winetrain.pages.dev Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winetrain.pages.dev/
Submission: On July 02 via api (July 2nd 2024, 3:49:42 pm UTC) from US — Scanned from NL

Summary HTTP 148 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 40 domains to perform 148 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is winetrain.pages.dev.
TLS certificate: Issued by WE1 on July 1st 2024. Valid for: 3 months.

This is the only time winetrain.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 22	34.160.66.192 34.160.66.192	15169 (GOOGLE) (GOOGLE)
2	107.21.104.61 107.21.104.61	14618 (AMAZON-AES) (AMAZON-AES)
6	104.126.37.176 104.126.37.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	34.107.173.171 34.107.173.171	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
6	104.18.29.104 104.18.29.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:e30... 2a02:26f0:e300:293::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
8 9	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1f::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 5	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	35.241.54.161 35.241.54.161	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1 2	54.154.75.170 54.154.75.170	16509 (AMAZON-02) (AMAZON-02)
1 1	54.164.16.2 54.164.16.2	14618 (AMAZON-AES) (AMAZON-AES)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
5	216.58.206.78 216.58.206.78	15169 (GOOGLE) (GOOGLE)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	15.197.142.117 15.197.142.117	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20a... 2600:9000:20ab:3800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	3.255.41.64 3.255.41.64	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
148	46

21 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

winetrain.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.160.66.192 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 192.66.160.34.bc.googleusercontent.com

checkout.ventrata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ventrata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.checkout.ventrata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.ventrata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.104.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-104-61.compute-1.amazonaws.com

www.esbnyc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.37.176 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-176.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.173.171 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.173.107.34.bc.googleusercontent.com

consentag.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.29.104 (None, )

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300:293::1931 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

9926338.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.198 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1f::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.75.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-75-170.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.16.2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-16-2.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.4 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o290279.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.142.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: a46b405d1b15c420e.awsglobalaccelerator.com

fp.ventrata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.255.41.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ventrata.com 1 redirects checkout.ventrata.com — Cisco Umbrella Rank: 285554 assets.ventrata.com — Cisco Umbrella Rank: 403795 cdn.checkout.ventrata.com — Cisco Umbrella Rank: 298323 api.ventrata.com — Cisco Umbrella Rank: 302906 fp.ventrata.com — Cisco Umbrella Rank: 334837	307 KB
21	pages.dev winetrain.pages.dev	1 MB
18	doubleclick.net 10 redirects 9926338.fls.doubleclick.net — Cisco Umbrella Rank: 583506 ad.doubleclick.net — Cisco Umbrella Rank: 164 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 cm.g.doubleclick.net — Cisco Umbrella Rank: 274 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	2 KB
9	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3125 adservice.google.com — Cisco Umbrella Rank: 213 www.google.com — Cisco Umbrella Rank: 5	402 B
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	22 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 24919	118 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	143 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4205	62 KB
5	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 527 ib.adnxs.com — Cisco Umbrella Rank: 279	5 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 913	5 KB
4	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2013 ups.analytics.yahoo.com — Cisco Umbrella Rank: 471 sp.analytics.yahoo.com — Cisco Umbrella Rank: 1623	1 KB
4	google.nl www.google.nl — Cisco Umbrella Rank: 10567	642 B
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1585 match.adsrvr.org — Cisco Umbrella Rank: 405 insight.adsrvr.org — Cisco Umbrella Rank: 1062	13 KB
4	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4939	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	406 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	22 KB
3	ctnsnet.com i.ctnsnet.com — Cisco Umbrella Rank: 11832	2 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 6601	3 KB
2	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1537	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 650	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1625 pixel.quantserve.com — Cisco Umbrella Rank: 1193	10 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1130	22 KB
2	consentag.eu consentag.eu — Cisco Umbrella Rank: 28161	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	72 KB
2	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5921 pixel.sojern.com — Cisco Umbrella Rank: 9276	1 KB
2	esbnyc.com www.esbnyc.com — Cisco Umbrella Rank: 454228	85 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 311	596 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 900	14 KB
1	gstatic.com www.gstatic.com	213 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1607	1 KB
1	sentry.io o290279.ingest.sentry.io — Cisco Umbrella Rank: 339559	299 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2418	143 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 827	1 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1392	415 B
1	adaraanalytics.com tag.adaraanalytics.com — Cisco Umbrella Rank: 28040	388 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	2 KB
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	geoplugin.net Failed ssl.geoplugin.net Failed
148	40

