com/simgad/ Frame B566 93 KB
93 KB 178ms
78ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15770477329297131865

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d91c278a354b85fcc2b045157abe874ddc17e073ab3c8a622a5bceca11361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94923
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 10:08:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 19:10:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E495 0
0 72ms
71ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk8qKg-3dVM-eh731P2hjJG41ViErbDUF8nTMVRin1xeoLH-fQ5UXk2nqqNFJJjgkq1Y2QLLGg5Eq1jDsPy6111wu1e5uSq1d4nIjsD-yYm3GYGXtmql2CmjP2_LFBVJ_u1FzQKIXM8STHS9toe0BgJ-aw_ZGoAQp2nMac0JMpQZY8Ay9M1qUsAumuwKBnCmfgmb05b0BwA6Du9LdkGwNNZWsxIPj5RvelaSSMtRIIqe66zeySCqVPlrdS8kXQ4Mof7HhQll7Ttb3bOIIZluS4ibm0pOV-jIZ_Mdzibx2by4jrJeONgIia2BsvRiDJK4DqOTaQg0NhBoQz4Gk2So2K&sai=AMfl-YT_4K477CSCixC0mvgtrK_c9-JVSTLBxfbr1_WDU-KnDq4GbZopPlDCXR7MmdSRazzuBeqjPRcslklIiUHWB_QdKAFG1-fYtYkqboFVyca4RSc1BpfwdYbwLvAGmnLzX5QqNT0ejxY4dv80vpsu&sig=Cg0ArKJSzJJ-7bhOYkNaEAE&uach_m=[UACH]&adurl=

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame E495 22 KB
9 KB 115ms
37ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 15:23:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame E495 3 KB
1 KB 124ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 15:23:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E495 156 KB
48 KB 169ms
168ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H2 200 15023341274992571403
tpc.googlesyndication.com/simgad/ Frame E495 91 KB
91 KB 177ms
101ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15023341274992571403

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f0b9ffd17ba624ba3e929b717ace8279792f1f9b13fbbe8f175fa2c03336be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93064
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 10:13:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 19:10:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD37 0
0 72ms
70ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2hCdTO16rML37NYF0lCyGraoBI11p4zs32cazRsiWvSc6Pu93TrLMmtgBX2ieDhZRs9jm6CvqLq2Eaiqgy43D1Gi--ejg555A_Gn_scYPTvX_0J735eUPPV5NwrEY9bRY5E9OAuqiEp1nUlbo5MfUH3NznKZVKnbFhkGdFn5Bh_K3pli0hzHQNDF37HQ6xPfPXDKmHupLOOr1easu16QceTOuBi8mm8N2o_uPMJLqFKnME9jTkGO0K9c9Yxa3J6t8WQSHFuLP7TfdoIe0Wc-MeuGNHL60CBOxt3w-XDtmlwHZSlUAWkxi_gLFlYrGlJRWSujYSUWlk9_U1xS7O0_Z&sai=AMfl-YS6B26_-8dBY-BHWZbescDljIhZjjcVyRzp1ZhxV4rkawGjMszMYirm6J-3Csm51oit7K5I1gz3XFuWT57MOtzTM_oAdiXB19QSDSuFisUiQjOheKyTnRG-JHNROthdbzQTrVvyB5IuzeFMG24&sig=Cg0ArKJSzKuqZp7BCBsLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DD37 79 KB
27 KB 124ms
122ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33a707ba4aa28f51d3187b2952df9b8dd7a425e7d42a693fe78e1d7053f66e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27259
x-xss-protection: 0
server: sffe
etag: "1479 / 709 of 1000 / last-modified: 1676031173"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD37 156 KB
48 KB 183ms
181ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 122ms
122ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
DATA 200
OK truncated
/ Frame B566 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 302791fe3d680e97a419424b66dc165b5d5b62ca52c4c8985c15fb998aff957c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E495 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a742448fc1031df4278933ccc79c747ad26f6fc0130ac6b6a547e61313d7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl_2023020801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DD37 386 KB
130 KB 42ms
34ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fd5af36d4d26d1e4ec9a195476034c22906f899b48cc738afb0d63c9964fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133093
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 09:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Feb 2024 12:03:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame DD37 37 B
225 B 76ms
68ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=winterhawks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

222b09ef60e3c18fb4000ecf5b16d58f827eb3e9a892a5e56e7484b4d8e51bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H/1.1 200
OK runtime-5988b8a698c47e6a5fbc.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 4 KB
3 KB 20ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 25a8226852cb973c66511a453400192ff1cfe459dc82bbe79e2f7412502c45bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 311402
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2230
Last-Modified: Tue, 07 Feb 2023 04:29:36 GMT
Server: ECS (frb/67BC)
Etag: "c0b4efa7d157c22f937aaa19b6d8f552+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.20f98d7498a59035a762.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 286 KB
94 KB 39ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1459651
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 95842
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
Server: ECS (frb/6727)
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-fd9ef5eb169057cda26d.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 90 B
646 B 67ms
23ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
Server: ECS (frb/6796)
Age: 1459651
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
x-tw-cdn: VZ
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Accept-Ranges: bytes
Content-Length: 90

GET
H/1.1 200
OK _app-de607716f6c37dff4b26.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame BFE4 1 KB
1 KB 80ms
23ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-de607716f6c37dff4b26.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1418379
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 668
Last-Modified: Sat, 14 Jan 2023 17:02:20 GMT
Server: ECS (frb/674D)
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5BscreenName%5D-c33f0b02841cffc3e9b4.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame BFE4 13 KB
2 KB 79ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1459651
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1290
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
Server: ECS (frb/6794)
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/KDYLOkGzYwcqxkInYxTHF/ Frame BFE4 1 KB
1 KB 26ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/KDYLOkGzYwcqxkInYxTHF/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 311402
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 451
Last-Modified: Tue, 07 Feb 2023 04:29:36 GMT
Server: ECS (frb/675D)
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/KDYLOkGzYwcqxkInYxTHF/ Frame BFE4 76 B
631 B 24ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/KDYLOkGzYwcqxkInYxTHF/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Last-Modified: Tue, 07 Feb 2023 04:29:36 GMT
Server: ECS (frb/6723)
Age: 311402
Etag: "abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
x-tw-cdn: VZ
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Accept-Ranges: bytes
Content-Length: 76

