www.winstar.com Open in urlscan Pro
34.239.10.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.winstar.com/casino-map/
Submission: On March 28 via manual (March 28th 2023, 3:23:52 pm UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 29 domains to perform 133 HTTP transactions. The main IP is 34.239.10.20, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.winstar.com. The Cisco Umbrella rank of the primary domain is 891916.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 20th 2023. Valid for: 7 months.

This is the only time www.winstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	34.239.10.20 34.239.10.20	14618 (AMAZON-AES) (AMAZON-AES)
66	2600:9000:223... 2600:9000:223c:e400:6:ec6d:cb40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.241.54.161 35.241.54.161	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1 2	34.241.45.41 34.241.45.41	16509 (AMAZON-02) (AMAZON-02)
1	34.246.247.4 34.246.247.4	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2600:9000:225... 2600:9000:225e:f000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:76ba:e622:a244:858	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6811:6d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:d7ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
133	35

6 34.239.10.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-10-20.compute-1.amazonaws.com

www.winstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2600:9000:223c:e400:6:ec6d:cb40:21 (United States)

ASN16509 (AMAZON-02, US)

dkr2rmsityotp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.230 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

6820846.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10388130.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.45.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-45-41.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.247.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-247-4.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225e:f000:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:76ba:e622:a244:858 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:6d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:d7ed (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent10.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	cloudfront.net dkr2rmsityotp.cloudfront.net	1 MB
10	doubleclick.net 3 redirects 6820846.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 10388130.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 70 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	6 KB
7	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4544 track.hubspot.com — Cisco Umbrella Rank: 2028 forms.hubspot.com — Cisco Umbrella Rank: 4142 app.hubspot.com — Cisco Umbrella Rank: 5240	25 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2453 d.adroll.com — Cisco Umbrella Rank: 1240	22 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68 region1.analytics.google.com — Cisco Umbrella Rank: 4179	2 KB
6	winstar.com www.winstar.com — Cisco Umbrella Rank: 891916	223 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6470	294 KB
4	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4140	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6058	806 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2368	20 KB
3	gstatic.com www.gstatic.com	187 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	234 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 897 ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	841 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	137 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	188 KB
1	hubspotusercontent10.net f.hubspotusercontent10.net — Cisco Umbrella Rank: 40899	7 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 168	412 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com — Cisco Umbrella Rank: 4409	418 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 596	337 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1189	415 B
1	adaraanalytics.com tag.adaraanalytics.com — Cisco Umbrella Rank: 20793	388 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 357	98 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 330	265 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 3966	87 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1934	64 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4473	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1926	21 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2030	926 B
133	29

	Domain	Requested by
66	dkr2rmsityotp.cloudfront.net	www.winstar.com dkr2rmsityotp.cloudfront.net
6	www.winstar.com	www.winstar.com dkr2rmsityotp.cloudfront.net
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	s.adroll.com	1 redirects www.winstar.com s.adroll.com
4	tag.yieldoptimizer.com	1 redirects www.winstar.com
4	10388130.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	www.google.de	www.winstar.com
3	adservice.google.com	6820846.fls.doubleclick.net 10388130.fls.doubleclick.net
3	www.gstatic.com	www.google.com www.googletagmanager.com www.gstatic.com
2	www.facebook.com	www.winstar.com
2	dpm.demdex.net	1 redirects www.winstar.com
2	api.hubspot.com	js.usemessages.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	www.winstar.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.winstar.com
2	6820846.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.com	www.winstar.com
2	www.googletagmanager.com	www.winstar.com www.googletagmanager.com
1	f.hubspotusercontent10.net
1	d.adroll.com	s.adroll.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	www.googleadservices.com	1 redirects
1	cm.ctnsnet.com	1 redirects
1	ups.analytics.yahoo.com	www.winstar.com
1	cms.analytics.yahoo.com	1 redirects
1	beacon.krxd.net	www.winstar.com
1	d.turn.com	1 redirects
1	tag.adaraanalytics.com	www.winstar.com
1	idsync.rlcdn.com	www.winstar.com
1	match.adsrvr.org	www.winstar.com
1	cm.g.doubleclick.net	www.winstar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	www.winstar.com
133	41

This site contains links to these domains. Also see Links.

Domain
book.rguest.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.winstarvillage.com
www.chickasawresponsiblegaming.com
adagaming.com
artesianhotel.com
www.myblackgoldcasino.com
mybordercasino.com
www.chickasawtravelstop.com
chisholmtrailcasino.com
mygoldmountaincasino.com
goldsbycasino.com
jetstreamcasino.com
madillgaming.com
megastarcasino.com
newcastlecasino.com
theriverstarcasino.com
www.riverwind.com
www.saltcreekcasino.com
mytexomacasino.com
treasurevalleycasino.com
washitacasino.com
www.snapchat.com
goo.gl
www.ncpgambling.org

Subject Issuer	Validity	Valid
winstar.com Amazon RSA 2048 M01	`2023-02-20` - `2023-10-05`	7 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2022-06-25` - `2023-07-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.winstar.com/casino-map/
Frame ID: 0C696E296DA632126FF448A7106F35E8
Requests: 119 HTTP requests in this frame

Frame: https://6820846.fls.doubleclick.net/activityi;dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F
Frame ID: 0E2E747E874B5BB71077F544340D8617
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F
Frame ID: 58031552445A0C3B5EB384134EB2D365
Requests: 2 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F
Frame ID: C3CBBF8303FEB7324038DF8F1EA00F3B
Requests: 2 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/438b5edf86e140eba7b1e9400a594adf?uuid=a927ba37dca24a5f9e3bdb1f4e8238a2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=winstar.com&inApp53=false&messagesUtk=438b5edf86e140eba7b1e9400a594adf&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 7D57AAD63CD9D68439A2C0A396143685
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EAA50AF5EB0A12955113D2D6E58C6780
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casino Map – WinStarwinstar

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

133
Requests

94 %
HTTPS

66 %
IPv6

29
Domains

41
Subdomains

35
IPs

5
Countries

2858 kB
Transfer

11174 kB
Size

32
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://book.rguest.com/onecart/wbe/offers/686/WinStar-World-Casino

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WinStarWorldCasino
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/winstarworld
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winstar_world/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Winstarcasino
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.winstarvillage.com/
Title: Central Park at WinStar Village

Search URL Search Domain Scan URL

URL: http://www.chickasawresponsiblegaming.com/
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://adagaming.com/

Search URL Search Domain Scan URL

URL: https://artesianhotel.com/

Search URL Search Domain Scan URL

URL: https://www.myblackgoldcasino.com/

Search URL Search Domain Scan URL

URL: https://mybordercasino.com/

Search URL Search Domain Scan URL

URL: https://www.chickasawtravelstop.com/

Search URL Search Domain Scan URL

URL: https://chisholmtrailcasino.com/

Search URL Search Domain Scan URL

URL: https://mygoldmountaincasino.com/

Search URL Search Domain Scan URL

URL: https://goldsbycasino.com/

Search URL Search Domain Scan URL

URL: https://jetstreamcasino.com/

Search URL Search Domain Scan URL

URL: https://madillgaming.com/

Search URL Search Domain Scan URL

URL: https://megastarcasino.com/

Search URL Search Domain Scan URL

URL: https://newcastlecasino.com/

Search URL Search Domain Scan URL

URL: http://theriverstarcasino.com/

Search URL Search Domain Scan URL

URL: https://www.riverwind.com/

Search URL Search Domain Scan URL

URL: https://www.saltcreekcasino.com/

Search URL Search Domain Scan URL

URL: https://mytexomacasino.com/

Search URL Search Domain Scan URL

URL: https://treasurevalleycasino.com/

Search URL Search Domain Scan URL

URL: https://washitacasino.com/

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/winstarworld
Title: snapchat

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/cw2ApAsm6pD2

Search URL Search Domain Scan URL

URL: https://www.ncpgambling.org/programs-resources/responsible-gaming/
Title: Responsible Gaming

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F HTTP 302
https://6820846.fls.doubleclick.net/activityi;dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F

Request Chain 87

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F

Request Chain 88

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F

Request Chain 91

https://tag.yieldoptimizer.com/ps/ps?t=s&p=3773&pg=ot HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=78831677&t=s&p=3773&pg=ot

Request Chain 111

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3362571827437828745

Request Chain 112

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016827742899 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016827742899

Request Chain 114

https://cms.analytics.yahoo.com/cms?partner_id=ADARA HTTP 302
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA

Request Chain 115

https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3016827742899 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=5cfa0dd9f05e47639e56b4359f1e958d

Request Chain 116

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Request Chain 122

https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

133 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.winstar.com/casino-map/ 1 MB
192 KB 399ms
188ms Document
text/html 34.239.10.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.10.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-10-20.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 14c1540625836c1d2c749e93912ce087330795872ac365105b4af846405c61e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 28 Mar 2023 15:23:44 GMT
link: <https://www.winstar.com/?p=18282>; rel=shortlink
server: nginx
x-pj-cache-status: hit
x-tec-api-origin: https://www.winstar.com
x-tec-api-root: https://www.winstar.com/wp-json/tribe/events/v1/
x-tec-api-version: v1
x-upstream: CNDCFE1

GET
H2 200 style.min.css
dkr2rmsityotp.cloudfront.net/wp-includes/css/dist/block-library/ 93 KB
13 KB 59ms
9ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 04:47:48 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 07:22:15 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 38156
etag: W/"640ecf27-172a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: p80Vb7gMjhWt1rKzU_ds4dj7JWmoK7ZzdXMVfQn8J0610Oq0Ad1O6w==
expires: Thu, 27 Apr 2023 04:47:48 GMT

GET
H2 200 classic-themes.min.css
dkr2rmsityotp.cloudfront.net/wp-includes/css/ 217 B
631 B 59ms
10ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:48:07 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 07:22:15 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 52537
etag: "640ecf27-d9"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 217
x-amz-cf-id: 02BA5cRetALa_abvneQY17dI0e-6cFAzo1w2ko-j1JxhiWQ8aSL7Dw==
expires: Thu, 27 Apr 2023 00:48:07 GMT

GET
H2 200 video-styles-combined.min.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/css/ 54 KB
13 KB 60ms
11ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/css/video-styles-combined.min.css?ver=1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9b314496498a7981acb001c61520b307b3386689ac63049ef126f8c48e99cacb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 03:30:01 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 42823
etag: W/"6216a2c0-d9c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: Htnebe2cFUC2owPp1TymfaMCgYgdgbALbbPF1zk9mq-FUgRS1uNLVA==
expires: Thu, 27 Apr 2023 03:30:01 GMT

GET
H2 200 child-theme.min.css
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/ 2 MB
190 KB 65ms
16ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0613ea0ac2c4a4682fa06b80df67c61d4b8bc7bd8a3105ad49a7ea5b4bf1492d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:11:13 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 54751
etag: W/"6307aadc-1866b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: M5adwObNEwBesV4J_dNdDVoPz0-3UIYFl8hvuxbFJ15iH8YIPNHRFA==
expires: Thu, 27 Apr 2023 00:11:13 GMT