	Domain	Requested by
21	winetrain.pages.dev	winetrain.pages.dev
18	api.ventrata.com	cdn.checkout.ventrata.com
9	ad.doubleclick.net	8 redirects winetrain.pages.dev
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	client.crisp.chat	winetrain.pages.dev client.crisp.chat
6	analytics.tiktok.com	winetrain.pages.dev analytics.tiktok.com
6	dev.visualwebsiteoptimizer.com	winetrain.pages.dev dev.visualwebsiteoptimizer.com www.googletagmanager.com
4	www.facebook.com	winetrain.pages.dev
4	ct.pinterest.com	cdn.checkout.ventrata.com s.pinimg.com
4	secure.adnxs.com	2 redirects winetrain.pages.dev
4	adservice.google.com	winetrain.pages.dev
4	www.google.nl	winetrain.pages.dev
4	tag.yieldoptimizer.com	1 redirects winetrain.pages.dev
4	www.googletagmanager.com	winetrain.pages.dev www.googletagmanager.com
3	www.google.com	1 redirects winetrain.pages.dev
3	cm.g.doubleclick.net	winetrain.pages.dev
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	cdnjs.cloudflare.com	www.googletagmanager.com winetrain.pages.dev
3	i.ctnsnet.com	www.googletagmanager.com i.ctnsnet.com consentag.eu
2	pi.pardot.com	winetrain.pages.dev pi.pardot.com
2	sp.analytics.yahoo.com	winetrain.pages.dev
2	fp.ventrata.com	cdn.checkout.ventrata.com
2	www.recaptcha.net	cdn.checkout.ventrata.com www.gstatic.com
2	dpm.demdex.net	1 redirects winetrain.pages.dev
2	c1.adform.net	2 redirects
2	match.adsrvr.org	winetrain.pages.dev
2	region1.analytics.google.com	www.googletagmanager.com cdn.checkout.ventrata.com
2	9926338.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	winetrain.pages.dev s.pinimg.com
2	consentag.eu	www.googletagmanager.com consentag.eu
2	connect.facebook.net	winetrain.pages.dev connect.facebook.net
2	cdn.checkout.ventrata.com	winetrain.pages.dev
2	www.esbnyc.com	winetrain.pages.dev
1	bam.nr-data.net	cdn.checkout.ventrata.com
1	insight.adsrvr.org	js.adsrvr.org
1	js-agent.newrelic.com	winetrain.pages.dev
1	pixel.quantserve.com	winetrain.pages.dev
1	www.gstatic.com	www.recaptcha.net
1	googleads.g.doubleclick.net	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	o290279.ingest.sentry.io	cdn.checkout.ventrata.com
1	api.ipify.org	winetrain.pages.dev
1	ups.analytics.yahoo.com	winetrain.pages.dev
1	cms.analytics.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	d.turn.com	1 redirects
1	tag.adaraanalytics.com	winetrain.pages.dev
1	pixel.sojern.com	winetrain.pages.dev
1	ib.adnxs.com	winetrain.pages.dev
1	www.googleadservices.com	www.googletagmanager.com
1	secure.quantserve.com	winetrain.pages.dev
1	js.adsrvr.org	www.googletagmanager.com
1	beacon.sojern.com	winetrain.pages.dev
1	assets.ventrata.com	winetrain.pages.dev
1	checkout.ventrata.com	1 redirects
0	idsync.rlcdn.com Failed	winetrain.pages.dev
0	ssl.geoplugin.net Failed	winetrain.pages.dev www.googletagmanager.com
148	57

This site contains links to these domains. Also see Links.