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E495 0
0 75ms
73ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkVZx4_ooJY3IG_4ArKmBqmoGWS9czucQf4s2MakZUIjMSXCduaJurbFbZ5Ye-bDBL4y5gPdHnu1psc7hMVZKkHxHnT0Nwocw2PlkoxFpPr2AFLXXD_gIXUxGNzM2rakd44GV9LkYwZs3OKrJRs4D2MzPkyec0s7SspCo8RgANjjmsw3WeaLFcFs1xfd8mC_YTv5RujzMVTRShSWc3ab9lVPwudztoJFP3vigrkFeG-9rTOCoyP4uInk-sHigm1h82NiVIWU8tjxOEJh3RYYMP2kKbn9MXwsEaEg_3Gc91XmxzrNqhRoTQGzQqQ8-G97TflzrmblPjvqSgdAkjXdvscTc&sai=AMfl-YQZHMm6F21h-EEtcRmrTKA7AmXpH7nc5ufHCViSxHxJTCGxcqFJ7NGT2otfrDnP7CcgqXxsHdncYshWPhkZluSYw875ztwPmjKWASzTA_WdIEOdjOPSLbdQFpsKH78ear-7BKysS_PigheSeaz6&sig=Cg0ArKJSzLdboEQVzTIMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
DATA 200
OK truncated
/ Frame DD37 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9b3606084b0cc23997dbb250b62338a537648f4de3f34898ab099d0744621f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B566 0
0 69ms
69ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstY2fHZZBFs7MoFUUrmg0zvunS6wLxObojVwj-uTqYJ3Tbngdb1qQL8jpc3iPwbYj8bKuFa0iIktaPf5yTe1euZBWSBQgj6FoboekKRQKglGKTCYI2tBuAVBNC8P_aUfU9oMGJsjZJjydqfnlKzwTZO5zKEGcos804HtrK7hHTnhcYvs0MWQBGyVVqi32NEL_rv4OWTNt40xSXoW7ObESwPI6rWbxfIgSbzUoLRNT7gox5p52ZjyUOcpqOBOc94pp3kF3M3BajtX6UZnaofaZCpagDqKcYNwSkAsr07RySf33zeRmlCjmL3IwNKNwhkCJmHTGF2LVwxuc2JqO8BYAz1pRA&sai=AMfl-YRwcL9U8XvTvub4DEY_tze7hZj57DjuCb084WIqS5Et__c74UJgUvKY5kMNBfuKsnm9x4sv3MFb0Ve2HhW7-6R618ZH1vuyWqY5brJYQBI9CH7n5iTaEbB76jRZ6WU04G5BLTnj_BtSpPlKgB-5&sig=Cg0ArKJSzIQtidnYRvQHEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2EAD 13 KB
5 KB 37ms
34ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 40E7 783 B
1 KB 170ms
60ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5011e9d03649c09c699bd647bab09fc0e36745ac76db643b3b007b7ec5f46fff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bn4dNi5z--N9NJfHfx0R2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-bn4dNi5z--N9NJfHfx0R2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 19:10:46 GMT
expires: Fri, 10 Feb 2023 19:10:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame DD37 63 KB
23 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c1b263a7ac604e6c9897caf51d2f75228e80657867e6729bc23d60fd2abbd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1729
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23977
x-xss-protection: 0
server: cafe
etag: 15787282341284973041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 19:41:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame DD37 107 B
165 B 78ms
55ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winterhawks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DD37 107 B
165 B 59ms
58ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winterhawks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DD37 48 KB
18 KB 102ms
101ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2369374082788237&correlator=3922565396352282&eid=31072290%2C44782478%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2023020801&ptt=17&impl=fif&iu_parts=3034%2CwebV.chl%2CV.WHL%2CV.Portland_Winterhawks%2CLocal_Inventory&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=1&adks=1188571190&sfv=1-0-40&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsv5hu-7XNHH3MfbYb44akPAEGvQx8Jt7KZ653lAV1kovwfgCZQ1-mrSxRIcdVfFh8R7ZWaa1HfDVcMpRjva2rhlRmj5QI1S02CffnRt5eaTqlwMrKP1n5eHPolbc-T3coQ2Lg5Wv4z_1VCQbNZVT6fYowJTVALSbZ-HxE1N6L7IM49gtaD3FwXvLwKHNmc4lKXHxqQkSVX5YY3tHJVDTKa9ybId32XPrcTFjEpDP0xD5RQlNlGSJs07jhxO5sSasWdb4IK2pE0w0FEcM67DaISBiTW732xXqyM3k3AXWxuXMwZvsoR4jIc-x1sxXrF90eMjID9MDiSmqelhiUlk%252526sai%25253DAMfl-YQvuKrfpy9hTRE446hgsZjD8Gs1ZrqABFYgngeHIt6MD5w9Zfh7EseCZQLlfsAuJ6K7H2u25jOOH8w9I6XXRObtctJPBOzVJAO4yYEWApPKqeC_0lYzLxKsZ5-q2Gpo1cTBlP3ch9xD9F_YERY%252526sig%25253DCg0ArKJSzEtQNd-GS5Q1EAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&prev_scp=lang%3Deng&sc=1&cookie=ID%3D6bc2966ef3c28a4e%3AT%3D1676056246%3AS%3DALNI_MZAKnbgmxQ5xjQODeOT1fJXtRVqqw&gpic=UID%3D00000bb38e315747%3AT%3D1676056246%3ART%3D1676056246%3AS%3DALNI_MYSwY0SVG2kt2zJvBlxZo8-7ZlcZg&abxe=1&dt=1676056246796&lmt=1676056246&dlt=1676056246438&idt=344&adxs=972&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=6q2isvcn8jhh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwinterhawks.com%2F&ref=https%3A%2F%2Fwinterhawks.com%2F&top=https%3A%2F%2Fwinterhawks.com%2F&rumc=2369374082788237&rume=1&frm=23&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=698993412.1676056246&ga_sid=1676056247&ga_hid=70197961&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2542e3290f03d64777ba6a44d5339dcc5f4c1171253bee3600a8dfb854ee51b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18513
x-xss-protection: 0
google-lineitem-id: 6219711801
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138422489259
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winterhawks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
54d7ed9f6d8a9cb5eef8b3cf117afd25.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 51A3 6 KB
3 KB 125ms
68ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://54d7ed9f6d8a9cb5eef8b3cf117afd25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 19:10:46 GMT
expires: Sat, 10 Feb 2024 19:10:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 23 KB
8 KB 21ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1459651
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 7674
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
Server: ECS (frb/669E)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 16.bb98ccd58fb6eb8f4bfc.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 37 KB
12 KB 21ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/16.bb98ccd58fb6eb8f4bfc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: cabd02ba4609884d05887940bedf810aa9da04246eb7a65addf84566b962e687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 311389
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 12051
Last-Modified: Tue, 07 Feb 2023 04:29:36 GMT
Server: ECS (frb/6723)
Etag: "e4b0382b450b9a6fa93b0a502fb72af4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 0.12059cc9aae4f779ab68.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 314 KB
104 KB 25ms
24ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 5bccb3d79dd85afc5c9d3a008ed9a9af4353560cb21084e755b313dbe5eec75b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1459651
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 106305
Last-Modified: Wed, 18 Jan 2023 22:54:32 GMT
Server: ECS (frb/67BA)
Etag: "145185fec2c06c3409682e5df48acdf8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 4.c99a76747fd916e95958.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 244 KB
66 KB 26ms
23ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 805c456f58d00a6ca84ce26e4a0e20d130245ba8c3021dbc775d835701c98779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1459651
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 66820
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
Server: ECS (frb/67BC)
Etag: "813fe12fe49871b42d9cd17b5f80c663+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.7ce6eee59b70f3ddbfbe.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 145 KB
39 KB 23ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.7ce6eee59b70f3ddbfbe.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 64cd16f7aaa4f5b7e73b97df047a273194591f210c99ad50006ebbf4cba53b08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 311402
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 39066
Last-Modified: Tue, 07 Feb 2023 04:29:36 GMT
Server: ECS (frb/6724)
Etag: "f40e09363bedc335a5ea24b46c1e2aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 3.b1380359ca6f00abc25c.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 667 KB
163 KB 20ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/3.b1380359ca6f00abc25c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: f0c2d1028a605b4816fe2767681fb47dbf88a764844e84c929f06cafa63dc9f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 311402
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 166210
Last-Modified: Tue, 07 Feb 2023 04:29:36 GMT
Server: ECS (frb/67F3)
Etag: "d5f48253ae397b1d5da9cfcdba8a9754+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 6.a6115c6dc5672c8323a4.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 2 KB
2 KB 22ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/6.a6115c6dc5672c8323a4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:46 GMT
Content-Encoding: gzip
Age: 1455359
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1276
Last-Modified: Sat, 14 Jan 2023 17:02:21 GMT
Server: ECS (frb/6724)
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK portland_whawks.png
chl-network.s3.amazonaws.com/assets/images/logos/ 15 KB
15 KB 132ms
124ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/portland_whawks.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 66bd092fce44592006374231a0fae5ec437f7e05b289bac992384b9d08e6b0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Last-Modified: Tue, 13 Jul 2021 16:07:41 GMT
Server: AmazonS3
x-amz-request-id: 7AQH18K57N0C4Y8G
ETag: "2ab4d30a41d30981ba69f9df7d1c4922"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15416
x-amz-id-2: Re0qqRP2MV3sEVcGWr2cv1idayRXBdTw2NlEouN4z5DMWB9lqccibIFHIQ4RTTcEFlC8I6VdbFI=

GET
H/1.1 200
OK tri-city-americans.png
chl-network.s3.amazonaws.com/assets/images/logos/ 15 KB
15 KB 124ms
118ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/tri-city-americans.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6c532c566399dcb74dc8e8b97ed1db2f64db94a74c7d5b3df8e201e2ceb8c479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Last-Modified: Wed, 21 Aug 2019 23:21:55 GMT
Server: AmazonS3
x-amz-request-id: 7AQTJ611JK1TGSAA
ETag: "de34e4359b65dfc7a332d356824c2d78"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15437
x-amz-id-2: k6DTW8Jm8+hoQMGpuZMyRvd+RvO53EKfVmv44XVTHBeVBIODTedQ/rTJtc81tzhq6xvHbXyViP4=

GET
H/1.1 200
OK red-deer-rebels.png
chl-network.s3.amazonaws.com/assets/images/logos/ 23 KB
23 KB 252ms
120ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/red-deer-rebels.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: eb7b6117be51bd18178dc8e49235a08a027510910153e0ff2bc418fa22281db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:24:01 GMT
Server: AmazonS3
x-amz-request-id: 9HK61JKDPDGDBH1R
ETag: "af746a58edd896c31ba03bc7c5ba722f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23291
x-amz-id-2: ze0UE28vAR03isXhqpcStd0agxvBCyCvspLaTw6TACrXrBAXLKKxUiGsZQjhK8Ja4rWbhQUNFSw=

GET
H/1.1 200
OK seattle-thunderbirds.png
chl-network.s3.amazonaws.com/assets/images/logos/ 15 KB
15 KB 369ms
136ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/seattle-thunderbirds.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7b972d6ddec7e4e82f8c751ee3dca48ec5377ace7a4c80e00b2b0c1578a074f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:24:11 GMT
Server: AmazonS3
x-amz-request-id: 9HKAKA19408RFTK7
ETag: "95abb3223b5e1000403953f55b971bfb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15483
x-amz-id-2: CUNZpVdncJc6h4isHUojcw0cFphp6DIuIYxX/f6pXLXH28FW1TYdKAGRFD2rO6tpkjAxpJQyM6Y=