GET
H2 200 socicon.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 18 KB
4 KB 77ms
28ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20181009
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 033b939733b8808dd4f5ebee9284d9bdd23fe5cb59d35e397a3333fac04d7ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:53:20 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 30624
etag: W/"6216a2c0-467d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: Jw8eFuHYUcF-nclTLH8BOVLUb-t3lEcWQjFrhvbvuZQN6tnsbeYyDQ==
expires: Thu, 27 Apr 2023 06:53:20 GMT

GET
H2 200 genericons.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 28 KB
16 KB 78ms
29ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=20180625
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d25eb436f584562f7c291c66772de30b819d99dbd8319648797e3fb85e09bed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 04:47:48 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 38156
etag: W/"6216a2c0-6e88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: LtVRdd_zupOkoOLhztNBNYFpeLDdA8NGRKHhwpbw1H-YifnyU7NmVw==
expires: Thu, 27 Apr 2023 04:47:48 GMT

GET
H2 200 font-awesome.min.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 30 KB
7 KB 78ms
30ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome.min.css?ver=20180625
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: dc68ea8582cd092be8c9d5049db340f753d4c14d05e579b8a1d58d8c3348799f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:48:07 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 52537
etag: W/"6216a2c0-7912"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: Gugc4qXNA9fqqpLEhFDa_DfmQghYfxETy5930H6QvB4Sv0Iym25DPw==
expires: Thu, 27 Apr 2023 00:48:07 GMT

GET
H2 200 dashicons.min.css
dkr2rmsityotp.cloudfront.net/wp-includes/css/ 58 KB
35 KB 79ms
30ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:50:33 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 07:22:15 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 16390
etag: W/"640ecf27-e688"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: Ai8TJIsvVw-c3ToVfnz7IKoC7LrCr77YczVBKi2Iv3VG2OU02q4XiQ==
expires: Thu, 27 Apr 2023 10:50:33 GMT

GET
H2 200 unsemantic-grid-responsive-tablet.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/custom-lightweight-grid-columns/css/ 27 KB
4 KB 79ms
31ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/custom-lightweight-grid-columns/css/unsemantic-grid-responsive-tablet.css?ver=1.0
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 565be41b015066abca0a932cfb8748da75952ace8741964a4db6250947db1d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 03:30:01 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 42823
etag: W/"6216a2c0-6c3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: lvC-t8fTbkiNrrxQTvQyJb0DjlL7pNdLHqcbGHec-DFOoxr6RUjIWg==
expires: Thu, 27 Apr 2023 03:30:01 GMT

GET
H2 200 jquery.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/ 88 KB
31 KB 82ms
34ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:16:59 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 07:22:15 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 14805
etag: W/"640ecf27-15e54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: iiJFSiLSUCWab79Moqip_BPd8iWLb4QbtdloiZo20YUk8PV6_wA_fQ==
expires: Thu, 27 Apr 2023 11:16:59 GMT

GET
H2 200 jquery-migrate.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/ 11 KB
5 KB 80ms
32ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:59:50 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 07:22:15 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 33834
etag: W/"640ecf27-2bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: skettzmtvo0DkG6SLaUu0UV7kIflHL2PWriWV1aehPjtjFa783XGoQ==
expires: Thu, 27 Apr 2023 05:59:50 GMT

GET
H2 200 public.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mabel-business-hours-indicator-pro/public/js/ 734 B
1 KB 81ms
33ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mabel-business-hours-indicator-pro/public/js/public.min.js?ver=2.4.6
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d24ecb7eb37b4d96efa8e02f34934dd12e13681ba55925824fc5b48107d3fa78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:41:34 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 34930
x-cache: Hit from cloudfront
content-length: 734
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
etag: "6216a2c0-2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: 2Q0FBVINmKFxMv8LksAlgxrq2c8iXIS_2YokAfTGDULWsjXb9cZKvQ==
expires: Thu, 27 Apr 2023 05:41:34 GMT

GET
H2 200 whenDefined.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/ 420 B
862 B 80ms
32ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/whenDefined.js?ver=1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8d677c877ee196e63674af60b0b0efb884da667f034e2e7d5aba6fac671ee473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 02:31:41 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 46323
x-cache: Hit from cloudfront
content-length: 420
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
etag: "6216a2c0-1a4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: 0aiD0E6xeKtmaV5EvlchOrbYbi87168zeocWPIeSp02gJSECj2efAQ==
expires: Thu, 27 Apr 2023 02:31:41 GMT

GET
H2 200 intersection-observer.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 24 KB
7 KB 81ms
33ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/intersection-observer.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 52fdc524903bf82b78d5deabff63aa9860e60f1801f9aa4d7f2ba185b6783f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 07:57:01 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 26803
etag: W/"6307aadc-6106"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: CEo9fFw0yvqq-ZZK9MsceOthY5ygCeXCGOVfqPxQJrKJw18mC7MATQ==
expires: Thu, 27 Apr 2023 07:57:01 GMT

GET
H2 200 winstar_logo_mobile.svg
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/ 5 KB
3 KB 8ms
8ms Image
image/svg+xml 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/winstar_logo_mobile.svg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 790db0690aea8526789baad5093b2ed144b126b2ae72b89bfeb8e80c77695142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 07:28:40 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 28504
etag: W/"6307aadc-1330"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: N8XyO4DP-VsqvGo045NKK9jdLWZreFCTlQoTWVLVw37bNhcPJGhwYg==
expires: Thu, 27 Apr 2023 07:28:40 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.winstar.com/wp-includes/js/ 18 KB
18 KB 103ms
102ms Script
application/javascript 34.239.10.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winstar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.10.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-10-20.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/casino-map/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:44 GMT
last-modified: Mon, 13 Mar 2023 07:22:15 GMT
server: nginx
etag: "640ecf27-48b9"
content-type: application/javascript
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 18617
expires: Thu, 27 Apr 2023 15:23:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 391 KB
103 KB 289ms
72ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f167ef6884d0371cc440bb877d32d98d26890524fadfc6f7d627caf65041b6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104721
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 15:23:45 GMT

GET
DATA 200
OK truncated
/ 122 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81ae22dc9680379e1cc5fd07c05e54778d0b27b7f54b457c185cb7cab0076dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 07-brother1816-regular-web.woff2
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/ 36 KB
37 KB 23ms
8ms Font
application/octet-stream 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/07-brother1816-regular-web.woff2
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f

Request headers

Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:11:50 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 54714
x-cache: Hit from cloudfront
content-length: 36932
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
etag: "6307aadc-9044"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: mRsHgdr6iEROse0gIEaLWTMr1Uv5VlAYp1euYThOs1maXomnJ4-YZQ==
expires: Thu, 27 Apr 2023 00:11:50 GMT

GET
DATA 200
OK truncated
/ 33 KB
33 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85c826557d06c300e5516b92a216d272bb1ded34f32a1931d39445ff7cbd985f

Request headers

Referer
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 11-brother1816-bold-web.woff2
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/ 35 KB
35 KB 30ms
15ms Font
application/octet-stream 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/11-brother1816-bold-web.woff2
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d

Request headers

Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:11:50 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 54714
x-cache: Hit from cloudfront
content-length: 35480
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
etag: "6307aadc-8a98"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: l3Pyy5MVxIhkqCkKp1hIPl-QJo8SFATgZzBqWUkyb6eImQYDn94S8A==
expires: Thu, 27 Apr 2023 00:11:50 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64f984d771c6fd92576d6d6cd8212b34b6c1c03f14ffc778bfb7fbac45279d9b

Request headers

Referer
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 casino_map_welcome_logo.svg
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/ 8 KB
4 KB 9ms
8ms Image
image/svg+xml 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/casino_map_welcome_logo.svg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 58c7c2c6f8bb110cdfa290718e1e29ed363c00e906b8bf849faefad6438a32db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6307aadc-1f97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: B9tLurVvn7hCce3ghkgDlGFyS_Om_gEtoBiciLy6E19Ln32d2FXp4g==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 winstar_logo_new.svg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/ 9 KB
4 KB 10ms
9ms Image
image/svg+xml 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/winstar_logo_new.svg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:50:34 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 30 Aug 2018 20:03:18 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 16390
etag: W/"5b884d86-2497"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: JudaaCOFuNAKGgBp2BRubZR0uSVw_x8EXxLLwUgRQOwcceFZ1VHLAQ==
expires: Thu, 27 Apr 2023 10:50:34 GMT

GET
H2 200 footer_map.jpg
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/ 22 KB
22 KB 10ms
9ms Image
image/jpeg 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/footer_map.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0d6b33b87ffcc52f84fdbcdcc7536c9fadf39f8f37d05adc34d6db6cdb22bdfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:03:45 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 5511
x-cache: Hit from cloudfront
content-length: 22215
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
etag: "6307aadc-56c7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: EM8-TQYy4Av5KdCLGm9ssrQvAJfcc-kfHm6TD54ojpe-Np5pqm60Pg==
expires: Thu, 27 Apr 2023 13:51:53 GMT

GET
H2 200 mapplic-routes.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/css/ 4 KB
2 KB 9ms
8ms Stylesheet
text/css 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/css/mapplic-routes.css
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ce73470113c7b4aa205fcd5fce22efbe0c083525f38ae81a383f0af55aa8d10a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:11:50 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 54714
etag: W/"6216a2c0-1083"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: riFsspcjoMWyi4-jov798NL7AQipZk-Hhfow9S45NskXrBUI9YM3bw==
expires: Thu, 27 Apr 2023 00:11:50 GMT

GET
H2 200 am-video-player.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/ 493 KB
138 KB 14ms
8ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b795ece97224449967780313c67b1b224db511d0f93ff734f5ab9bbcc3da0bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:12:31 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 51073
etag: W/"6216a2c0-7b534"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: xwCnxSJGvrnYf-8-cS6abmwWgUuqRoxSxJX4cGoR9SQ00AJ4Lmthfg==
expires: Thu, 27 Apr 2023 01:12:31 GMT

GET
H2 200 ejs.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 20 KB
7 KB 17ms
10ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ejs.min.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 01ba0ea8fdbfdb6771a69fe9f211f66e2c74a344b8a1dc319d6c9b00e85a8b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 04:47:48 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 38156
etag: W/"6307aadc-5111"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: UmWLZzWKKOWXiqE4PtyUnAcsa8Jw7c1_sn_FMU3O6-Q49Sf9RXqdLA==
expires: Thu, 27 Apr 2023 04:47:48 GMT

GET
H2 200 jquery.validate.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/ 47 KB
13 KB 17ms
11ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/jquery.validate.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 04:00:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 41018
etag: W/"6307aadc-ba49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: M_rw0ph2uDmU6bzvN6H_F6WHYIldxKsCImibDPCw89cWqcfUiltMoA==
expires: Thu, 27 Apr 2023 04:00:06 GMT

GET
H2 200 jquery.validate.defaults.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/ 2 KB
1 KB 22ms
16ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/jquery.validate.defaults.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: aab92c326a1bed55b744fc756d3d4b31148c8ee463ad0e69c65b73ad6b71692c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 02:52:48 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 45056
etag: W/"6307aadc-713"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: l3q1SYtcHYRxqnh8KsOO41Tc9luQrxljdUjC2dAzzeoK4wM6mH8v_A==
expires: Thu, 27 Apr 2023 02:52:48 GMT