Domain
www.citypass.com
www.esbnyc.com
newyorkpass.com
www.sightseeingpass.com

Subject Issuer	Validity	Valid
winetrain.pages.dev WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
www.esbnyc.com Go Daddy Secure Certificate Authority - G2	`2023-12-12` - `2024-12-12`	a year	crt.sh
checkout.ventrata.com WR3	`2024-06-08` - `2024-09-06`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-12-21`	10 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-10` - `2024-07-09`	3 months	crt.sh
consentag.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-17` - `2025-05-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.ctnsnet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-11-10`	a year	crt.sh
crisp.chat E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.nl WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2023-06-25` - `2024-07-26`	a year	crt.sh
ipify.org GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
ventrata.com WR3	`2024-06-30` - `2024-09-28`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
misc.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
fp.ventrata.com Amazon RSA 2048 M03	`2024-04-20` - `2025-05-19`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://winetrain.pages.dev/
Frame ID: FDA6EE2F07F0E7EE1D1EF9BEA141288D
Requests: 149 HTTP requests in this frame

Frame: https://9926338.fls.doubleclick.net/activityi;dc_pre=CI6_icfaiIcDFX40-QAdJdkK-w;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9177598156z86557887za201zb6557887;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwinetrain.pages.dev%2F
Frame ID: 473FF9BA52BD1270D71BB01FD9DB5595
Requests: 1 HTTP requests in this frame

Frame: https://consentag.eu/public/3.0.1/popup_silent.html
Frame ID: E25A9C68F22331A762B5662A4E82083F
Requests: 1 HTTP requests in this frame

Frame: https://i.ctnsnet.com/int/integration?cguid=9b68075b5458414987a283b4754cd7fb&pixel=78591385&nid=66354764&cont=s&loc=https%3A%2F%2Fwinetrain.pages.dev%2F&ref=&cb=1719935372151&w=1600&h=1200
Frame ID: 64BC066DA7A17DF7813DFFCA054328D3
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LcADk4pAAAAAONFVTAYiCEx7XZvjgajaOP1lcru&co=aHR0cHM6Ly93aW5ldHJhaW4ucGFnZXMuZGV2OjQ0Mw..&hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=1147rgbjf45n
Frame ID: 60C9F9685EFA1CB263FE678BA1E3BF50
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijmzr34&ref=https%3A%2F%2Fwinetrain.pages.dev%2F&upid=h6aw9sn&upv=1.1.0
Frame ID: 8A2CC35905EC538E1ADD08F2D5726757
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 09718EEB7EC4D5555FCDCB60ABD91BD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy Empire State Building Tickets | Empire State Building

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

148
Requests

89 %
HTTPS

29 %
IPv6

40
Domains

57
Subdomains

46
IPs

9
Countries

3002 kB
Transfer

8796 kB
Size

58
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citypass.com/new-york?mv_source=empire&campaign=buytickets-buy
Title: Buy Tickets

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/go-citypass-save-40
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/sunrise-esb
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/express-pass-86th-floor
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/premium-experience
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/esb-all-access-tour
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/ampm-experience
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/propose-1-attraction-us
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://newyorkpass.com/en-us
Title: NEW YORK PASS

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/new-york-pass
Title: See Ticket Details

Search URL Search Domain Scan URL

URL: https://www.sightseeingpass.com/en/new-york?aid=1532
Title: Buy Tickets

Search URL Search Domain Scan URL

URL: https://www.esbnyc.com/buy-tickets/new-york-sightseeing-pass
Title: See Ticket Details

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://checkout.ventrata.com/checkout/widget/js?locale=en&prefix=checkout HTTP 301
https://assets.ventrata.com/assets/widget-1cc5835c7a5e3f351e3a4351d673e65e4a30d7aecadd1e87481040f339a04aca.js

Request Chain 50

https://tag.yieldoptimizer.com/ps/ps?t=s&p=2397&pg=ot& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=636301543&t=s&p=2397&pg=ot&