GET
H/1.1 200
OK spokane-chiefs.png
chl-network.s3.amazonaws.com/assets/images/logos/ 14 KB
15 KB 243ms
117ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/spokane-chiefs.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62f9875246199db42a24c95dbd2534274a4981982ebc3bdff8fa06abdb9e07d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:21:45 GMT
Server: AmazonS3
x-amz-request-id: 9HK0YX5VMG1REVTF
ETag: "08f139403aa3521e4c31a6967df628e2"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 14741
x-amz-id-2: lAevEagou8Rbtn9P1r4556ea9W7fZR+YHETqlu3tY/OD6P2g/osbaMOKe9SqzkfWZtncjj5lhBE=

GET
H/1.1 200
OK kewlowna-rockets.png
chl-network.s3.amazonaws.com/assets/images/logos/ 19 KB
20 KB 369ms
137ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/kewlowna-rockets.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 89caa9bf3ee9b9011f09c853a87f4326d2e198b91a2f733dff95da4704b1c7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:19:43 GMT
Server: AmazonS3
x-amz-request-id: 9HK2MNP8JH8HXE9Y
ETag: "ac8d4bbc20049a459dc09a8e25abfb90"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19644
x-amz-id-2: dcrwa/4fM7R/8uzw8bDqmLo8VI1cJTPpqiMPFTg8luBFTOhEbCKxjgnV9sFD6PjM4AsWRdmzJ/U=

GET
H/1.1 200
OK prince-george-cougars.png
chl-network.s3.amazonaws.com/assets/images/logos/ 16 KB
17 KB 238ms
131ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/prince-george-cougars.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a8278761c6048158b8c22609bf05c113479c35bb2fb7da38d17d942297d0c083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:23:52 GMT
Server: AmazonS3
x-amz-request-id: 9HKBYADR5FJXG63F
ETag: "6b4f793893c8b753b3e885acb8cfdef1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16718
x-amz-id-2: Pz2DXTKeFTGPmoglf1CPNaDb7Kk2Wjzuj7ns+prnTYQrudXwc1WUSjtPVz09isFyYDs6eN+mi70=

GET
H/1.1 200
OK Everett_shield.png
chl-network.s3.amazonaws.com/assets/images/logos/ 26 KB
26 KB 240ms
137ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/Everett_shield.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9d744df6d313e0f5fec63bb9168692a21496c3acd6177e5d3c1f78cbd374bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Fri, 28 Feb 2020 16:58:21 GMT
Server: AmazonS3
x-amz-request-id: 9HK44FMHR9Y0GAP7
ETag: "cc83e32e0e03404e304c2f505302a307"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 26120
x-amz-id-2: PDUkWXS2PH79PP9Ivsd3JMWn4iHMQ1tNi6PynR0D8OxETNoH5kDeXGfQhfcTNNsRi784PFY8FI8=

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EAD 36 KB
14 KB 76ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 18:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 18:48:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B792 0
0 71ms
70ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzg7akWvB0Odtv-HWUxsGlXjBJk4CpfnHIY9EyhH1yZcll9f8lZtYJuZYPHNbaqanMIBJWWnNiespQ-d2DacKdSxWplYaEe4S6UEeCgX0sCPUOXBNfkEObKsDwz5WM22RZEkOdgNkYBzAltxpUwvKM1a-dbp9sMnEFCynEXjYMqtVc7LVRzkIYDlP3PQwlm2UkCi2baOPB-ZEkgVMMXjddCZXroQTsOEFYGE1qbIezq_1rEM1TenSYnwCy8nX0jBoXyvlPvvNDdDNxFYbCzdh93vHv7aGI-6pKU1HUPu-nA04ngDiStZptYIglnHpdNgGQG52XVRlG8knSWVOwifwnjMaym6LABCs9Q6Ps97fZ_LsR-Jlt&sai=AMfl-YSaqHrUHIhqd6uQZQbfTWFLqcbkUpU1CLJkIZvPQ_5bC2HvkpuoEPbLfxTPLJ98qQ0nBPU_lKr0M_VTX3AXCQ2CTxorLgkYJWG9hdHFmuSn-6EozV4zPob8_jUm-g&sig=Cg0ArKJSzD1OEzLkImWTEAE&uach_m=[UACH]&adurl=

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame B792 22 KB
9 KB 38ms
36ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 15:23:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame B792 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 15:23:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B792 0
0 54ms
53ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvab7HzIxSZeMDSxgdPeuhY9CgtVNtxccCcDFWUsxS6t3Nqi9xSmu1daciEkYE9xr8H17lOt31zf1rxoI0LUri5pJdQg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B792 156 KB
48 KB 93ms
92ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 19:10:47 GMT

GET
H3 200 17560984550516567245
tpc.googlesyndication.com/simgad/ Frame B792 90 KB
90 KB 117ms
116ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17560984550516567245

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a578ee52f0b7bf420e8cbf6d0f1169f0ed4d2f7dd0b4bb20396097a709a4c082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92397
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 10:20:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 19:10:47 GMT

GET
H/1.1 200
OK winnipeg_ice.png
chl-network.s3.amazonaws.com/assets/images/logos/ 19 KB
19 KB 115ms
115ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/winnipeg_ice.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02e608c6ad8956297854d1e43ade97a9e6374908884d5f56a9373772f6d871ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:22:09 GMT
Server: AmazonS3
x-amz-request-id: 9HKEPNMJRFPMXAD5
ETag: "87698bec2c72d5344d9434dfca185cb2"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19330
x-amz-id-2: C5rQ6anpft9piY3g0wogu/04YwaorsIWKOm3nZgnqewKPuba8k0OKPILCN6tvI0AqjANn3/YsFk=

GET
H/1.1 200
OK saskatoon_blades_2022.png
chl-network.s3.amazonaws.com/assets/images/logos/ 20 KB
20 KB 118ms
118ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/saskatoon_blades_2022.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 230c3e83a42e31c69479a0b5116513150c6a5122f392e215bdd6b9c7024c215d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Thu, 22 Sep 2022 06:24:46 GMT
Server: AmazonS3
x-amz-request-id: 9HK00ZHD92K83F8A
ETag: "474a84d7b1be015d2a95cb64e5d6c704"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20312
x-amz-id-2: Ki3grQiBkhhUKmqAXVK2GX1NEejj83alg9UU+MvZdFUVkjQ3lYbICSCwCA5jRG5cGKwDsUYT7UU=

GET
H/1.1 200
OK MJ_Warriors.png
chl-network.s3.amazonaws.com/assets/images/logos/ 31 KB
31 KB 114ms
114ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/MJ_Warriors.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e6404cc7b6b59399f450f6de157b83913eaafc3b581d0665bed9c17f9b86b2b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Thu, 30 Jun 2022 02:33:11 GMT
Server: AmazonS3
x-amz-request-id: 9HK6KXMPJZNWEQD8
ETag: "1e64f660d9354c5df9b87d33e13a40a1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 31758
x-amz-id-2: RSu5ZT3ugDQJMcY4g1EeIS+RNyq6rjTY2iAVHq0wi6Iora87hC1zrKpIHCwSnjnZwlc7W0I6JiA=

GET
H/1.1 200
OK regina-pats.png
chl-network.s3.amazonaws.com/assets/images/logos/ 20 KB
21 KB 118ms
118ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/regina-pats.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d07faeefe6eb627210963a90d61182728af884b0d3ab1371b7d1e20244428d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:24:02 GMT
Server: AmazonS3
x-amz-request-id: 9HK8R01EWND33YN1
ETag: "3210236d0eaa0fd6ccbf4d4325a8cf92"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20877
x-amz-id-2: 0nVFzbxcF9PAGgKAb3qdtfdGB77oBWxDJq2yhWrAIB435oIn8Pp/2Ns2oDCERT8bUuiNdoKyluI=

GET
H/1.1 200
OK brandon_wheatkings_new.png
chl-network.s3.amazonaws.com/assets/images/logos/ 15 KB
15 KB 117ms
116ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/brandon_wheatkings_new.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 120459e4cbb66d070f2b450594adcb1a089689def3ad053fabda219a96c341cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Thu, 22 Sep 2022 06:17:59 GMT
Server: AmazonS3
x-amz-request-id: 9HK1ZEG8XWG2DYZ7
ETag: "a01cc82ddcb72727693c0f6e851e2daf"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15153
x-amz-id-2: Rwnt1jJTLK9qfijJKoA4VkTSF6qxMpT/z8nfh535Dwx33Z9A8WTDg43GtgGZoWUmPfnvRTkHIUw=

GET
H/1.1 200
OK prince-albert-raiders.png
chl-network.s3.amazonaws.com/assets/images/logos/ 19 KB
20 KB 119ms
119ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/prince-albert-raiders.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf5d16994a914fe9eb9c23f3612ab0892bbe378f4498f6d7f4cb0466c2b6a34a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:23:50 GMT
Server: AmazonS3
x-amz-request-id: 9HK607VT38ESEGMG
ETag: "948c4f2bf5bb4037686fb4bf2a995a90"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19732
x-amz-id-2: 8Q9Nwxqry0Z1PhT2fsMjb0iLlVViWFtAHnYQ2gm8FBwGTYUuCKr6KPIDZyjnivY6voh4J9MQuPs=