GET
H2 200 child-theme.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 204 KB
64 KB 31ms
25ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/child-theme.min.js?ver=f93e11119393bbd6937ff38fdb8f1a63
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2c28c476b0f99acb56fe1e58006145adffc1a0170eedf5e398b352062399c931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:41:34 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Sun, 28 Aug 2022 10:44:50 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 34930
etag: W/"630b4722-3301d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: xYV24ScInNtBf2Shl5fzXyHjSD5wT-6ac7OY3blm1SLTy7ymhIU9Rg==
expires: Thu, 27 Apr 2023 05:41:34 GMT

GET
H2 200 child-my-casino.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 208 KB
56 KB 20ms
16ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/child-my-casino.min.js?ver=97fb05e85726151723b0c99e449be8ad
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 79fa2f37277358cc1cc0986b154485602220861ec3f2afcef6126b1cf6b1e5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 04:15:38 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 40086
etag: W/"6307aadc-33f7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: 6QKTetdp60hpsp-f1t7cGtLC056Lg8UCa0X_w6-s_nsehd9dU_ER4g==
expires: Thu, 27 Apr 2023 04:15:38 GMT

GET
H2 200 social-icons-widget-frontend.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/ 860 B
1 KB 28ms
25ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 6853d729a67593739860d399dc73e21340de4f57bda79cc930f536e428967b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:11:14 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 22350
x-cache: Hit from cloudfront
content-length: 860
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
etag: "6216a2c0-35c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: TOGuF1KskQbaR6L1OBSlszrrUEvn5l2-GOwsZw7jftavBv1tvl-gPw==
expires: Thu, 27 Apr 2023 09:11:14 GMT

GET
H2 200 canvas-to-blob.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 1 KB
1 KB 30ms
26ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/canvas-to-blob.min.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7e4e389c072794cb0cc4a4e610be9ea14ab7ccd12d566a2fa17b7209561b768b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-4cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: Ga0c2FzmK9KLuw00FxGjk6vLZHJnZLRfXEHHJ5pnetxie0oPcl3Grg==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 html2canvas.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 160 KB
40 KB 21ms
17ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/html2canvas.min.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 105300faa64c67c4a1067aa5ba92d0ee87ffb117a2e693578a38b8659603292d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-2819c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: QetBB2FR22qZOMHspLYl8qY4jhKhF4RTr2oHm-pDIItiGlukeZ3Trw==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 draggabilly.pkgd.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 15 KB
5 KB 22ms
19ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/draggabilly.pkgd.min.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 33cb1aafbb57d455025007ad9b01f40e259cd377a611fa6792ac9ab73d624803

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:11:50 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 54714
etag: W/"6216a2c0-3a19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: I6GOWDfSojiNwykDU90b63Nba8slUPsllcYtC6q2EZ_VSYgx_J2qIA==
expires: Thu, 27 Apr 2023 00:11:50 GMT

GET
H2 200 browserama.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 1 KB
946 B 22ms
19ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/browserama.min.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 75f98eded1c38b08dd72f67aa90005f9b6418cb82a0e679b3f474ddc8ef60751

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-401"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: ow6ez4ED0EXIcf6XtxDM0gp_MXeya-C8D5xI3fVrAFrNapUF8gJNhA==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 hammer.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 20 KB
8 KB 23ms
20ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/hammer.min.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 86190e5e8be7fbfc1aabf3edbb7cf7c0366361c35e6f326330ca74a1914d12f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-5123"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: oMElWc25HYhs_oyeDy3jbj7dHFYdQEpmItlIbQvHwF05U4mCdAMBpA==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 jquery.touchy.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 23 KB
4 KB 23ms
20ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/jquery.touchy.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f371b23c225666578058cb2aa2b9febb709e2ad1661b73f675a6cd0abc475e7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 8771
etag: W/"6216a2c0-5d8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: sk4zfzgtRZ0olMqIZqVs6SyuWlTrZTqjdM0mDI6_ooMFDA3uLOuS2w==
expires: Thu, 27 Apr 2023 12:57:33 GMT

GET
H2 200 point-in-svg-polygon.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 7 KB
4 KB 24ms
21ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/point-in-svg-polygon.min.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 33e6350ac50ff110e033947d498b3ff868bd5e117bcc2340bc0cf1cf677a3d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-1b08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: eth_ishcXReSABYH3vEzFbwobNn18zdyL36wbIQeCXVY3CEJS1kNeg==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 jquery.mousewheel.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 8 KB
3 KB 24ms
22ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/jquery.mousewheel.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 09dc174046e8ff4e45641d3c527545de17b08ad706d4ae44a14bcdda80f2a401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-2126"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: EMcmnEVuIqDOgwgqzIsjJqSY-fvyXC7kAYE-sqPBZVHbJaKur2FNxQ==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 magnific-popup.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 20 KB
8 KB 25ms
22ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/magnific-popup.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a3a1d3ef0636f519d37eafe44045a350594b59de1556ca68fc855a79bdeda319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-4f2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: X_4cB9O-tSFNpE8B2SZWT79jDnvDpH468xmkFtjc_B6ogLpo-BBcAw==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 velocity.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 44 KB
16 KB 25ms
23ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/velocity.min.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a66b0cb93bcbaae7f1fa82dc4783fe57f65aab20bae806a049727ebd41a09152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-af0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: QLbT3BFJLfPhQhr2yedZ2kQMfYsg9n9xT-gYn0OTiqL5_qEq59w63w==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 fuse.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 11 KB
5 KB 29ms
26ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/fuse.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 789cb622c3e228b6faa3285c4da8d6e9196ba68e4102e631d3a4fce1489c1beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-2cd6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: D5lf6aruKiXUpO7F98oqZMhlmlPbalyHFdyHuk2tlcgAgqmxKvfMgQ==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 mapplic.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 103 KB
23 KB 26ms
24ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/mapplic.js?ver=4.5.3.55
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3747050dc85468bad2a0eeaaf35915fe432dfb7084b56941672beebd6e1e75c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: W/"6216a2c0-19cdb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: gEvd0cI9G9WAswOYDLVGSRKvI8JammORkOUo_UBrLYftDCJFq-tHRw==
expires: Thu, 27 Apr 2023 15:22:06 GMT

GET
H2 200 mapplic-routes.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/ 19 KB
6 KB 26ms
24ms Script
application/javascript 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mapplic/js/mapplic-routes.js?ver=4.5.3.55
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a316e584c488ca0f3a672004cdd5ce900318586edffc0955c229e8c3d8b34e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:11:50 GMT
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 54714
etag: W/"6216a2c0-4a16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: 9HJRNtmWwYDTvq4EOt8nAZLs29fEuzoTo8nEYb2r8MqJm-jPyEDbtg==
expires: Thu, 27 Apr 2023 00:11:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 202ms
47ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6fb1a2354c8e7d03fb4abe84b5f9ae45cd206c98f752c379dbb5f5623bbd444d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 28 Mar 2023 15:23:45 GMT

GET
H2 200 4132260.js Show response
js.hs-scripts.com/ 2 KB
926 B 291ms
135ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4132260.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9000c15925b11f7536f40cb6ea50abad54fda08fefb5ba6ef9fea434f969f663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 28 Mar 2023 12:48:40 GMT
server: cloudflare
x-hubspot-correlation-id: f724a15d-27e2-421d-9afb-7f4e5e2deee8
x-trace: 2B509AD243CC7B542035EA37DD5B70DE00D96A6CD8000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.winstar.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7af0e04709e3367b-FRA
expires: Tue, 28 Mar 2023 15:24:45 GMT

GET
H2 200 map-welcome-background.jpg
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/ 105 KB
105 KB 16ms
15ms Image
image/jpeg 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/map-welcome-background.jpg
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0375cc0fd0fb4b0e90380397b8a222b1ba9d8bccb9c6edfc039fe1275b51a553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 23733
etag: "6307aadc-1a3db"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 107483
x-amz-cf-id: kpreVSwuOaEqTmtCnnB_0v_CJlm9vV8tzU3pMb6p0Dpsve0nn9Mp2Q==
expires: Thu, 27 Apr 2023 08:48:11 GMT

GET
H2 200 socicon.ttf
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/ 47 KB
47 KB 15ms
7ms Font
application/octet-stream 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20181009
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bf3a0e15b6b79b70bc847a485b3efe4135c4ac520b5bace74427b55c50a4bbd0

Request headers

Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20181009
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:41:34 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 34930
etag: "6216a2c0-ba68"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 47720
x-amz-cf-id: JiKh1OVQt1YquZxR1qzeGjwYWZaCbwy7uszjlngQWxdtkh3caq2h3A==
expires: Thu, 27 Apr 2023 05:41:34 GMT

GET
H2 200 09-brother1816-medium-web.woff2
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/ 37 KB
38 KB 12ms
5ms Font
application/octet-stream 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/09-brother1816-medium-web.woff2
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790

Request headers

Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 21:59:24 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 62660
etag: "6307aadc-94d0"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 38096
x-amz-cf-id: M2hPVHz1DdeoNJ_CRP2Hkq6nDVF9GfV_L-g34VR4RIPQIJr_oDfkmw==
expires: Wed, 26 Apr 2023 21:59:24 GMT

GET
H2 200 winstar_google_map.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/06/ 9 KB
10 KB 9ms
8ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/06/winstar_google_map.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f9a240e7c9a462e34c3cbefcc132d9eb8a90432dc0e631c39f6208a9e68cf0e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 03:30:01 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42823
x-cache: Hit from cloudfront
content-length: 9504
last-modified: Fri, 10 Aug 2018 20:33:49 GMT
server: nginx/1.16.1
etag: "5b6df6ad-2520"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: 4u5kW6159Qoe8NXL4_ollXAMTpQHT0SbKGZVGF08VH8chYxnJYR51Q==
expires: Thu, 27 Apr 2023 03:30:01 GMT

GET
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 21 B
441 B 310ms
310ms XHR
text/html 34.239.10.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php?action=check_login_status

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.239.10.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-10-20.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4a40fdd50fa2fa6991af1f9fb09e1d83a2b75f52c45bb2e949fa7adf17e066b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.winstar.com/casino-map/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-upstream: CNDCFE3
x-pj-cache-status: miss
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
BLOB 200
OK 0cd11c69-2521-4835-8082-1cb2c6782746
https://www.winstar.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.winstar.com/0cd11c69-2521-4835-8082-1cb2c6782746
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 logo-adagamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 12ms
8ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-adagamingcenter.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ba51a474e5d660c43316a015ae9ae74ceebb7fc9ba6b74bfca5f1184a04bf6ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:50:39 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 16386
x-cache: Hit from cloudfront
content-length: 4052
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-fd4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: iTdB0pofxW8mp5AEGOlUQluvpuBeGwSoo8bEF6i3hXh5hLrDMaDrDQ==
expires: Thu, 27 Apr 2023 10:50:39 GMT

GET
H2 200 logo-theartesianhotel.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 13ms
9ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theartesianhotel.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c6403d94b772acfb45a7caf6537bdcf3e98af27b4be76b120b5575ea212d3739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:40:14 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 49411
x-cache: Hit from cloudfront
content-length: 3241
last-modified: Fri, 10 Aug 2018 20:33:27 GMT
server: nginx/1.16.1
etag: "5b6df697-ca9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: pP1r3QDCS3TyRXkfEwRi8Cmirt3az6ygGE1gKEoX4I31X_uwNChFJg==
expires: Thu, 27 Apr 2023 01:40:14 GMT