Request Chain 63

https://9926338.fls.doubleclick.net/activityi;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9177598156z86557887za201zb6557887;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwinetrain.pages.dev%2F HTTP 302
https://9926338.fls.doubleclick.net/activityi;dc_pre=CI6_icfaiIcDFX40-QAdJdkK-w;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9177598156z86557887za201zb6557887;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwinetrain.pages.dev%2F

Request Chain 72

https://ad.doubleclick.net/ddm/activity/src=9701287;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9701287;dc_pre=CL-gm8faiIcDFWLh_QUde7gLcg;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=9701287;dc_pre=CL-gm8faiIcDFWLh_QUde7gLcg;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Request Chain 73

https://secure.adnxs.com/px?id=1545143&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1545143%26t%3D1

Request Chain 74

https://secure.adnxs.com/seg?add=28850141&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28850141%26t%3D1

Request Chain 79

https://c1.adform.net/serving/cookie/match?cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=338667755683120190&cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c

Request Chain 88

https://ad.doubleclick.net/ddm/activity/src=12938704;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12938704;dc_pre=CJbEpsfaiIcDFXzT_QUdI_YKWA;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=12938704;dc_pre=CJbEpsfaiIcDFXzT_QUdI_YKWA;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Request Chain 89

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3750284232798492104

Request Chain 90

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3018820393297&gdpr=&gdprconsent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3018820393297&gdpr=&gdprconsent=

Request Chain 91

https://sync.srv.stackadapt.com/sync?nid=adara&gdpr=&gdpr_consent=& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=mXFvLQW4XQVH92sZafWtFB_MmJU

Request Chain 92

https://cms.analytics.yahoo.com/cms?partner_id=ADARA&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=

Request Chain 126

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetrain.pages.dev%2F&label=gnMbCNWLkM8YEPaXsLsC&hn=www.googleadservices.com&frm=0&tiba=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&value=0&npa=1&pscdl=noapi&auid=1031918795.1719935371&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChAI8MqOtAYQm5La2oi1wophEh0AXChMlFhEBWteX-egExjLHFHqmv2h06sQA2Y-Xg&pscrd=IhMI5dOXx9qIhwMV1Mg7Ah0RKwvKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd2luZXRyYWluLnBhZ2VzLmRldi8 HTTP 302
https://www.google.com/pagead/1p-conversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetrain.pages.dev%2F&label=gnMbCNWLkM8YEPaXsLsC&hn=www.googleadservices.com&frm=0&tiba=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&value=0&npa=1&pscdl=noapi&auid=1031918795.1719935371&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI5dOXx9qIhwMV1Mg7Ah0RKwvKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd2luZXRyYWluLnBhZ2VzLmRldi8&is_vtc=1&cid=CAQSKQDaQooLYjX0du67iEIx9g8Mjf21OhrNtZtA43F-Futu9jhJ_oDSgbNy&eitems=ChAI8MqOtAYQm5La2oi1wophEh0AXChMlL4_2czAYDhtuZRXAt3piToCuhLX2QNgUw&random=4255305342 HTTP 302
https://www.google.nl/pagead/1p-conversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetrain.pages.dev%2F&label=gnMbCNWLkM8YEPaXsLsC&hn=www.googleadservices.com&frm=0&tiba=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&value=0&npa=1&pscdl=noapi&auid=1031918795.1719935371&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI5dOXx9qIhwMV1Mg7Ah0RKwvKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd2luZXRyYWluLnBhZ2VzLmRldi8&is_vtc=1&cid=CAQSKQDaQooLYjX0du67iEIx9g8Mjf21OhrNtZtA43F-Futu9jhJ_oDSgbNy&eitems=ChAI8MqOtAYQm5La2oi1wophEh0AXChMlL4_2czAYDhtuZRXAt3piToCuhLX2QNgUw&random=4255305342&ipr=y

Request Chain 143

https://ad.doubleclick.net/ddm/activity/src=11613066;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11613066;dc_pre=CILXkcjaiIcDFcDi_QUdz3UFGg;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CILXkcjaiIcDFcDi_QUdz3UFGg;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

Request Chain 145

https://ad.doubleclick.net/ddm/activity/src=11613066;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11613066;dc_pre=CJfZkcjaiIcDFffh_QUd5rsPLQ;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CJfZkcjaiIcDFffh_QUd5rsPLQ;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