GET
H/1.1 200
OK lethbridge-hurricanes.png
chl-network.s3.amazonaws.com/assets/images/logos/ 14 KB
14 KB 115ms
115ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/lethbridge-hurricanes.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bac47b7d57c219d0321337a9c67f348582f5d18e18b9d961fb09988c4bc23331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:19:48 GMT
Server: AmazonS3
x-amz-request-id: 9HK05QYA33XEFSHQ
ETag: "e5b6ba59db49e0676f81a1f26123c671"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13893
x-amz-id-2: QkmS7CtVLyPa96Qm/jR7nkxsQ4gWDS3KK7cQ0jGHRlJswWq6v7mcF2uII20zU/RYSuZGpgQU+qA=

GET
H/1.1 200
OK calgary-hitmen.png
chl-network.s3.amazonaws.com/assets/images/logos/ 17 KB
18 KB 119ms
114ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/calgary-hitmen.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45a578287d7426a55c9e1db416f0de940b94acd0693e139c27c50b88018bbee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:17:22 GMT
Server: AmazonS3
x-amz-request-id: 9HK1KBV69WSP8TTF
ETag: "77b37094c47b6003df7c56f4ce689a75"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17800
x-amz-id-2: R5PU3UXmZtuIzBE8OTZtPqCpXfUBcp4xfCrpKRKfr3/AY4J9OxkW2HnsHCCRuYKJzKu9cIzSXtU=

GET
H/1.1 200
OK medicine-hat-tigers.png
chl-network.s3.amazonaws.com/assets/images/logos/ 22 KB
23 KB 118ms
117ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/medicine-hat-tigers.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: de3b63e0c308893fd24db243fc32b0d0066438b9780e1eefa8b91c6111d5e1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:23:31 GMT
Server: AmazonS3
x-amz-request-id: 9HK1HNF1FR8YRF8F
ETag: "736f686c9c6402cbc11c6ff75d062966"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 22867
x-amz-id-2: bRPq0miqghr8fIW9wvwgA5HN1wVpQI+UexTeCPvI/EvNSoSadZT1WiR5Rv+2g5OwYf4AbgOYVZo=

GET
H/1.1 200
OK swift_current_new1.png
chl-network.s3.amazonaws.com/assets/images/logos/ 14 KB
14 KB 119ms
119ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/swift_current_new1.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cfd7285c0fd7d3d3917be0a2af819de5cdf4f2cdbfaf5153e169c0cd75fcfc55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:21:49 GMT
Server: AmazonS3
x-amz-request-id: 9HK0JMPFXC8GTZPN
ETag: "402be59279d85b02b41b44568651ed3e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 14322
x-amz-id-2: B2cdBdmLx9f9YRhgA7blQjRmO2Z6Z5rTzlvNx+a2PxBnfuA72yqpQNtQV1W+DkdpHYcH5ys1WGY=

GET
H/1.1 200
OK edmonton-oil-kings.png
chl-network.s3.amazonaws.com/assets/images/logos/ 27 KB
27 KB 112ms
112ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/edmonton-oil-kings.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0043ef3c3f180c66ef9761ddcd82c208f58ac5ec99954a9009b7158993ad553b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:18:19 GMT
Server: AmazonS3
x-amz-request-id: 9HK770TH3QVTNV74
ETag: "a223009c3fb225b27f1ee563a2720115"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27233
x-amz-id-2: cZ/MzAy1Hhh3HXv8T6uV1VJjJOh+QyBtmZPLwxLgD8VPGX7NaH8X42Av6Ip2piGfO8aL4LtTho8=

GET
H/1.1 200
OK kamloops-blazers.png
chl-network.s3.amazonaws.com/assets/images/logos/ 14 KB
14 KB 116ms
116ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/kamloops-blazers.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b602940f6841d2a924c76d3b0efe62ebe4aac115bab591cccf071313489fa98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:19:43 GMT
Server: AmazonS3
x-amz-request-id: 9HK4YC69Q49QJ9NT
ETag: "55ef1683e5e3fb6683c50f89b837059f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13839
x-amz-id-2: gO/fWLvxuwXzGAZf/3LWbYtRuMmzkPc3XqHofYGuI/izuzLoz+E2slmof/EmEZYc4xY5VsT1z6c=

GET
H/1.1 200
OK vancouver-giants.png
chl-network.s3.amazonaws.com/assets/images/logos/ 19 KB
19 KB 116ms
114ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/vancouver-giants.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd9ae7d7f6d1c701dc1f3acdff0d0e68bace71d2248ee35e1ad40439fb9e049e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:21:59 GMT
Server: AmazonS3
x-amz-request-id: 9HK54HCJ0VT33204
ETag: "bdd567e890af98c0afcce4254176a392"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19403
x-amz-id-2: 9AijZ3Jz7f/2o55P8oeM8o+5BrqV3sVahro0vbDFO49qGhOV7pCEr9HR9kiVQTAdVVHI/qcXEF8=

GET
H/1.1 200
OK victoria-royals.png
chl-network.s3.amazonaws.com/assets/images/logos/ 23 KB
23 KB 115ms
114ms Image
image/png 52.217.194.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chl-network.s3.amazonaws.com/assets/images/logos/victoria-royals.png
Requested by: Host: winterhawks.com
URL: https://winterhawks.com/app/themes/base/assets/dist/css/core.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.194.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e40647ce27e80ab8d555718067d47e08143ba60f8efc26f5e7a55d8426e145b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:48 GMT
Last-Modified: Wed, 21 Aug 2019 23:22:01 GMT
Server: AmazonS3
x-amz-request-id: 9HK8VA6WR59E2RSJ
ETag: "adbf51a96329cf809560f7d5342abe62"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23143
x-amz-id-2: z/B+kshRtphohUS2PuyHNP3DKgNBkaN62LE7cAC4yWtj1LUkDz2pZfip8KT6Q2Jn9kl40idmixU=

GET
DATA 200
OK truncated
/ Frame B792 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab56c9b14415c7c992d6f2ecffcf26b7a9d27a61b48ea11cdb82941f18f94638

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 40E7 0
0 54ms
53ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020801&jk=238503064949185&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H/1.1 200
OK ondemand.Dropdown.8b772010ca5db3c93eb8.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 7 KB
3 KB 22ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8b772010ca5db3c93eb8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Content-Encoding: gzip
Age: 1420545
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2822
Last-Modified: Sat, 14 Jan 2023 17:02:20 GMT
Server: ECS (frb/6795)
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 24 KB
7 KB 21ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: ded840a5f928bf7a6acf3284c66db9072ec9c5380f19c976d25e221f0ce389d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Content-Encoding: gzip
Age: 1459652
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6183
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
Server: ECS (frb/675D)
Etag: "795a024b9fe49518f14d917058dbd4e5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK loaders.card.DefaultCard.68add7235f860a32bff5.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 257 KB
59 KB 19ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.68add7235f860a32bff5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 391380bfef8ff62263e6d1f44a3bfc6ad748b18bb02c1b3b3a14eb5e46f703dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Content-Encoding: gzip
Age: 311375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 60082
Last-Modified: Tue, 07 Feb 2023 04:29:36 GMT
Server: ECS (frb/6794)
Etag: "54ce8b5ea172e59b9213e31b665af547+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 1f51c.svg
abs-0.twimg.com/emoji/v2/svg/ Frame BFE4 1 KB
826 B 104ms
21ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f51c.svg

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e152f7b9c1d9b9c1416c5a942783ff1d2f00d3eef3e1eb8add4a65d020fff05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 19:10:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 681
x-served-by: cache-fty21373-FTY, cache-hhn-etou8220069-HHN
last-modified: Mon, 17 Sep 2018 19:15:44 GMT
etag: "s/RTCN8FHvc9jPY//gl2ww=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 22 Aug 2022 07:25:30 GMT

GET
H2 200 2935.svg
abs-0.twimg.com/emoji/v2/svg/ Frame BFE4 381 B
417 B 103ms
20ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/2935.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f555a06db2e14267885089c85c67b7e285b69d13220e24fa64c7e87c5ed13be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 19:10:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 272
x-served-by: cache-fty21349-FTY, cache-hhn-etou8220069-HHN
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
etag: "CpJSVvoB4H9aeYbB5P7gyQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 17 Mar 2023 07:59:06 GMT

GET
H2 200 1f399.svg
abs-0.twimg.com/emoji/v2/svg/ Frame BFE4 1 KB
789 B 101ms
19ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f399.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3574a06ae60932dac0cc49d0fe5ce4b3b16aa8482154aaf8cabf4701a1c5ad5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 19:10:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 429
x-served-by: cache-fty21336-FTY, cache-hhn-etou8220069-HHN
last-modified: Wed, 21 Feb 2018 22:30:50 GMT
etag: "Wb3MU0wNGtwft1daGkeFpg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 23 Jun 2022 10:57:13 GMT