GET
H2 200 logo-blackgoldcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 16ms
12ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-blackgoldcasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c15786285ba0667a0ef68b90870bd9a9fffeeef3420bc2a40eae3e1d03b4537c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 04:47:51 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 38154
etag: "5b6df696-dfa"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 3578
x-amz-cf-id: AMVeM7LKdfoUh0qj3z4gtsXf6gNzpIiE-6wXgpI-77CKtmwg2dKMxQ==
expires: Thu, 27 Apr 2023 04:47:51 GMT

GET
H2 200 logo-bordercasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 13ms
10ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-bordercasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4567edfd8bc0ab6bf15dc711d50b5b824229f4fac6d93af1783989fc83090f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:40:15 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 49410
x-cache: Hit from cloudfront
content-length: 3365
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-d25"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: opqYHmSZVGK25hXEPVTBEmMT3SzJxdYgkQQtFWeC_ipyPrjjbCQgjw==
expires: Thu, 27 Apr 2023 01:40:15 GMT

GET
H2 200 logo-chickasawtravelstop.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
3 KB 15ms
12ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chickasawtravelstop.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 41da77e99ce20356956eda28208e4c9717a04360ce5172391277f7d456b8d28f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:40:16 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 49409
x-cache: Hit from cloudfront
content-length: 2819
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-b03"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: 744Bh0nTts19eO3kkLYiS-_6-N1nuLfru5n6YONURQvRd9jRsQ51FA==
expires: Thu, 27 Apr 2023 01:40:16 GMT

GET
H2 200 logo-chisholmtrailcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
3 KB 14ms
11ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chisholmtrailcasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 066adf1f3d9d490a730c12cfea2ae35f40057353c9fe193643e2eb30ba13e456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:03:48 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 5509
x-cache: Hit from cloudfront
content-length: 3066
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-bfa"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: OMQKRPZa1afDR5ItliQThnmwIRlkYhZUgjfc793-ecugbjiYvlI2wA==
expires: Thu, 27 Apr 2023 13:51:56 GMT

GET
H2 200 logo-goldmountaincasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
5 KB 19ms
15ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldmountaincasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 86bdd63a4e04be3802dd72ce6cf38c2b0bb571b0b2efa59370e96566f2c64b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:31:42 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 82323
etag: "5b6df696-12ad"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 4781
x-amz-cf-id: Jh21l_FcUFyTEpfS571r3oS9RdBCrfZXf-85wF0dGGaL6W3B_tSVqQ==
expires: Wed, 26 Apr 2023 16:31:42 GMT

GET
H2 200 logo-goldsbygamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
5 KB 20ms
16ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldsbygamingcenter.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7417cf0ced331f273313912449912c946fa76612af11c6b0a0c494b40f0c1a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:06 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 110
x-cache: Hit from cloudfront
content-length: 4970
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-136a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: X6PrUKiUT4IccVGBB9n5IGv3NxUhYCqA2ynfFURtvQwKN5DS6w4evQ==
expires: Thu, 27 Apr 2023 15:21:55 GMT

GET
H2 200 logo-jetstreamcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 20ms
17ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-jetstreamcasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f27791ce35bfbad21f1bc95b938236f1b2ae11d21da0824f267314ada9258be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 07:28:43 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 28502
x-cache: Hit from cloudfront
content-length: 3486
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-d9e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: cYBkJSVlKX4ZrEUhLTuZL9xJ6oi0MvCaodiCq8SRqw1Ie_fadjizHQ==
expires: Thu, 27 Apr 2023 07:28:43 GMT

GET
H2 200 logo-madillgamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
5 KB 21ms
17ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-madillgamingcenter.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 85b59840ab6433a38b9902a055593233909e71ac97e48eb36fc392d0605d2b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:40:18 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 49407
x-cache: Hit from cloudfront
content-length: 4998
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-1386"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: ghPER_GN9jop6j2ITh98zuDTYcdhD8l0tFDcghbFHw5xisjDYYIo-w==
expires: Thu, 27 Apr 2023 01:40:18 GMT

GET
H2 200 megastar-winstar.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/ 3 KB
4 KB 21ms
18ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/megastar-winstar.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3de9de632a3e6f2e22017bc5d232014a93f6fe2f7d9ec263380bc974b0fb5db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 22:04:07 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 62378
x-cache: Hit from cloudfront
content-length: 3450
last-modified: Thu, 18 Jul 2019 15:32:37 GMT
server: nginx/1.16.1
etag: "5d309115-d7a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: cS8HQ2Ja_8Fxb3DzdUsCvCmm4Y_mi12RvkXv3DCUcW9MQEyLsYTpIQ==
expires: Wed, 26 Apr 2023 22:04:07 GMT

GET
H2 200 logo-newcastlecasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 21ms
18ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-newcastlecasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cc6c4b5e28b2032cbe3f5643ecf372843204c5496728977e88a6fbe0a3477df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:09:38 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 83647
x-cache: Hit from cloudfront
content-length: 3411
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-d53"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: GCIMDcoIzjFzduQz0ZovfhJ9uxKfR269Iu3iZEfv82nnYR2Xmxx5XQ==
expires: Wed, 26 Apr 2023 16:09:38 GMT

GET
H2 200 logo-theriverstarcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
3 KB 22ms
19ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theriverstarcasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 79dda662f0e1d9941f6e37abfd88e1e9d47a47a22e7af02d8eaf0e559b4aae26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:40:19 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 49406
x-cache: Hit from cloudfront
content-length: 2881
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-b41"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: Go3W9ciD0ws5AgRlVo9pl2Q_y5DrGH99hO5Le13qzasOEx1J-PM6jA==
expires: Thu, 27 Apr 2023 01:40:19 GMT

GET
H2 200 logo-riverwindcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 23ms
21ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-riverwindcasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5815853f5d6a34adb512d6dea6ef7c8c623e079d1843f0780ef61a633cc9723f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 01:40:20 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 49405
etag: "5b6df696-f22"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 3874
x-amz-cf-id: FSrMCLKVLGvoOQ0gAYymWThtrmjSknOIB0pJHhxpSIEfKXcQz5-L9Q==
expires: Thu, 27 Apr 2023 01:40:20 GMT

GET
H2 200 logo-saltcreekcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 26ms
24ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-saltcreekcasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b12813845fa48ed49b4e80cf1b9e5c4c1f4c0714e9b8770ae4b7fc4c2983614e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:09:38 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 83647
x-cache: Hit from cloudfront
content-length: 3763
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-eb3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: eWXLk7f2VrBVcMWACWaXLUs1ZQqZ1tky5_AFoOlI0ZH6-fhW7kwTdg==
expires: Wed, 26 Apr 2023 16:09:38 GMT

GET
H2 200 logo-texomacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 25ms
23ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-texomacasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 19429578595e34b23b9a41784baeaa33ba8961779dd7ebcf6b25d52931f355a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 07:28:44 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 28501
x-cache: Hit from cloudfront
content-length: 3661
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-e4d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: J1TF5FSzHnChEutvzwJgI6kT8G0fOtDZKAi0qHhJ2RpyvsYGpL3ysw==
expires: Thu, 27 Apr 2023 07:28:44 GMT

GET
H2 200 logo-treasurevalleycasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
5 KB 27ms
24ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-treasurevalleycasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fa4eb0e1a1938615f6ffdbc6d387b8d0122b6b88bf8e50e5445b96f647d17e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:05:31 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 37094
etag: "5b6df696-1158"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 4440
x-amz-cf-id: mqGCpfK2-5CB4EhGvW47nURl8KSQi1N0W2QAfIpIyXulVLG6-2kEYw==
expires: Thu, 27 Apr 2023 05:05:31 GMT

GET
H2 200 logo-washitacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 27ms
25ms Image
image/png 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-washitacasino.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 29f7dd2a5efb522e57fc8f249d1b49ec594412d3231aee685b75761073335658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 07:28:44 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 28501
x-cache: Hit from cloudfront
content-length: 3906
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
server: nginx/1.16.1
etag: "5b6df696-f42"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: bd2xSgFFohlLHzSFtNoUOM60ie78TEhvvu3h5GK2CcdGjA8yYoKIWg==
expires: Thu, 27 Apr 2023 07:28:44 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ 409 KB
165 KB 137ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 12:51:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 12:51:36 GMT

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 12 KB
5 KB 241ms
240ms XHR
text/html 34.239.10.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.239.10.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-10-20.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8c7dc74ebd37ab69d43e8f0427b04031e6c3bbba048c015c605d6dd90814c131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.winstar.com/casino-map/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.winstar.com
x-pj-cache-status: miss
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-upstream: CNDCFE2
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 12 KB
5 KB 287ms
287ms XHR
text/html 34.239.10.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.239.10.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-10-20.compute-1.amazonaws.com

Software

nginx /

Resource Hash

49d2af535fdaf6278a9aacbe776fcf4d39718aa7093a2b9f23ca3321af30f32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.winstar.com/casino-map/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.winstar.com
x-pj-cache-status: miss
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-upstream: CNDCFE1
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 loader.gif
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/mapplic/ 7 KB
8 KB 8ms
8ms Image
image/gif 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/mapplic/loader.gif
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ba55ff9bfd46493f5ae1ec8bbdfee792ef080421e103880b2f646179a89367e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:07 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 98
x-cache: Hit from cloudfront
content-length: 7550
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
etag: "6307aadc-1d7e"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
x-amz-cf-id: VKKUcTJgWW53A_ALgGJQ7rZguUtEK_ZFCRxQm1zRTPurcETFzRwHuw==
expires: Thu, 27 Apr 2023 15:22:07 GMT

GET
H2 200 WINSTAR-MAP-11-14-22-1.02-JM-3.svg Show response
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/ 2 MB
390 KB 8ms
8ms XHR
image/svg+xml 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/WINSTAR-MAP-11-14-22-1.02-JM-3.svg
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7c58b77dd3c2ea1e2fbbf8a4f1a2108fe941ce0428940a9e6072d6bff686216a

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:13:43 GMT
content-encoding: gzip
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Fri, 18 Nov 2022 15:49:39 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 22202
etag: W/"6377a993-22926c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
x-amz-cf-id: d_G767H3avZR2b_6OuVXr-4LTSvLqM49vlthbzc3XMT9ntJPuxBpPg==
expires: Thu, 27 Apr 2023 09:13:43 GMT

GET
H2 200 map-compass.svg Show response
www.winstar.com/wp-content/plugins/mapplic/img/ 2 KB
2 KB 96ms
96ms XHR
image/svg+xml 34.239.10.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winstar.com/wp-content/plugins/mapplic/img/map-compass.svg
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.10.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-10-20.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 148ec37cc17f37a8646d7e95437fbb931c7b08d5517c31edc24743db4ffcf30c

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.winstar.com/casino-map/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx
etag: "6216a2c0-8ac"
content-type: image/svg+xml
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 2220
expires: Thu, 27 Apr 2023 15:23:45 GMT