148 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
winetrain.pages.dev/ 194 KB
32 KB 157ms
78ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0abd02f197aad0cddf6f6dd9aecfb114ebb21723f83faf8332d4c5f62aefe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc93a8d6b9fa5-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 02 Jul 2024 15:49:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Al8G5NpGrjbRkKWt%2F5HUrTuEW3rW468um%2FqbvbW%2F3edj6c3wUXxWVy4E7tj%2F4uS7uIPhuPSOfANsjNsYvII3VMiWuq%2Fgc5T0ktEWRHzATVdDtgswITiU2zQvl7zTD5%2B7VwXuH54N"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 451 KB
133 KB 532ms
141ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f21c972523e24c9449bc4f2f99bd708a408432f49aa6b404b4f32ebc2332800a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135483
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jul 2024 15:49:29 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 10 KB
4 KB 403ms
19ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=327249&u=https%3A%2F%2Fwinetrain.pages.dev%2F&f=1&vn=1.4
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams2 /
Resource Hash: a3bcec406bfdb32566ec9aad7d498ceb8d35058c4308c86a98910b8e617a7e12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: gzip
via: 1.1 google
server: gams2
etag: W/"1719924496"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 css_IQApG5J25dJjCrWpntqV_k65xGxdkIlMY2yG47ZUk5w.css
winetrain.pages.dev/sites/default/files/css/ 12 KB
3 KB 126ms
97ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/sites/default/files/css/css_IQApG5J25dJjCrWpntqV_k65xGxdkIlMY2yG47ZUk5w.css

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2100291b9276e5d2630ab5a99eda95fe4eb9c46c5d90894c636c86e3b654939c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"dcda032647598d885b41ee9a92397208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dtuIY58gxwcopOOtV9NPMzt%2BzjCYKwFN3EYVG5Kv%2F14HoPt%2BfVjfK9GjX3DhEQJZdEzyIVhBlkwD3JAZ54erg75knpmwC3HjM6dFFezWxB6GPUpTJqiKcR6MjJ3f%2B1T3Z1MmbdaO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc93befa39fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
winetrain.pages.dev/sites/default/files/css/ 2 MB
98 KB 121ms
89ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35144b4da1bc7d60d8e5477467cc715638cddac15e9f4a8e487a93dd143c09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6451d08c77bf41b4695100db07a65799"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCDmpdZTbOyZcWtGK4QsGZf5sYSVs5WSvacKYFzAZ392rcoBNCng1AmE4UP96xOzQc6UL9JoycgpYlt6U%2FODL5H7SxYRwLcWosXGd0SWqvSWU5UcUYFc7Q1OPzNSCiN0vGnFvabi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc93bffab9fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
H2

200

widget-1cc5835c7a5e3f351e3a4351d673e65e4a30d7aecadd1e87481040f339a04aca.js Show response
assets.ventrata.com/assets/
Redirect Chain

https://checkout.ventrata.com/checkout/widget/js?locale=en&prefix=checkout
https://assets.ventrata.com/assets/widget-1cc5835c7a5e3f351e3a4351d673e65e4a30d7aecadd1e87481040f339a04aca.js

14 KB
4 KB

336ms
0ms

Script
application/javascript

34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ventrata.com/assets/widget-1cc5835c7a5e3f351e3a4351d673e65e4a30d7aecadd1e87481040f339a04aca.js
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 819c06828afcbfb5ea0e6208fa0a5072994c2a132c4ad7fabd75f74fe608a40f

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 07:23:21 GMT
content-encoding: br
age: 30369
x-guploader-uploadid: ACJd0NokGxS9YgJFzeOwnuhWdysYsX5vFl0FE7LpY2g4aNWij4A0Ks3tWyulfy-4X81Gh_zblK-dmCGa8w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4004
last-modified: Fri, 29 Sep 2023 13:42:57 GMT
server: UploadServer
etag: W/"18610de5e258e501958817a39131bef0"
vary: Accept-Encoding
x-goog-generation: 1695994977860712
x-goog-hash: crc32c=9uTA9g==, md5=GGEN5eJY5QGViBejkTG+8A==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=3600
x-goog-stored-content-length: 14351
accept-ranges: none
content-type: application/javascript