GET
H2 200 1f3a7.svg
abs-0.twimg.com/emoji/v2/svg/ Frame BFE4 966 B
659 B 102ms
20ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f3a7.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c42f819447dd37c4e596f14d0090e3479e7dfd28f78c510c887baa1ae779b00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 19:10:47 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 513
x-served-by: cache-fty21348-FTY, cache-hhn-etou8220069-HHN
last-modified: Mon, 17 Sep 2018 19:14:56 GMT
etag: "taiS031Zjg5z3OgyEq2FEg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 29 Jun 2023 07:25:37 GMT

GET
H/1.1 200
OK vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js Show response
platform.twitter.com/_next/static/chunks/ Frame BFE4 148 KB
42 KB 22ms
21ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-5988b8a698c47e6a5fbc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 19:10:47 GMT
Content-Encoding: gzip
Age: 1459652
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 41941
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
Server: ECS (frb/67E2)
Etag: "5e006b62c5bde14eb6fa194e2cee465c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 like.4.json Show response
abs.twimg.com/sticky/animations/ Frame BFE4 24 KB
2 KB 277ms
20ms Fetch
application/json 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.twimg.com/sticky/animations/like.4.json

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/3.b1380359ca6f00abc25c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C86) /

Resource Hash

4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
age: 9771568
x-ton-expected-size: 24292
x-cache: HIT
content-length: 1897
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
server: ECAcc (frc/4C86)
etag: "YKYmOkwIx9KztN7bQT7x8g=="
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-transaction-id: 80afab27525733bc
perf: 7626143928
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 10 Feb 2024 19:10:47 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame BFE4 43 B
127 B 140ms
139ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1676056247228%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwinterhawks.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22882908d%3A1675739114429%22%2C%22widget_data_source%22%3A%22screen-name%3Apdxwinterhawks%22%7D&session_id=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/pdxwinterhawks?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=true&hideFooter=true&hideHeader=false&hideScrollBar=false&lang=en&limit=2&origin=https%3A%2F%2Fwinterhawks.com%2F&sessionId=a251f8ff0b81ef1fad7ae5cdf2e35cea24e70f84&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time: 118
date: Fri, 10 Feb 2023 19:10:46 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 10 Feb 2023 19:10:47 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: a9390e372e65f1be
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 6874a3bd7c85dbaa7d992f967f68f674d8203b96439ee8cc954c7b073dfecfeb
content-length: 43

GET
H2 200 GOtnDUzW_normal.jpg
pbs.twimg.com/profile_images/1619411353336426497/ Frame BFE4 2 KB
3 KB 203ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1619411353336426497/GOtnDUzW_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

8bfd5841dcfdc578ea9ebf45dde77b316772369d5f575848ecd518efb4caa342

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 518129
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2263
x-response-time: 114
surrogate-key: profile_images profile_images/bucket/8 profile_images/1619411353336426497
last-modified: Sat, 28 Jan 2023 19:03:28 GMT
server: ECS (frb/6794)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 20c7bcea55109795
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 70afdf8d778e51634dba3ceb56c45fc8c8334dd593e935d134e405dbe9ed95c1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 fpbqq6HK_normal.jpg
pbs.twimg.com/profile_images/1579867633318793216/ Frame BFE4 2 KB
2 KB 198ms
21ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1579867633318793216/fpbqq6HK_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

12d127e3fa79408a5aac507b7f4df576337d2388c6a06d872a80971fd0a5edac

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 261167
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1959
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/7 profile_images/1579867633318793216
last-modified: Tue, 11 Oct 2022 16:10:50 GMT
server: ECS (frb/674D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: df3b977fcfad180f
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 642e55eee9e9e4527ed3c3b813c95799961e67bced854835c355f4ee0240f717
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FoneV_QaEAEIYnF
pbs.twimg.com/media/ Frame BFE4 4 KB
4 KB 193ms
21ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FoneV_QaEAEIYnF?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

7fe82ca2de4362320392976fff1f2da68af14003fcd87b6ca51e44430499164c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 8560
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 4298
x-response-time: 253
surrogate-key: media media/bucket/4 media/1624073609982644225
last-modified: Fri, 10 Feb 2023 15:49:37 GMT
server: ECS (frb/6793)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 9f32336c029f54c2
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: deb1ba07fd391bbccf1671e900413952b2c06f14b6a88de7d7066a79b2275e42
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B792 0
0 68ms
68ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr998JoXCtuLVeC6HPDd4FqUmcCO_u4B5IeZc7CoXC1v2MjX-Wv1FkfsVMhhnhHpwdvspf8YuCai4r0bayxCR_ulITHuwsTVpKToAFS64fjPkgoO0XWt0LhRrJlQX20k4nehRuIrPJSmAY_BnbszVHAs0LfOto_L9dO3opmmyzWP8mbPCbsfVIkkiKkZmliIgsXog4aiBsuYD3ej9sti4H8rmJBeDubcCPNAjl63IG7SU7Gokkt-HtcSmvxbh2GmXlNzcQMxDkS1xIzFJ_0dFqGqeQ9Uga_C4mHn5tgqlrUNkgCdAVqt91zGSyIIWEt-qZ6BVguFZ3gYQGE8tNASxnLU3sPivSsKOuL5AT5JTJ9glXkFSjNYA&sai=AMfl-YTiVSbgvZ65R76CuN0qQBGxi7IXrrda3Nx1anewuw_DiIRmP1632X8LR5oa9BX9sBrhMpJ8XudnLTpJJT4MpliZnnuPjc35RyvSBBJDiaxewYffMCIFIK5RNu_yvQ&sig=Cg0ArKJSzN7iCsl7_OWoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD37 0
0 71ms
70ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf8DWXRq2SlmJeqoRWc4-4UCgcVzGQ9nMsV5QWsQL7OHMsYxHCf9xTdq5eS1rQDt-mK3vLEK33rteEu8lxwQ_Yz8pLVVcFuKJZTwW5iHkhzrwRCmOb79wNURe2iDEwh0Hoh_ilJxf_ZN7raCSRrgWKfBvV3P5_aagVWpqvClpN5U40Hvt6WQuY9kym_RBgrTQriCf_LFMT-scpah1ieyfECaPbzq3zvTmN1uqKzpxVHwu7jgTAIBayKYX8Q8BSVj-ZuduQWlY9tkU2pQaHmmYF_UXhkVC_CxtVMua7VIyhp4SgqC3tX6uRC5edAyLAu2iursVL9uVdoFpwEdkAxs7BAXA&sai=AMfl-YQUF2RxIpNpK11sbYLWCyVEDzar-I2sKnRvwQnc8_XlA1cd_TOWJrD8fy1Sasni-eumrXuLdJd2BZqzH5pwRxZjbe8dwKRvKUsOnpiY4EHFDYmtkM0TXhwnn-Pildx4PcgF0vwgh3mQB6ax6fY&sig=Cg0ArKJSzHn35TRIAjZlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Feb 2023 19:10:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DD37 15 KB
11 KB 70ms
69ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c0e0d8fcad952e4705c85b8b239b6f0830f8ca1bfd43108b6d60843c50d410c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11264
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B792 63 KB
23 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: winterhawks.com
URL: https://winterhawks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c1b263a7ac604e6c9897caf51d2f75228e80657867e6729bc23d60fd2abbd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1730
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23977
x-xss-protection: 0
server: cafe
etag: 15787282341284973041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Feb 2023 19:41:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD37 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=winterhawks.com&doc=complete&pg_h=250&pg_w=300&pg_hs=250&c=1&aa_c=0&av_h=250&av_w=300&av_a=75000&b=0&all_b=0&d=1&all_d=1&ard=1&all_ard=1&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:10:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DD37 17 KB
6 KB 181ms
180ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020801.js?cb=31072290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 19:10:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2EAD 0
10 B 32ms
32ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lNMBIg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame B792 0
234 B 401ms
129ms Ping
image/gif 2607:f8b0:4001:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ldywm5dk&chm=1&c=2369374082788237&ctx=2&qqid=CL_L3YnUi_0CFUTPEQgd3JQG3Q&met.4=fb.7~lb.1r~ol.ac~idt.5h~dt.-43&met.3=733.9s~748.a5~749.a6~742.9s_j~739.ab~738.ac~736.ap~735.bu_1~740.bw_1~113.ey_4~112.ey_5&met.1=1.ldywm4yn~14.5~15.1~16.5~17.5~18.5~19.5~20.5~21.5~22.25~23.25&met.7=CCIQBBgBIAkoCTBTOEpoCnBQeKwCsAEBuAED~CAkQChgBIAooCjAyOCloDHAwePJIgAHGRogBp7MBsAEBuAED~CB4QChgBIAooCjAzOCloDHAyeIAMgAHUCYgBgRWwAQG4AQM~CBsQBhgBIAooCjBGODw~CCoQChgBIAooCjCJATh-~CBcQBhgBIAsoCzDHATi8AWgNcIABeJnUBYAB7dEFiAHt0QWwAQG4AQM~CCIQBBgBIO8CKO8CMLUDOEZo8AJwtAN4rAKwAQG4AQM~CCgQChgBIIgDKIgDMK0DOCVoiQNwqwN41b0BgAGpuwGIAcn5A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c19::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:10:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93FC 13 KB
5 KB 33ms
32ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F06 783 B
536 B 57ms
57ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5d3aab0076e88b115ee176bfbae622a93783186dc613781f3aa183d1b7e9736