GET
H2 200 openhand.cur
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/mapplic/ 326 B
687 B 8ms
8ms Image
application/octet-stream 2600:9000:223c:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/mapplic/openhand.cur
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=36b3fd7853dc7a4428749d69c5c14aea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:22:07 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 17:01:16 GMT
server: nginx/1.16.1
x-amz-cf-pop: FRA56-P2
age: 98
etag: "6307aadc-146"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 326
x-amz-cf-id: kMv5OotIFid1xutaEL_HzbIW3j3M44y8si2jN0eVvCgPsiPgBv78Gg==

GET
H2 200 4132260.js Show response
js.hs-analytics.net/analytics/1680016800000/ 68 KB
21 KB 167ms
138ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1680016800000/4132260.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7a4e9842068b1508f87591e28792660f9d4e165b408128cca97bdb16efe86f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: EHSSFXB9CM8ACDY2
x-amz-server-side-encryption: AES256
x-amz-id-2: UzMr8Sfljlag36sEtnuMtXQ1E6pPlyd+iubl0SPHyAtEyZqPemlSWi8Ww5s3ez9wai6TOp5oZ3M=
last-modified: Thu, 23 Mar 2023 16:35:02 GMT
server: cloudflare
etag: W/"2f7f16e5eb6e64a5b038005e1959502d"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7af0e0486c8d9a00-FRA
expires: Tue, 28 Mar 2023 15:28:45 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
21 KB 64ms
23ms Script
application/javascript 2606:4700::6811:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed00933df256ae6cdc24fbab796be18046ab51ceadee340207c709aaae0edf42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
x-amz-version-id: 0k42sq_C7kJsWObIzDKa18JpO8qUsX_m
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 136
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12686/bundles/project.js&cfRay=7af0dcf48ac72bbe-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Mar 2023 05:27:57 UTC
server: cloudflare
etag: W/"1eacf44ad69e1b3f8f8be1960f4a5057"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7af0e04889142bd3-FRA
x-amz-cf-id: WTZD6Ao3cHaNJ3ACfUNCisFwvlAItUAviYpaDprweYpjOg6o2xy3dg==
x-hs-target-asset: conversations-embed/static-1.12686/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4132260/ 208 KB
64 KB 158ms
140ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4132260/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770f705e32e64462a1d1a49807dc94e93b8550e421f45662de9575e743e9f9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
x-amz-version-id: dxQzxMaBhr1XhrsyYhsx7YpRIjhY_qQn
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: HXQAFPR9GD0HW8NV
x-amz-server-side-encryption: AES256
x-amz-id-2: 01+x5lC4OIQwopLMqmHOpecjtHH4PNIxU2O98xZgGwKNQBz5dbL0e9XeXSFcT0Hc7Og60FrwZfU=
last-modified: Fri, 10 Mar 2023 16:17:16 GMT
server: cloudflare
etag: W/"3cb2b1b3c6743cf5ec2f06887c1f5b9a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.winstar.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7af0e0485da6bbc7-FRA
expires: Tue, 28 Mar 2023 15:28:45 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 81ms
40ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860

Request headers

Referer: https://www.winstar.com/
Origin: https://www.winstar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
x-amz-version-id: waE9SUXeTvXi6sWFWRT4B49N3dJ8yImu
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 46083
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js&cfRay=7aec7b35d9882199-IAD
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Mar 2023 09:43:53 UTC
server: cloudflare
etag: W/"15b55a577dac25b07b6c519f5d1a3aec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7af0e0487bad690d-FRA
x-amz-cf-id: 8rfBupoMdom3Id6Hns_Z0kYyKyIsOembp1mIFdS6wNt_NhUxOg99dQ==
x-hs-target-asset: lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js

GET
H2

200

activityi;dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F Show response
6820846.fls.doubleclick.net/ Frame 0E2E
Redirect Chain

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?
https://6820846.fls.doubleclick.net/activityi;dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fww...

406 B
573 B

95ms
94ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6820846.fls.doubleclick.net/activityi;dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

2c51d5756efb3dc20a303854aec9d2490a475a995285bfdafcd2dba19a58fe3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 15:23:45 GMT
expires: Tue, 28 Mar 2023 15:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 15:23:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6820846.fls.doubleclick.net/activityi;dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
14ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 14:43:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2430
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 16:43:15 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/ 2 KB
2 KB 170ms
76ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991190777/?random=1680017025359&cv=11&fst=1680017025359&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&hn=www.googleadservices.com&frm=0&tiba=Casino%20Map%20%E2%80%93%20WinStar&auid=1959099846.1680017025&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eab05d9c8e068e04bdf8b69235efbae64878dd8379efaa65aeabfc696f2b813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1198
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 113ms
35ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Mar 2023 16:02:14 GMT

GET
H2

200

activityi;dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F Show response
10388130.fls.doubleclick.net/ Frame 5803
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map...
https://10388130.fls.doubleclick.net/activityi;dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A...

413 B
534 B

79ms
79ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

115178737d3125d86608f9472b010a9d1a5c9d02f2e3c43b55596a9397532549

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 235
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 15:23:45 GMT
expires: Tue, 28 Mar 2023 15:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 15:23:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F Show response
10388130.fls.doubleclick.net/ Frame C3CB
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-ma...
https://10388130.fls.doubleclick.net/activityi;dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3...

414 B
578 B

80ms
79ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

960c17a1e1826e5888e4757febd15ba710321d414e47a95cf9fa329b8990caae

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 240
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 15:23:45 GMT
expires: Tue, 28 Mar 2023 15:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 15:23:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 15:23:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: U2nlOJsWNYfEvPfBFbZml2p6VtNxiZ2B8CQOIoqqpzrz6KcdSoYKWEUrrtsuEfpFiv4iHl9FdIP9st758WdZAg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
85 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a70455c4d07059ca7a5393c30298e71b03be07db25f718a7fe20ab161fd9e9d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 15:23:45 GMT

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=3773&pg=ot
https://tag.yieldoptimizer.com/ps/ps?tc=78831677&t=s&p=3773&pg=ot

1 KB
2 KB

21ms
19ms

Script
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=78831677&t=s&p=3773&pg=ot
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 544ebbdfbe49474482995004f7ee963fafa01a3ce70a91d120fe079870512cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1201
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=78831677&t=s&p=3773&pg=ot
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=*;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F
adservice.google.com/ddm/fls/z/ Frame 0E2E 42 B
107 B 167ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=*;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F

Requested by

Host: 6820846.fls.doubleclick.net
URL: https://6820846.fls.doubleclick.net/activityi;dc_pre=CLn4lpD3_v0CFXNGHgIdqVUJXw;src=6820846;type=winss0;cat=winst0;ord=8173917907971;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6820846.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=*;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F
adservice.google.com/ddm/fls/z/ Frame C3CB 42 B
107 B 159ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=*;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=COLHmJD3_v0CFRlgwgodfd0Nvw;src=10388130;type=newpl0;cat=place00;ord=1;num=8686231277379;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=*;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F
adservice.google.com/ddm/fls/z/ Frame 5803 42 B
401 B 151ms
71ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=*;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F

Requested by

Host: 10388130.fls.doubleclick.net
URL: https://10388130.fls.doubleclick.net/activityi;dc_pre=COHEmJD3_v0CFaxUwgod9oYHzQ;src=10388130;type=place0;cat=place0;ord=1;num=4730493202625;gtm=45He33r0;auiddc=1959099846.1680017025;~oref=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10388130.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28262588-1&cid=1020270528.1680017027&jid=443115630&gjid=862390001&_gid=1917977721.1680017027&_u=YGBAiEABBAAAAEAAI~&z=592647956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winstar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 15:23:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 14ms
14ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1370873662&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&ul=en-us&de=UTF-8&dt=Casino%20Map%20%E2%80%93%20WinStar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=443115630&gjid=862390001&cid=1020270528.1680017027&tid=UA-28262588-1&_gid=1917977721.1680017027&gtm=45He33r0n81TTP9H29&cd2=1680017025355.dnvz5v0b&cd3=2023-03-28T15%3A23%3A45.356%2B00%3A00&z=1048172306

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76715
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 727075671205102 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727075671205102?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7fc7e6f55c0557187e771053814d3308b9c7c5407ad4f4c2a00379e208578e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 15:23:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SluGyV1m3QpbI7LGwvJcrPkRB6SJ5jK642LlITo7a+KYfcmLZGjoLLN0fcj8XXImdVAlKNZD2vaPm2OpWYTa3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 16:02:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 56ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1LWDFVQ2YJ&gtm=45je33r0&_p=1370873662&_gaz=1&cid=1020270528.1680017027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680017027&sct=1&seg=0&dl=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&dt=Casino%20Map%20%E2%80%93%20WinStar&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1LWDFVQ2YJ&cid=1020270528.1680017027&gtm=45je33r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 50ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M62JR698ND&gtm=45je33r0&_p=1370873662&cid=1020270528.1680017027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680017027&sct=1&seg=0&dl=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&dt=Casino%20Map%20%E2%80%93%20WinStar&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 160ms
76ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1LWDFVQ2YJ&cid=1020270528.1680017027&gtm=45je33r0&aip=1&z=44048053

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/991190777/ 42 B
327 B 52ms
51ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991190777/?random=1680017025359&cv=11&fst=1680015600000&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&frm=0&tiba=Casino%20Map%20%E2%80%93%20WinStar&fmt=3&is_vtc=1&random=1879722623&rmt_tld=0&ipr=y

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/991190777/ 42 B
455 B 132ms
49ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/991190777/?random=1680017025359&cv=11&fst=1680015600000&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&frm=0&tiba=Casino%20Map%20%E2%80%93%20WinStar&fmt=3&is_vtc=1&random=1879722623&rmt_tld=1&ipr=y

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 181ms
179ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4132260&conversations-embed=static-1.12686&mobile=false&messagesUtk=438b5edf86e140eba7b1e9400a594adf&traceId=438b5edf86e140eba7b1e9400a594adf

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f51a2e49680d349d3a2571d4655dab3303630fd1906a0f02b1edbd0174943c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.winstar.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.winstar.com/casino-map/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ed2c4105-2932-4812-8630-08c917409170
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1487
server: cloudflare
x-trace: 2B31DD2FC86ADAC6121FC2C0D33A1FD53ED75475D5000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.winstar.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9qm38ZGT63iImDLGNXY2xrn2cOiknePdGZg%2BhGbqtyTYj5O24FNBej4geSSB1PdkXHdTXdW2oiPQh9BZy4T03ZAe7vz20MD5R0vxPE8oPQ6Rv8EQ7RIMF%2FF4iXoWFxNYfjahJPmN82GogvdZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7af0e05469fe9247-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 202ms
155ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.winstar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.winstar.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7af0e05368bf9247-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 28 Mar 2023 15:23:47 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB6YxU39JnU0qKf%2BdV9sunHlmELiQAt3wrrxaF8meFJX6lv%2FRhN0hFwtPC5liWNg3C3qqNU7BFQDx74P1ikx5jqBBASmkMOlOw%2FrXjpSxSNXWiEUopZ81eYr%2BTFZTFFY%2BV%2B9iK4lCuvM8ORHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 67b861a8-8bb9-4069-8a48-7b0d2e51add4
x-trace: 2B362544B83D6BFD9ABA48BC3454B44F58B6756E6B000000000000000000