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kIEMwoNh4C6x6uRhU0VI7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winterhawks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-kIEMwoNh4C6x6uRhU0VI7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 19:10:47 GMT
expires: Fri, 10 Feb 2023 19:10:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 93FC 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 18:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 18:48:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F06 0
0 54ms
53ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020801&jk=2369374082788237&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93FC 0
10 B 32ms
32ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lwJfKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:10:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B566 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu056s472HICMqT1Pngpvnm5H6n-FZNN6FqSxZ9nzX1sI_rmd4t3cf7zd51cOPqlCDXT_SDNTMh9PcFlsIDvJ13tDOteoNGLOcR17Y_V6xuywjKolNe&sig=Cg0ArKJSzAZO-u_FlzFmEAE&id=lidar2&mcvt=1002&p=385,315,635,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230208&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3507241289&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676056246393&rpt=360&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:10:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
63ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020801&jk=238503064949185&bg=!LC-lL3vNAAaq5O5FiuQ7ADkAdvg8WkIov-4gIyOEtYZq3NyapxfAmapTVLetdvmiylBX-iWBEV9qO3sX3-2yBkoN71N8zbLXMuoCAAACB1IAAAADaAEHCgCPaTSCCDtQiRYCtP1OB67Xwc4tep901RHp4WKrmAjHXaAE2PhK2VyWF9GJOuyPXNSRlUJ_akxvGIpxILMemijP-Fg1Uyc0IWZ_qH5uVc9UC4xhKohCqBEIGd-MPr8HsibJwVpnF2H9bqhDehJECw7g6yTngskyiUmV0Tev5sXr9x-d-8fJIlkRwPyHOfH4ZJmZAp_OVYQ8iyfzgDZpDMm9zGDw2eIE3qxegEZ5wATcq1zkPR71hy9OY0v34X7y-HjOwA5Oxk2UOrbJNY4QHm6TgMWyXmZFMn0vpC6oA5bYXKcQHdHOOun31IkFpXWp6_z7pyagu_SWMBOlokQrNYUwov06PW5zK9LGeFCpttjxOxk2Yhp-gpjY0RT7QRK0KLtrvYsGytmrrB8ffWy5tZoyNdlyLqEZ3MZxFqYWioG7ghl6vsUdZg37ZOIL-sdKdNKwh2FssmbO3J3Mgredhzn4zOqU85lFjDkbZS_hEse6lCPBgekEVB5e3-onPJR9FQGUYJOpJLQxhPWOMWJVEJL3C66qnHJmygyKuT2t4-RhFASQZA-yX0USW1Lo-WHGHq0YvGDH3K1sNIRiuwkWN_g9HXBgq1g7NQM1N1mUV64P__NFBnro23irdr8OdiqHaT3pcCwFvhHHxs59tV8EiROpKO3JOhTUme6Owi2m8ZkqTC-xKExgI0NQprniFLeE_hTHvEVX1wcN5I4WgOyOZ5_NmvIjJwfuLQgPx3AeSX97Jm3LfQ9DiPQPBssoj6Ger85N089YiydNfcS3zH4_g8qjd7TJh_Bjb3eM9R2krlMsp5wo54byTZP9VaMoQPcpJmKqnrTbxrgmnDb1QfPswtf9zyflWIXwZ_ivpyYEO2aX7EeNREm2z2OhrRh0kN0sGzJEU-KU_WPesz8iJvO6dZPldpwAfUWn2lATtzbb1QIJbOPCwLS84a0NDW20kuy9qL-BsJOM2bzfIT9g-AEYCUQBWG9DHCQVNIzonFtrcqWbYEeDcw6EtlL9H4m8HxuLnQ92PDUfenZ0hP4LmyXooOT0Bo0buNeb0T9AKTtI8yeMsvNqk4vAThClCjMjnGutIurd6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD37 0
0 57ms
57ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020801&jk=2369374082788237&bg=!IyClIHTNAAaq5O5FiuQ7ADkAdvg8WsqzxHwRL1W8K7LMzrgKaqzAkbIHgI_3jSuDHMafAw8TRf5oOGOoN7dWv-QKCVs9FsLh8L8CAAAAWVIAAAACaAEHmQK0v7Bcl0htfdU_lL3AZxk3B5fTMEkBJ43WYv2kT9qDW5YNs59pYYzgvBv6Fgi0rP7grTXNmq6nom4kfiV6nvzObcDBdrK68FoNB1ZtD4M9hb4QJk2UwWayPZFsP0Tiz1Z4hbk6uzTwZEyKkcPQn90_YXnmAhy5w08TKPHM5F5j_031nj5YPnVVEMBUydB_lFsDj6fRe4rJvQWDkzBOw44T-NbhcED5KWa-2fihbea-606morsVdw1AcasfjZ9fwFE_mjRxGboNH5CsrRuYCsKKNUrA4RW2aOdSiYDxy5S5aO9sazlgQbP12Wf6xtGJdK-9uFCCTlOOIaynilB1gUqpYLFZipZrFDFBTdiI2Scibad90P3MM1pqfqwXx3jKYah21SDd-kYgdhQ6HkJcmZLSDmYARDpDm4QCQVceiuAHzw82MvrYvEeu4rlE5Qzh-Y516A4r1dTUYd0rqcqSfvlV0HbGSZI7We4HmzSXMO4KzHB1vOTa2K43WsIWcWVs9O-OJeC51N_KQGWETVG5IDFGNSswdtbsncTVw0hAhHc25MbmjgALT1qFeHKQEL2pcDRJcP6vTSlqO-RUBe_7Vpn_cV0T1MQITogW3Z9gJzuHWWA4psinawRmTg4CfTYUdGy3D0VxOwZ7DBZITC19Wp8ll2YMQAZuUN2139TRFgvb3ea__Cl0HMPUFErkCzCKvPeAUzpaG3qtnNq1FuYj08dAA8e8pFQNxak4iLW-Nb-b_6OfUJO8sWtIxcFB-UHN-kV5vRZuHml_Sv04crPiWeev1zLZ-sr3Yt67ywPawAHLue6rRsw2jRbha9esrjeYrMeEoYlAlrEVJVGxQCQ_ryYed_ira8nuF5LTohHBZuT9he0_nQa3OsYCILe-klX8_-SZnCk-cEFhY_ZZMjpX5sKLg7ViqiU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD37 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxirEs5Nb7Hl692u2rbtn207CZUJXg3uzoO_omN0B9cwu80jVkZKVrAId07h46j_Mg2cRdJmhFYJkQaspJvyVW6L7S4-uZmhIlx1Tw0-bsY0Kaupjo&sig=Cg0ArKJSzBbKK94gMH_1EAE&id=lidar2&mcvt=1000&p=797,972,1047,1272&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=825836719&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676056246438&rpt=877&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B792 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudq_k8X0LCxwnHhUngetgxsqPNxUcOS4z8gxmmQ7R_ChzN1SKt2kEOHlwr1fqqGK8OlwGGye7Iz2ZH-IijUH9IGmU-W7c9leGN5g-ngM4vzstrp6KI&sig=Cg0ArKJSzKb92CVq3U2JEAE&id=lidar2&mcvt=1002&p=797,972,1047,1272&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230208&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1188571190&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676056246943&rpt=366&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DD37 0
54 B 129ms
128ms Ping
image/gif 2607:f8b0:4001:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ldywm4wf&c=2369374082788237&e=31072290%2C31061691%2C31061693&ctx=1&met.9=1.5e~13.8z~2.9l~9.0~3_1.a1~7_1.0~4_1.dt~5_1.dv~6_1.e7&met.3=74.9o~947.9o~43.9o~45.9o~49.9o~91.9p~95.9p~77.9o_1~724.9q_1~894.9r~894.9s~808.a2~808.a2~112.bt_2~646.dt~800.dt~800.dt~800.dt~800.dt~800.dt~774.e7~653.e7_4~801.ec~801.ec~844.ec~844.ec~825.ec~355.ec~825.ec~647.ed~965.ed~783.fi~863.fp~680.fv~824.fv~824.fv~863.n2~863.nh~738.od~749.od_3~94.og~863.oi~863.oi~736.op_1~863.ot~863.ox~947.oy~573.oy~598.oy~113.ox_2~735.pt_1~740.py_1~863.q2~680.yg~734.1gi_2~735.1gq_1&met.10=1_1.IO4CEAAIABiAmHUoAQ&met.7=CCIQBBgBIAcoBzBSOEpoC3BReKwCsAEBuAEDwAH2j4S6Bg~CDsQChgBIAgoCDCaATiSAWgLcIUBeKfXAYAB-9QBiAGA-ASwAQG4AQPAAeLN6pYJ~CCoQChgBIAgoCDDQATjIAcAB6O6lvQM~CA4QChgBIMMBKMMBMLsCOHhozwFw8QF4kZIIgAHljwiIAaSMGLABAbgBA8AB--iLdg~CDwQDRgBIMUBKMUBMJUCOFBozwFwlAJ41QKAASmIASWwAQG4AQPAAejUr80J~CCgQChgBIN0CKN0CMIIDOCVo3wJwgAN41b0BgAGpuwGIAcn5A7ABAbgBA8ABm-H6cA~CC8QBxgBIOICKOICMJ4DODxo4wJwnQN4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CC8QBxgBIOECKOECMLEDOE9o-AJwrwN4kAOAAWSIAWuwAQG4AQPAAe21srAK~CA8QDRgBIOoCKOoCMNIDOGho6gJw0AN4_ZIBgAHRkAGIAeGBA7ABAbgBA8ABv96a6wY~CBsQBRgBIOwCKOwCMOsDOH9opgNw6gN4iReAAd0UiAGSMLABAbgBA8ABt761kAc~CCcQDRgBIPEGKPEGML4HOE1o8wZwuAd4rFqAAYBYiAHLdLABAbgBA8AB8_LLrgs~CBwQBhgBIIMHKIMHML8HODxohAdwuwd4rAKwAQG4AQPAAZSE4rUO~CCIQBBgBIPAGKPAGMLoHOEpo8wZwuQd4rAKwAQG4AQPAAfaPhLoG~CCcQChgBINIHKNIHMIwJOLkBwAHiwZvaBQ~CCcQBRgBIJEJKJEJMLQJOCPAAZmVn6AL~CBsQBRgBIJIJKJIJMM0JODvAAc_G2uIB~CBwQBhgBIMIOKMIOMP0OODvAAaHZ1rIJ&met.1=1.ldywm4km~14.5~15.0~16.5~17.5~18.5~19.5~20.5~21.5~22.90~23.90&qqid.1=CL_L3YnUi_0CFUTPEQgd3JQG3Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c19::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winterhawks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:10:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winterhawks.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fkdcgj25h3ufv7eh9go4jjodg4
.winterhawks.com/	1970-01-20 19:10:16	Name: _ga Value: GA1.2.698993412.1676056246
.winterhawks.com/	1970-01-20 09:35:42	Name: _gid Value: GA1.2.530184608.1676056246
.winterhawks.com/	1970-01-20 09:34:16	Name: _gat Value: 1
.winterhawks.com/	1970-01-20 11:43:52	Name: _fbp Value: fb.1.1676056245771.653647958
.winterhawks.com/	1970-01-20 18:55:52	Name: __gads Value: ID=6bc2966ef3c28a4e:T=1676056246:S=ALNI_MZAKnbgmxQ5xjQODeOT1fJXtRVqqw
.winterhawks.com/	1970-01-20 18:55:52	Name: __gpi Value: UID=00000bb38e315747:T=1676056246:RT=1676056246:S=ALNI_MYSwY0SVG2kt2zJvBlxZo8-7ZlcZg
.doubleclick.net/	1970-01-20 18:55:52	Name: IDE Value: AHWqTUkgFFRiRVOro4zGnZY6elh7SJJpeVjC9eNt2rXgh1C5nDAR31RYSLfRxQpuWAA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://winterhawks.com/(Line 16) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