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 151ms
49ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjgyNzc0Mjg5OQ&google_sc

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 108ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 451 394499.gif
idsync.rlcdn.com/ 0
98 B 68ms
23ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3016827742899
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ 0
388 B 67ms
19ms Image
text/plain 35.241.54.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNjgyNzc0Mjg5OXwxNjgwMDE3MDI2OTU3
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.54.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3362571827437828745

43 B
68 B

22ms
21ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3362571827437828745
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3362571827437828745
pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016827742899
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016827742899

42 B
942 B

33ms
33ms

Image
image/gif

34.241.45.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016827742899

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

HTTP/1.1

Server

34.241.45.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-45-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-0b57eb040.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XMM5wDmzR+M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-017db7cbf.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FfglQiH9RTY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3016827742899
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
337 B 105ms
28ms Image
text/plain 34.246.247.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=3016827742899
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-247-4.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Tue, 28 Mar 2023 15:23:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1680017027
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58700/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADARA
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA

0
125 B

98ms
11ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Tue, 28 Mar 2023 15:23:47 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA
content-type: text/html
cache-control: no-store
content-length: 344

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3016827742899
https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=5cfa0dd9f05e47639e56b4359f1e958d

2 B
27 B

21ms
20ms

Image
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=5cfa0dd9f05e47639e56b4359f1e958d
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 15:23:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://tag.yieldoptimizer.com/ps/ps?t=s&p=6438&uid=5cfa0dd9f05e47639e56b4359f1e958d
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

80 B
244 B

47ms
47ms

XHR
application/json

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Tue, 28 Mar 2023 15:23:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD
access-control-allow-origin: https://www.winstar.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
10ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727075671205102&ev=PageView&dl=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&rl=&if=false&ts=1680017027100&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22201577111753694%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22134857518671964%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22974729233288551%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221247061269080564%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22945468869627504%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22317042923488421%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22casino-map%22%7D%7D&cs_est=true&fbp=fb.1.1680017027099.189478667&it=1680017026963&coo=false&rqm=GET

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/casino-map/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 15:23:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
898 B 154ms
121ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=828663872&v=1.1&a=4132260&rcu=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&pu=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&t=Casino+Map+%E2%80%93+WinStar&cts=1680017027343&vi=adf98258343224a367055453f92a1efb&nc=true&u=40036989.adf98258343224a367055453f92a1efb.1680017027338.1680017027338.1680017027338.1&b=40036989.1.1680017027339&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 64969d3a-6207-4c47-97e9-f025760d0b68
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOkcEiQxLOtRZpY61RxRXYlddZ4YwdzPNOL5EykE7PnjZsaQKq3scbBy7j0FSI9cj%2Bk5rcZ%2BlJcSkM%2Fo%2BHztmrgv5RL4Um0smLoas%2FMDEB4QxvCJliX20GPwTqHE9X0AzK71bi1PkjRDmM42HuTV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7af0e0552a3903f8-FRA
x-robots-tag: none

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 25ms
8ms Script
text/javascript 2600:9000:225e:f000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/casino-map/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18935a832b69ea403b52af69de326274747cd437fdfb7033ee5b9dae7c25a096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Amz-Version-Id: EySIR6cncYQh2iJlgW8YC46xyW8nrJXm
Content-Encoding: gzip
Via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
Date: Tue, 28 Mar 2023 14:52:29 GMT
Age: 1878
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 13:46:26 GMT
Server: AmazonS3
Etag: W/"6958f0e4318cc01821cd9665c1ed4bb8"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: z0Q4EVKT7UxbX9tQTykJ6Gb2pk1--xdvxZ6PRgMsyOMJeSoiK0kF6g==

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 220 B
830 B 201ms
200ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4132260&utk=adf98258343224a367055453f92a1efb&__hstc=40036989.adf98258343224a367055453f92a1efb.1680017027338.1680017027338.1680017027338.1&__hssc=40036989.1.1680017027339&currentUrl=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89d0cc28393ae618fec6bbcb954b2d65d86e9a6ea5dd5f22c580ecd4215332f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8758bb2c-4625-4e34-96fb-0d82a27183f7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.winstar.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJC8MurH1XyaPDhCzlq4CyleNngZTwLn3%2FkCPDImYIQAnurI5%2FPLfYS8txKk%2Ff4im4qwiEAjtLeWnpOjPrcmQj7jGrTLi2jnDErWCut26E0bZhOUtEuxtcplOUGUmpQ42KkvFq%2FURaypqJtMYk67"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7af0e0554b279247-FRA

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/2EXMERFAKVBCLKX2AY3NF3/ 42 B
799 B 9ms
8ms Script
application/javascript 2600:9000:225e:f000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/2EXMERFAKVBCLKX2AY3NF3/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Amz-Version-Id: BhzhADnMW.fUX6T6uKHgI9yuVpodCntd
Date: Tue, 28 Mar 2023 08:51:28 GMT
Via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
Age: 23540
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 42
Last-Modified: Tue, 21 Mar 2023 16:32:30 GMT
Server: AmazonS3
Etag: "2ff5e20519778d0385c77e7f6e12de10"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 5lh9UskGVnolwFBTa4gMBEJHhwE65IUF4Cb7If1CDnwtTb73FKTHzA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

12ms
12ms

Script
application/javascript

2600:9000:225e:f000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:225e:f000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 27 Mar 2023 18:45:24 GMT
Via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
Age: 74306
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fyn7_08q8LPaJOV8ynQxDKVORIjeyQfSD369_5LTNI_d4jbqAtCu9Q==

Redirect headers

Date: Tue, 28 Mar 2023 08:47:56 GMT
Via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
Age: 23751
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: hDx2CTmgCEdvos9kwAuNfbYIofOuc9cy69KIyge0MJKb6HG9LfnUFg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/ 0
809 B 25ms
12ms Script
text/javascript 2600:9000:225e:f000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Amz-Version-Id: B0Cavvm9.50Jxvpxr8P7X81X77uhQQsC
Date: Tue, 28 Mar 2023 14:24:03 GMT
Via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
Age: 3585
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 18 Mar 2023 23:07:57 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2jfVNOEJJMFDWDKdcZn89hXHDlsE0WCBZxuwmQ-LhuIDx_3gJ1Zk6Q==

GET
H2 200 438b5edf86e140eba7b1e9400a594adf Show response
app.hubspot.com/conversations-visitor/4132260/threads/utk/ Frame 7D57 53 KB
19 KB 178ms
157ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4132260/threads/utk/438b5edf86e140eba7b1e9400a594adf?uuid=a927ba37dca24a5f9e3bdb1f4e8238a2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=winstar.com&inApp53=false&messagesUtk=438b5edf86e140eba7b1e9400a594adf&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2736ca0ef4619f12cbe83a6c910bf0beb7768218a5b98c681e383dec2c902920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7af0e055cb2a03f8-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.15138/html/index.html&cfRay=7af0e055cb2a03f8&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4132260%2Fthreads%2Futk%2F438b5edf86e140eba7b1e9400a594adf%3Fuuid%3Da927ba37dca24a5f9e3bdb1f4e8238a2%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dwinstar.com%26inApp53%3Dfalse%26messagesUtk%3D438b5edf86e140eba7b1e9400a594adf%26url%3Dhttps%253A%252F%252Fwww.winstar.com%252Fcasino-map%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.winstar.com%2F&cfenv=prod&pdt=2023-03-28&csp=ro
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 15:23:47 GMT
etag: W/"f136c66c4c09631d3ac915172bb05a84"
last-modified: Fri, 24 Mar 2023 05:27:57 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7af0e055cb2a03f8&resource=conversations-visitor-ui/static-1.15138/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
x-amz-cf-id: BrUk193-0ZOzgmxpb2XUj628UUuPYCc0E7Upu3hwsjZ90EK_Ym6XJw==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: wEswD5J_Xx.o9GYl0KNUSy5ASBNxlMvC
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.15138/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 2EXMERFAKVBCLKX2AY3NF3 Show response
d.adroll.com/consent/check/ 463 B
556 B 173ms
29ms Script
application/javascript 2a05:d018:cc3:fe05:76ba:e622:a244:858
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2EXMERFAKVBCLKX2AY3NF3?pv=65911459853.37734&arrfrr=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&_s=103d3f3d226c46d31005945f10ded76f&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:76ba:e622:a244:858 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: a0260dc1b2433ef668706e88d779f42bad28a6ad466ab4768a01e711e8583222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

POST
H2 200 / Show response
www.facebook.com/tr/ Frame EAA5 0
49 B 13ms
12ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.winstar.com
Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.winstar.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 15:23:47 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.299/ Frame 7D57 44 KB
17 KB 53ms
20ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.299/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/438b5edf86e140eba7b1e9400a594adf?uuid=a927ba37dca24a5f9e3bdb1f4e8238a2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=winstar.com&inApp53=false&messagesUtk=438b5edf86e140eba7b1e9400a594adf&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30e362393f2e64006a874e0d1cd6a497ec4cb5d84f0ee2dcaf50726ac25f7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
x-amz-version-id: yNgYebpFkF6oi8GrGVZ7PbhtJEbT8XY0
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 426775
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 14:13:21 GMT
server: cloudflare
etag: W/"8d12f6e49c6a678f32aaafb6b4cc5cdc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY5ZnYtx4cZxHQFYyNNim262tLmWn0g1LnWvMGJIxn%2BzKROQRu03Ivm%2BQm%2BQQXLpmsJiGTs%2FHmMGlXOnKBUfG9lEDef%2B8wWGcq9LpGvzinsIDenCMNBg0Hl7uNwDhR2%2BM7RQtjmxNG86Bs7SW2B%2F9m%2Bz31g%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7af0e057bbc22c2b-FRA
x-amz-cf-id: qkqxfgY3SC-icyMJOsKDzI-VsXMy_5kez8UtDILOjbAjyvx90lljkg==
expires: Wed, 27 Mar 2024 15:23:47 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/ Frame 7D57 20 KB
4 KB 72ms
24ms Stylesheet
text/css 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
x-amz-version-id: eTttM9S_vWGkXsa3G13R54bOHuRyRlPL
via: 1.1 be868d7f633deda2e751380068dbbab4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BOM50-C1
age: 1865963
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 22:24:16 GMT
server: cloudflare
etag: W/"8b2053a9d9199e217c1f3e61d80f5d90"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59VLQXdAkg%2FYzTfBxYlZLTAbvTbAd7wLMhtcjHMpYAH%2BUfpUKmASh508lesLWqsUc9c5rfXjNvNfHUesSlWg588ygS4xUAs5tlE0Q214ajV06NrfRti%2BEx5ogj7m1BHXviv%2Bc07SO79T9c68NfPcAzRf6Hk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7af0e057d9d65c02-FRA
x-amz-cf-id: Es6tJ0Ik1PacAUwH4cqKWAdGo24XGzJcMm_p2tf3didqKUBVHss_4Q==
expires: Wed, 27 Mar 2024 15:23:47 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.376/ Frame 7D57 294 KB
94 KB 65ms
33ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.376/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0300214e11b240e10522e4f1ad62ec169cc2aaf02d2baf2da0a549684fd9a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
x-amz-version-id: a6ZTSsHVt9l6.9nsUWaYQP1mG4R5Ivop
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1893162
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 16:47:40 GMT
server: cloudflare
etag: W/"55586520536599ca305d3b7b5396a562"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcV6ktpkBXAYxr4cJeMI4xwaYXJwujr0%2BK%2Fck5niwsYTwDu5O%2ByT7tX89c%2FnG%2BBsAiSXFczz0lPOU9kCCPECfy%2Fzj31FX%2FvG%2FWb%2FtpzqPGVHglrsutlk2wCCuMhAvcMXkXZBvJsmbXjlzWuTop%2FFr2i0KlI%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7af0e057bbc32c2b-FRA
x-amz-cf-id: AmXsvROg8c1KROVBT5IuUPJq9BRcmS6LIOSbxwrpvjIQOQHsFFCJxw==
expires: Wed, 27 Mar 2024 15:23:47 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15138/bundles/ Frame 7D57 607 KB
178 KB 64ms
32ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15138/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad52e75a714b57c0ede0aeecc1515adba4503ee9c304891a9f6509a3b15e2aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
x-amz-version-id: xNu41WXiyFWYx2CgvgrtX6l_f_tmOkpq
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 338134
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 24 Mar 2023 17:12:47 GMT
server: cloudflare
etag: W/"cc7687a1c62174cb331ad4a793f8d097"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B2IXYT2K9Yv6%2FUqDWNlyQ2CYbZHa%2FqO1yss5Sf9S3zOizGKe%2BMyCPo1F8cDXzwZtKjIB9bjkserX81bHTZUMunQ7%2B2TL6pMQKYnUls%2FNK4llaNRJQom2xSiXZ52G9xP4nEdc7jWKRJgO4X563TURH%2BWjbU%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7af0e057bbc42c2b-FRA
x-amz-cf-id: SjIJLJ0ROnL11BSxjTw_3iQuXyTYMHTNnJuAlqXqLpn-pblLqAniLg==
expires: Wed, 27 Mar 2024 15:23:47 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14996/ Frame 7D57 776 B
859 B 17ms
17ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14996/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15138/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99bab4b1541e206ab32cf8350e893eb7d1cb8d0edf36bd6ddc1066354cef2747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:47 GMT
x-amz-version-id: bFsI9hlKDHvsURQ_j88lekjNwl3z5qdB
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1531765
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 20:06:59 GMT
server: cloudflare
etag: W/"0a0ee213fac387634f85872a3f472d5c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lldVJaSA2z3pn106bOWBMmtvOPf9gBTFmNdH4Hid1d%2BwzuRgBjpBSeP2N3AI9G06H3zVHVW06sEQgeP0KmIgf%2F8SumkG5FdAGWzYltySQ%2BbwH4agraMxy%2B32lkBnDN4qi8iZPBWg8uFh8lfK3f5c0AVjg0Q%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7af0e0589d042c2b-FRA
x-amz-cf-id: afpvbBXMGHjntAE6AvhusVGJyc_sj9h711_L59c8l9LL7g_xussBzg==
expires: Wed, 27 Mar 2024 15:23:47 GMT

GET
H2 200 winbot%20(1).png
f.hubspotusercontent10.net/hub/4132260/hubfs/ Frame 7D57 7 KB
7 KB 297ms
245ms Image
image/png 2606:4700::6810:d7ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent10.net/hub/4132260/hubfs/winbot%20(1).png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d7ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f971e9199df3c405a613ab627eb68c2ee8ed44267b7d86add46f20ce7ccf2490

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-50759716711,P-4132260,FLS-ALL
content-length: 6910
cf-resized: internal=ok/m q=0 n=294+0 c=2+11 v=2023.3.3 l=6910
last-modified: Wed, 14 Jul 2021 03:17:17 GMT
cf-bgj: imgq:99,h2pri
server: cloudflare
etag: "cfuavY1YIDRxAdxmCCKTIvO6gFm9vgTOLORC04iu3DDQ:baa51713239a333391cb5adb3d216074"
vary: Accept, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7af0e0597f0f6931-FRA

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 7D57 0
1 KB 127ms
127ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15138

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15138/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/438b5edf86e140eba7b1e9400a594adf?uuid=a927ba37dca24a5f9e3bdb1f4e8238a2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=winstar.com&inApp53=false&messagesUtk=438b5edf86e140eba7b1e9400a594adf&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 15:23:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bc5ad4ef-c9cf-4205-9483-15796258e3fe
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaEYlzZTSgNSeWOKVCgU8%2FWrT2hv3pc0a4ORobxPrpYWwcVJ%2BPsKBmdcnNMVKi2yeMjkqY6vTNxk6qMOx0V%2FY6I6moq%2Bjmqz7H1%2FJAUJVJpbMQrwdvLc0Gx0sftLCM1NO7L78RjHzzvEm3pcLw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 7af0e0593fd803f8-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1154912/ Frame 7D57 1 KB
1 KB 159ms
159ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1154912/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15138&conversations-visitor-ui=static-1.15138&traceId=438b5edf86e140eba7b1e9400a594adf&sessionId=AMOaWbKwqoNhmhr8CDMaHrwhGj6ddyhgZY2Vf6IA4btqlw_dhcOewFSL242zRfKZpaP59x5I4xiJ6khz2_zysc1aoS8NJyer26uk98hv57xrL4RXEGz4FZNpO-6DsMG1-mZyn1JtmBtrah_FEfFCUxHUv-LyVWCIOpizZ4PiOA7SiJRnzPYLZq8

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.299/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8990f210e0f2cff5be680af80e31de75057701de2a91083b6e4510d31b06123f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/4132260/threads/utk/438b5edf86e140eba7b1e9400a594adf?uuid=a927ba37dca24a5f9e3bdb1f4e8238a2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=winstar.com&inApp53=false&messagesUtk=438b5edf86e140eba7b1e9400a594adf&url=https%3A%2F%2Fwww.winstar.com%2Fcasino-map%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 15:23:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2ae59ff6-1efc-4b3f-96c3-2479b004a66a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BAB7E97EBF44764588CDD58985A60D5E1208AA488000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0miLK42L8hSFz95ZlQKIRFoQyiDC4KEglipj5s4UU7jlSEYuZlsaPA7NrioWHF9lNc2yzuMEl1FYTvVuE1Tkx67kpmBCm9RVCBQQfRq8yxD6jMV%2B%2BbbKMVFguU4XKrKt59vAZTDzfrn5lFMhg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 7af0e0593fe303f8-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winstar.com/	1970-01-20 12:49:53	Name: _gcl_au Value: 1.1.1959099846.1680017025
www.winstar.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5xC6Ut0bP7BFcy4jQt-FRKW8Ut-nSE8ooq4xyBdV4dIEv4xpCrmJrEkG8o47ExHX
.yieldoptimizer.com/	1970-01-20 19:25:53	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 19:25:53	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 19:25:53	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 19:25:53	Name: cktst Value: 78831677
www.winstar.com/	1970-01-20 19:25:17	Name: firsttimevisit Value: beentheredonethat
www.winstar.com/	1970-01-20 19:25:17	Name: firsttimemapvisit Value: beenheredonemap
.doubleclick.net/	1970-01-20 20:01:53	Name: IDE Value: AHWqTUk2hTvK37nLU00m_EZXy6YZHtmNCEB0YxlpWe1fVV65TE7sjKzT0bw2_XgFe4A
.winstar.com/	1970-01-20 10:41:43	Name: _gid Value: GA1.2.1917977721.1680017027
.winstar.com/	1970-01-20 10:40:17	Name: _dc_gtm_UA-28262588-1 Value: 1
.yieldoptimizer.com/	1970-01-20 19:25:53	Name: ckid Value: 3016827742899
.yieldoptimizer.com/	1970-01-20 19:25:53	Name: ph Value: %7B%22p%22%3A%5B1025%2C1457%2C1203%2C1476%2C39%2C1305%2C1034%2C1084%2C1022%5D%2C%22t%22%3A%5B124791%2C124791%2C124791%2C124791%2C124791%2C124791%2C124791%2C124791%2C124791%5D%7D
.winstar.com/	1970-01-20 20:16:17	Name: _ga_1LWDFVQ2YJ Value: GS1.1.1680017027.1.0.1680017027.60.0.0
.winstar.com/	1970-01-20 20:16:17	Name: _ga Value: GA1.1.1020270528.1680017027
.winstar.com/	1970-01-20 20:16:17	Name: _ga_M62JR698ND Value: GS1.1.1680017027.1.0.1680017027.0.0.0
.winstar.com/	1970-01-20 12:49:53	Name: _fbp Value: fb.1.1680017027099.189478667
.adaraanalytics.com/	1970-01-20 19:25:53	Name: ckid Value: 3016827742899
.adaraanalytics.com/	1970-01-20 19:25:53	Name: aackid Value: 3016827742899
.krxd.net/	1970-01-20 14:59:29	Name: _kuid_ Value: PdjhVaiZ
.yahoo.com/	1970-01-20 19:26:14	Name: A3 Value: d=AQABBIMGI2QCEN0D2Klm1I8Dr6YF5hoQUa0FEv__AP8AAAAAAOANyiMAAAAAgA&S=AQAAArHleBZqtEMMlcRRrh011HI
.demdex.net/	1970-01-20 14:59:29	Name: demdex Value: 59035683298428366530135725190265711786
.ctnsnet.com/	1970-01-20 19:25:53	Name: cid_5cfa0dd9f05e47639e56b4359f1e958d Value: 1
.turn.com/	1970-01-20 14:59:29	Name: uid Value: 3362571827437828745
.dpm.demdex.net/	1970-01-20 14:59:29	Name: dpm Value: 59035683298428366530135725190265711786
.yieldoptimizer.com/	1970-01-20 19:25:53	Name: dph Value: %7B%22t%22%3A%5B124791%2C124791%5D%2C%22dp%22%3A%5B4889%2C3773%5D%7D
.winstar.com/	1970-01-20 14:59:29	Name: __hstc Value: 40036989.adf98258343224a367055453f92a1efb.1680017027338.1680017027338.1680017027338.1
.winstar.com/	1970-01-20 14:59:29	Name: hubspotutk Value: adf98258343224a367055453f92a1efb
.winstar.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.winstar.com/	1970-01-20 10:40:18	Name: __hssc Value: 40036989.1.1680017027339
.hubspot.com/	1970-01-20 10:40:18	Name: __cf_bm Value: 2lhephmcEi7MXLGg0T1Aj4xenqhI8mx9B5THXzILJ3U-1680017027-0-Aeu/n93KPc7FiEUK93/2AV5bN6CVqJ9IrrfBZoidCUMC7DUm7b+fUk/+TfIvG6/vtSUrx+1r26YZkDeOio6Xe8I=
.winstar.com/	1970-01-20 14:59:29	Name: messagesUtk Value: 438b5edf86e140eba7b1e9400a594adf