54d7ed9f6d8a9cb5eef8b3cf117afd25.safeframe.googlesyndication.com
abs-0.twimg.com
abs.twimg.com
adservice.google.com
adservice.google.de
cdn.whl.ca
cdnjs.cloudflare.com
chl-network.s3.amazonaws.com
chlfanbase.ca
code.jquery.com
connect.facebook.net
content.jwplatform.com
csi.gstatic.com
d9b7b9d4513317ca3ef34bacd123b0c8.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
lscluster.hockeytech.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
s3.amazonaws.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
winterhawks.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.244.42.200
104.244.43.131
13.92.242.205
2001:4de0:ac18::1:a:3b
2600:9000:214f:ce00:17:9b36:4280:93a1
2600:9000:21c7:5800:1:a3fa:7cc0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:190e
2607:f8b0:4001:c19::5e
2a00:1450:4001:812::2002
2a00:1450:400d:802::2002
2a00:1450:400d:804::2008
2a00:1450:400d:806::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::2003
2a00:1450:400d:80d::2004
2a00:1450:4025:401::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.217.236.112
34.206.102.167
52.216.129.205
52.217.194.57
0043ef3c3f180c66ef9761ddcd82c208f58ac5ec99954a9009b7158993ad553b
02e608c6ad8956297854d1e43ade97a9e6374908884d5f56a9373772f6d871ce
07d91c278a354b85fcc2b045157abe874ddc17e073ab3c8a622a5bceca11361d
0a0333fe00723e5287fa813e4cd7d8e713e6a3e6edafa00875a423ac104a14c8
0b88581dafd7a3451529c8aa25b5af8af2e1ca5f328e09ed2d33bd9c74b61990
0c0e0d8fcad952e4705c85b8b239b6f0830f8ca1bfd43108b6d60843c50d410c
0c8ec9b6c01768711d7f765764202ff1df40a790bc803a206046ea9aaa9a9647
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0e544a6521410631afbe5d8039501bef7b5422b63b9a51ce232ec85780ee5644
120459e4cbb66d070f2b450594adcb1a089689def3ad053fabda219a96c341cc
12d127e3fa79408a5aac507b7f4df576337d2388c6a06d872a80971fd0a5edac
16746621dcf07b090a84e36e51ae2e086cd8e33ac766b710ba77ac8cb434a50e
1bd5ed9235bf529d685cb96dd438ae8a28b167c7f1aefcb3068ddf65d583042e
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba
2107314599f31197adccda24c508f48d662707b8e5d9fa482f19deda91413957
222b09ef60e3c18fb4000ecf5b16d58f827eb3e9a892a5e56e7484b4d8e51bb7
224546ee41f8aacc21cb2067284a16ce5fffd04bbf79a5e4fc04c810dfe6ce67
230c3e83a42e31c69479a0b5116513150c6a5122f392e215bdd6b9c7024c215d
2542e3290f03d64777ba6a44d5339dcc5f4c1171253bee3600a8dfb854ee51b4
25a8226852cb973c66511a453400192ff1cfe459dc82bbe79e2f7412502c45bc
27fd5af36d4d26d1e4ec9a195476034c22906f899b48cc738afb0d63c9964fc9
2abc2e75f03fc78d852028504ac3be821c64e6b5339ca1b2cc3bf912d2857cf0
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2b237f159651404325b27d766fb06380344fcf90ad1150e787c5e566d328edd5
2e37429ad621d5a6978bbc224a988371152aedf039952546769b7e1da24cad15
2fcecb85081c80a441eb0316eb39732e436875c554928f45f8bc509ce0f2f8d8
302791fe3d680e97a419424b66dc165b5d5b62ca52c4c8985c15fb998aff957c
30b1b7e6b654797313d656262bd699c5f8032fec5f6e0a6fb85d8a476cf8d7b5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32e6c249ab0ed89a4757599ae658aa8b375dd0b293def707512c1c304cdd1d04
33a707ba4aa28f51d3187b2952df9b8dd7a425e7d42a693fe78e1d7053f66e32
3574a06ae60932dac0cc49d0fe5ce4b3b16aa8482154aaf8cabf4701a1c5ad5e
358adf2e67db12d997e5ce9888410f47a207da5c7e9a31f935607157141f3f0a
35f1325fe06bd17f407838798abc94498c203f780d65c9b0eca6def6e8640601
37b85bbba94c797617e03539b8b76d20919f9af349a3cbd0f2eda28d09cdbd4a
390e0acb2143adf2cb7d4ebf246e16fe6eb9bdfc5a4eaad4c0ac34a05dd28c9e
391380bfef8ff62263e6d1f44a3bfc6ad748b18bb02c1b3b3a14eb5e46f703dc
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3de0bbc148583a361d8e69259af778618c7ab7ab7d25d4cd5734451807cd2742
3fa557e9a75fb65682c6c68e8bfd5093f795e64bfbded2699ee8e2b2edb46044
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
45a578287d7426a55c9e1db416f0de940b94acd0693e139c27c50b88018bbee1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4940f34a3d6aadc51a3ed5e41e6d10d0a8b2c44cc0b94fee4ce1c2bdd70447a5
4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
4e44887e88c52fef90114be1936c2d906601fe161d5a75da061521cdf4adb9b8
5011e9d03649c09c699bd647bab09fc0e36745ac76db643b3b007b7ec5f46fff
54228ceeac8d975de4b99ad8070bfb419a976a2ac8342e05af5505aadb34ab99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561f002545e54f4a58fb3a5d4bc881b8d5f55d41fb9bc861a32bb0c8075f0236
57d77c8ca1ef7313363b200848555760678e8e85cf356248f5c67180212022c5
59224ea67d5aa56903781a8585ed43fdd2d7dcb2bd00aa1b5b4f577f6aa653c0
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59f0b9ffd17ba624ba3e929b717ace8279792f1f9b13fbbe8f175fa2c03336be
5bccb3d79dd85afc5c9d3a008ed9a9af4353560cb21084e755b313dbe5eec75b
5c588697c486d9fab19ec9ad3f47b3592a9fa5363c1aa38ac35dc6e30c1a4222
5c68cf1f0dca577bf260a647a1e73410fae9b838e3da448412df4b142e4fc123
5f0bff617b5a41e81bb0f9cd8fed6a74fc935b132a39d5a56223c54059f30c56
60f84e90c5b8308b8b13b3ef2bf2902899eac133f53f562e0432566d773c083e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f9875246199db42a24c95dbd2534274a4981982ebc3bdff8fa06abdb9e07d3
63a742448fc1031df4278933ccc79c747ad26f6fc0130ac6b6a547e61313d7b4
64cd16f7aaa4f5b7e73b97df047a273194591f210c99ad50006ebbf4cba53b08
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65d1898c548f69cd9a39bd28cdcca1a182fde462f821ee8c321949a656c646b0
66bd092fce44592006374231a0fae5ec437f7e05b289bac992384b9d08e6b0c6
69d1108b4f184c220f5c3c7780baf395e43679fdc595492c974990627d48fe59
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c532c566399dcb74dc8e8b97ed1db2f64db94a74c7d5b3df8e201e2ceb8c479
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45
72397114f67b6b23b75b222ec28485726c91e7375d1de7265b4111147a56cb05