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3016827742899 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10388130.fls.doubleclick.net
6820846.fls.doubleclick.net
adservice.google.com
api.hubspot.com
app.hubspot.com
beacon.krxd.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.adroll.com
d.turn.com
dkr2rmsityotp.cloudfront.net
dpm.demdex.net
f.hubspotusercontent10.net
forms.hubspot.com
googleads.g.doubleclick.net
idsync.rlcdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.usemessages.com
match.adsrvr.org
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
static.hsappstatic.net
stats.g.doubleclick.net
tag.adaraanalytics.com
tag.yieldoptimizer.com
track.hubspot.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.winstar.com
142.250.184.226
142.250.185.230
142.250.186.162
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:4860:4802:38::178
2001:678:cb4:bbbb::13
212.82.100.182
2600:9000:223c:e400:6:ec6d:cb40:21
2600:9000:225e:f000:6:9280:1080:93a1
2606:4700:4400::ac40:9a55
2606:4700::6810:d7ed
2606:4700::6811:46b0
2606:4700::6811:6d2
2606:4700::6811:d2cc
2606:4700::6811:e6cc
2606:4700::6811:ebcc
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:806::2004
2a00:1450:4001:809::2008
2a00:1450:4001:811::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c0d::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:cc3:fe05:76ba:e622:a244:858
3.33.220.150
3.71.149.231
34.239.10.20
34.241.45.41
34.246.247.4
35.186.193.173
35.186.212.60
35.241.54.161
35.244.174.68
01ba0ea8fdbfdb6771a69fe9f211f66e2c74a344b8a1dc319d6c9b00e85a8b80
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0300214e11b240e10522e4f1ad62ec169cc2aaf02d2baf2da0a549684fd9a4d1
033b939733b8808dd4f5ebee9284d9bdd23fe5cb59d35e397a3333fac04d7ce3
0375cc0fd0fb4b0e90380397b8a222b1ba9d8bccb9c6edfc039fe1275b51a553
0613ea0ac2c4a4682fa06b80df67c61d4b8bc7bd8a3105ad49a7ea5b4bf1492d
066adf1f3d9d490a730c12cfea2ae35f40057353c9fe193643e2eb30ba13e456
080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35
09dc174046e8ff4e45641d3c527545de17b08ad706d4ae44a14bcdda80f2a401
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d6b33b87ffcc52f84fdbcdcc7536c9fadf39f8f37d05adc34d6db6cdb22bdfc
105300faa64c67c4a1067aa5ba92d0ee87ffb117a2e693578a38b8659603292d
115178737d3125d86608f9472b010a9d1a5c9d02f2e3c43b55596a9397532549
148ec37cc17f37a8646d7e95437fbb931c7b08d5517c31edc24743db4ffcf30c
14c1540625836c1d2c749e93912ce087330795872ac365105b4af846405c61e2
18935a832b69ea403b52af69de326274747cd437fdfb7033ee5b9dae7c25a096
19429578595e34b23b9a41784baeaa33ba8961779dd7ebcf6b25d52931f355a4
1f51a2e49680d349d3a2571d4655dab3303630fd1906a0f02b1edbd0174943c9
2736ca0ef4619f12cbe83a6c910bf0beb7768218a5b98c681e383dec2c902920
29f7dd2a5efb522e57fc8f249d1b49ec594412d3231aee685b75761073335658
2c28c476b0f99acb56fe1e58006145adffc1a0170eedf5e398b352062399c931
2c51d5756efb3dc20a303854aec9d2490a475a995285bfdafcd2dba19a58fe3f
33cb1aafbb57d455025007ad9b01f40e259cd377a611fa6792ac9ab73d624803
33e6350ac50ff110e033947d498b3ff868bd5e117bcc2340bc0cf1cf677a3d2a
36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66
3747050dc85468bad2a0eeaaf35915fe432dfb7084b56941672beebd6e1e75c4
3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a
3de9de632a3e6f2e22017bc5d232014a93f6fe2f7d9ec263380bc974b0fb5db3
41da77e99ce20356956eda28208e4c9717a04360ce5172391277f7d456b8d28f
4567edfd8bc0ab6bf15dc711d50b5b824229f4fac6d93af1783989fc83090f1c
49d2af535fdaf6278a9aacbe776fcf4d39718aa7093a2b9f23ca3321af30f32e
4a40fdd50fa2fa6991af1f9fb09e1d83a2b75f52c45bb2e949fa7adf17e066b8
4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d
4eab05d9c8e068e04bdf8b69235efbae64878dd8379efaa65aeabfc696f2b813
52fdc524903bf82b78d5deabff63aa9860e60f1801f9aa4d7f2ba185b6783f43
544ebbdfbe49474482995004f7ee963fafa01a3ce70a91d120fe079870512cf5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565be41b015066abca0a932cfb8748da75952ace8741964a4db6250947db1d95
578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f
5815853f5d6a34adb512d6dea6ef7c8c623e079d1843f0780ef61a633cc9723f
58c7c2c6f8bb110cdfa290718e1e29ed363c00e906b8bf849faefad6438a32db
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
64f984d771c6fd92576d6d6cd8212b34b6c1c03f14ffc778bfb7fbac45279d9b
6853d729a67593739860d399dc73e21340de4f57bda79cc930f536e428967b4f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb1a2354c8e7d03fb4abe84b5f9ae45cd206c98f752c379dbb5f5623bbd444d
7417cf0ced331f273313912449912c946fa76612af11c6b0a0c494b40f0c1a92
75f98eded1c38b08dd72f67aa90005f9b6418cb82a0e679b3f474ddc8ef60751
770f705e32e64462a1d1a49807dc94e93b8550e421f45662de9575e743e9f9f8
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
789cb622c3e228b6faa3285c4da8d6e9196ba68e4102e631d3a4fce1489c1beb
790db0690aea8526789baad5093b2ed144b126b2ae72b89bfeb8e80c77695142
79dda662f0e1d9941f6e37abfd88e1e9d47a47a22e7af02d8eaf0e559b4aae26
79fa2f37277358cc1cc0986b154485602220861ec3f2afcef6126b1cf6b1e5df
7c58b77dd3c2ea1e2fbbf8a4f1a2108fe941ce0428940a9e6072d6bff686216a
7e4e389c072794cb0cc4a4e610be9ea14ab7ccd12d566a2fa17b7209561b768b
81ae22dc9680379e1cc5fd07c05e54778d0b27b7f54b457c185cb7cab0076dd4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b59840ab6433a38b9902a055593233909e71ac97e48eb36fc392d0605d2b98
85c826557d06c300e5516b92a216d272bb1ded34f32a1931d39445ff7cbd985f
86190e5e8be7fbfc1aabf3edbb7cf7c0366361c35e6f326330ca74a1914d12f7
86bdd63a4e04be3802dd72ce6cf38c2b0bb571b0b2efa59370e96566f2c64b6b
8990f210e0f2cff5be680af80e31de75057701de2a91083b6e4510d31b06123f
89d0cc28393ae618fec6bbcb954b2d65d86e9a6ea5dd5f22c580ecd4215332f5
8c7dc74ebd37ab69d43e8f0427b04031e6c3bbba048c015c605d6dd90814c131
8d677c877ee196e63674af60b0b0efb884da667f034e2e7d5aba6fac671ee473
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9000c15925b11f7536f40cb6ea50abad54fda08fefb5ba6ef9fea434f969f663
960c17a1e1826e5888e4757febd15ba710321d414e47a95cf9fa329b8990caae
99bab4b1541e206ab32cf8350e893eb7d1cb8d0edf36bd6ddc1066354cef2747
9b314496498a7981acb001c61520b307b3386689ac63049ef126f8c48e99cacb
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a0260dc1b2433ef668706e88d779f42bad28a6ad466ab4768a01e711e8583222
a316e584c488ca0f3a672004cdd5ce900318586edffc0955c229e8c3d8b34e17
a3a1d3ef0636f519d37eafe44045a350594b59de1556ca68fc855a79bdeda319
a66b0cb93bcbaae7f1fa82dc4783fe57f65aab20bae806a049727ebd41a09152
a70455c4d07059ca7a5393c30298e71b03be07db25f718a7fe20ab161fd9e9d2
aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb
aab92c326a1bed55b744fc756d3d4b31148c8ee463ad0e69c65b73ad6b71692c
ad52e75a714b57c0ede0aeecc1515adba4503ee9c304891a9f6509a3b15e2aef
b12813845fa48ed49b4e80cf1b9e5c4c1f4c0714e9b8770ae4b7fc4c2983614e
b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9
b795ece97224449967780313c67b1b224db511d0f93ff734f5ab9bbcc3da0bfa
ba51a474e5d660c43316a015ae9ae74ceebb7fc9ba6b74bfca5f1184a04bf6ff
ba55ff9bfd46493f5ae1ec8bbdfee792ef080421e103880b2f646179a89367e8
bf3a0e15b6b79b70bc847a485b3efe4135c4ac520b5bace74427b55c50a4bbd0
c15786285ba0667a0ef68b90870bd9a9fffeeef3420bc2a40eae3e1d03b4537c
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c6403d94b772acfb45a7caf6537bdcf3e98af27b4be76b120b5575ea212d3739
cc6c4b5e28b2032cbe3f5643ecf372843204c5496728977e88a6fbe0a3477df0
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce73470113c7b4aa205fcd5fce22efbe0c083525f38ae81a383f0af55aa8d10a
d24ecb7eb37b4d96efa8e02f34934dd12e13681ba55925824fc5b48107d3fa78
d25eb436f584562f7c291c66772de30b819d99dbd8319648797e3fb85e09bed2
d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790
d7fc7e6f55c0557187e771053814d3308b9c7c5407ad4f4c2a00379e208578e7
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc68ea8582cd092be8c9d5049db340f753d4c14d05e579b8a1d58d8c3348799f
de7a4e9842068b1508f87591e28792660f9d4e165b408128cca97bdb16efe86f
e30e362393f2e64006a874e0d1cd6a497ec4cb5d84f0ee2dcaf50726ac25f7de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed00933df256ae6cdc24fbab796be18046ab51ceadee340207c709aaae0edf42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f167ef6884d0371cc440bb877d32d98d26890524fadfc6f7d627caf65041b6e1
f27791ce35bfbad21f1bc95b938236f1b2ae11d21da0824f267314ada9258be0
f371b23c225666578058cb2aa2b9febb709e2ad1661b73f675a6cd0abc475e7e
f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9
f971e9199df3c405a613ab627eb68c2ee8ed44267b7d86add46f20ce7ccf2490
f9a240e7c9a462e34c3cbefcc132d9eb8a90432dc0e631c39f6208a9e68cf0e5
fa4eb0e1a1938615f6ffdbc6d387b8d0122b6b88bf8e50e5445b96f647d17e68
fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.winstar.com Open in urlscan Pro 34.239.10.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

133 Requests

94 %HTTPS

66 %IPv6

29 Domains

41 Subdomains

35 IPs

5 Countries

2858 kBTransfer

11174 kBSize

32 Cookies

28 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.winstar.com Open in urlscan Pro
34.239.10.20 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

94 %
HTTPS

66 %
IPv6

29
Domains

41
Subdomains

35
IPs

5
Countries

2858 kB
Transfer

11174 kB
Size

32
Cookies

133 HTTP transactions
3 data transactions