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326
73579ea1e51c6fc3988c56864429e3c0498c3680d174386595731768f60edd7a
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f
7b5a685b7c97adef0f149dd00c92a489d0dadc12eab4b1f26118fa0589bc1960
7b972d6ddec7e4e82f8c751ee3dca48ec5377ace7a4c80e00b2b0c1578a074f8
7c1b263a7ac604e6c9897caf51d2f75228e80657867e6729bc23d60fd2abbd68
7c7db879434cdd773cc4d1e052df955b0c6bfbfa7ca601c6ad734e5f06c386fc
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af
7e4c431acffe61664b87a09240bcc5903a610736874cf23764ff7304d38b9460
7fe82ca2de4362320392976fff1f2da68af14003fcd87b6ca51e44430499164c
805c456f58d00a6ca84ce26e4a0e20d130245ba8c3021dbc775d835701c98779
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8788a6a30bf21825000421a23d09a6a37df58fb2b0e3ce29198896986dcf51b4
87c0faadba882cd52e4073c03a27dfedffe2a37b56f8b3f9597f8030398113d1
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891
89caa9bf3ee9b9011f09c853a87f4326d2e198b91a2f733dff95da4704b1c7ab
8b602940f6841d2a924c76d3b0efe62ebe4aac115bab591cccf071313489fa98
8bfd5841dcfdc578ea9ebf45dde77b316772369d5f575848ecd518efb4caa342
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723
93af4fbc2475b737b96aa98143e13e1a4dbead00d10adc6fe5c31e1d4a8edd0d
9772615d6ca9b1622252980880c6f175d6405a13315ff07c1e1cd556d632911d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a578ee52f0b7bf420e8cbf6d0f1169f0ed4d2f7dd0b4bb20396097a709a4c082
a8278761c6048158b8c22609bf05c113479c35bb2fb7da38d17d942297d0c083
ab56c9b14415c7c992d6f2ecffcf26b7a9d27a61b48ea11cdb82941f18f94638
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace0a137d8350277658c83324c40ede2e9f33e2f77d191e2dc8840f3999f47d7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
b8f2f02c3e9e4b678bff385ec56f8dfc7575dab1e1771760f90e2cce1271d61e
b960786a064acb6d49321b50661407d19bdb255fccc772b8cbc09ba7e75fd17c
b9b3606084b0cc23997dbb250b62338a537648f4de3f34898ab099d0744621f1
bac47b7d57c219d0321337a9c67f348582f5d18e18b9d961fb09988c4bc23331
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef
bf5d16994a914fe9eb9c23f3612ab0892bbe378f4498f6d7f4cb0466c2b6a34a
bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d
bff5d32096624b6cc94f4657b527c06837d449d3a665c45636b17bcb5e9e0c2c
c1d9b467e4b02d73f01bd0086c4487ce9f977ff09ec3a5595c3defa7545a06f9
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c42f819447dd37c4e596f14d0090e3479e7dfd28f78c510c887baa1ae779b00c
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c7481b4e3aeedf2eeb24dda328415cb0282a363aa2ae276245f07c253c2f32e2
cabd02ba4609884d05887940bedf810aa9da04246eb7a65addf84566b962e687
cb8da9089e1a1d03e062e1daae2cc2a5c1974305d3ebe499e14a791e9150071a
ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581
cd9ae7d7f6d1c701dc1f3acdff0d0e68bace71d2248ee35e1ad40439fb9e049e
cdda9dc307a0dccbf42b017786508f7f4ebd6f282ec20da920a5a78f22f9ba42
cf36ae2031bc2bd5ba66b1874678c9a1adf5b340b6e0eca6a8cbfd8232580ef1
cfd7285c0fd7d3d3917be0a2af819de5cdf4f2cdbfaf5153e169c0cd75fcfc55
cff2c87e4604ea4302455aabcb01a42a47e57d4e969809040823faedd9d4fece
d07faeefe6eb627210963a90d61182728af884b0d3ab1371b7d1e20244428d30
d1cb79256ad18381fa0fa3517b90188656adf56b03a58f4cea2d0a13d10ec154
d45406bf7943d086b568542ae6fa7722a3f74c8674430fe73767a7e9017079ac
d5defd39f537078175689b2c41d8edc24dd308172466ef4f397d57edaa90bfda
d80ca47c5b43805ab5bcd7cc0de574dd55b9a5cd0fcdcb7f0b8b1e7c840e11ee
d9d744df6d313e0f5fec63bb9168692a21496c3acd6177e5d3c1f78cbd374bec
de3b63e0c308893fd24db243fc32b0d0066438b9780e1eefa8b91c6111d5e1f6
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
ded840a5f928bf7a6acf3284c66db9072ec9c5380f19c976d25e221f0ce389d8
e04e0d6996a81441da8774f2568a7dea95f7a34280d0e9540c5ccc91078f4c5e
e152f7b9c1d9b9c1416c5a942783ff1d2f00d3eef3e1eb8add4a65d020fff05e
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40647ce27e80ab8d555718067d47e08143ba60f8efc26f5e7a55d8426e145b8
e568b89ab7a24e8ca3b48958472485a34dbae97779fa1af4f2fece2105c0fd17
e6404cc7b6b59399f450f6de157b83913eaafc3b581d0665bed9c17f9b86b2b1
e7fa895719671f50136115e5a8ac3773e46a820cebce1876a5dcb1fa2f095fe8
e85252ecc1f9c7d4e522d473b637e5725bc6d1a3d298c5a75152747ef576535b
eb7b6117be51bd18178dc8e49235a08a027510910153e0ff2bc418fa22281db2
ec80387186a69d6897211a3780d48798ac2e99c59622c2b20a232019ba6042fd
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f065e917c8a1721d98017f8d3756adea0234db5fca27dda41717bdc005c7c77d
f0c2d1028a605b4816fe2767681fb47dbf88a764844e84c929f06cafa63dc9f9
f2cbb92ab07244e38624ea134fe52e6c95c65d78755fd73555277dbdee64980a
f555a06db2e14267885089c85c67b7e285b69d13220e24fa64c7e87c5ed13be5
f5d3aab0076e88b115ee176bfbae622a93783186dc613781f3aa183d1b7e9736
f686841ee82090a4509f58e149a50b6a43050ba0ddc3ec45543d93dd5ec8189b
f80ee19c55783c8a576292a55d08c0961aa821808a6ee092f02d2bd1d54958e4
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fb0dfb1e1e412a4a09d35e5ed8d180ee828535b4b6cb8f37ee5e77bf46460592
fc519218d3df40f946f41d5ec30d4352969320afba118a41b09843c423071c76
fe22d3e07e43c6918fec090e87a3afdf0025b909eabcf27338771127c2d8d427

winterhawks.com Open in urlscan Pro 13.92.242.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

100 %HTTPS

76 %IPv6

21 Domains

31 Subdomains

30 IPs

4 Countries

4924 kBTransfer

11569 kBSize

8 Cookies

47 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winterhawks.com Open in urlscan Pro
13.92.242.205 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

100 %
HTTPS

76 %
IPv6

21
Domains

31
Subdomains

30
IPs

4
Countries

4924 kB
Transfer

11569 kB
Size

8
Cookies

193 HTTP transactions
4 data transactions