Redirect headers

x-runtime: 0.000573
date: Tue, 02 Jul 2024 15:49:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 google
vary: Origin
content-type: text/html
location: https://assets.ventrata.com/assets/widget-1cc5835c7a5e3f351e3a4351d673e65e4a30d7aecadd1e87481040f339a04aca.js
x-cloud-trace-context: 040cfdf90467a86d6ad0d53d9fa6a0c0/18337776790515714133
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175
x-request-id: 2e237e86-acf3-48d1-b68a-7586d45c1d37

GET
H2 200 ESB_2023Q2_Tripadvisor_BoB-ribbon2_0.png
www.esbnyc.com/sites/default/files/2023-06/ 84 KB
84 KB 619ms
258ms Image
image/png 107.21.104.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esbnyc.com/sites/default/files/2023-06/ESB_2023Q2_Tripadvisor_BoB-ribbon2_0.png

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.104.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-104-61.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ada6d74399a39dcb8339f159b60786b1f3f80bb6c630c9f44ddf6f6b8439bad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 09 Jul 2024 22:44:45 GMT
date: Tue, 02 Jul 2024 15:49:29 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Wed, 28 Jun 2023 19:51:06 GMT
server: nginx
age: 579884
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 86123
x-request-id: v-851d9b68-3344-11ef-ba03-13808ff303ec
x-cache-hits: 851

GET
H3 200 js_XziUhRBbOerLju77EtzzSTzQivPW5QJq1t4Y66CssqQ.js Show response
winetrain.pages.dev/sites/default/files/js/ 407 KB
119 KB 159ms
132ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/sites/default/files/js/js_XziUhRBbOerLju77EtzzSTzQivPW5QJq1t4Y66CssqQ.js

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f389485105b39eacb8eeefb12dcf3493cd08af3d6e5026ad6de18eba0acb2a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a55cc6ba4fbf3d0cfbce9c3b2d2a8d5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBwUA8SsHlceoRLLGskJFbFpxeXIb1HPjJh4leFUYLR2URUMDT0vNV3WcmrR%2BKRh8qCZpTKI6m4%2BVSSb5qnZFYf1SA0hmbDlN4KttPkA4x3SKfxyLlEiRHkhRyUtJqt8bYXfSRZK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc93bffbd9fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 eu_cookie_compliance.min.js Show response
winetrain.pages.dev/modules/contrib/eu_cookie_compliance/js/ 194 KB
32 KB 277ms
246ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/modules/contrib/eu_cookie_compliance/js/eu_cookie_compliance.min.js?v=9.5.10

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0abd02f197aad0cddf6f6dd9aecfb114ebb21723f83faf8332d4c5f62aefe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uahfGLDYxvsYrh77H4nk25%2Bubs7O2p10PAJ5aKfXWE5rChaazuzsAaQ%2FVEBD1qT%2BnnLq07HOlBmBv1tY1Lb91F6OiJ7QVlJ9nYMWvyo9POU9eJWJYT9h7uYh6bAHcL4MXWDlZpw"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc93bffc29fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 js_toocGRuUffAJKlcyNTx1Qak1mXZuLeO-NwahWJlvWDY.js Show response
winetrain.pages.dev/sites/default/files/js/ 65 KB
21 KB 309ms
278ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/sites/default/files/js/js_toocGRuUffAJKlcyNTx1Qak1mXZuLeO-NwahWJlvWDY.js

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b68a1c191b947df0092a5732353c7541a93599766e2de3be3706a158996f5836

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8b36d7106c43838b50867a540a87da70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwLoCBBc%2B6h0FeWItnTgFqRN9Z9R61Q721aMYsYuMnVBgVekm4IoGVsJHlawFYK4HzcLat7OtMv1vm4vbpIw1z2AsBcpo3gId3djjnXLfAMPi%2F9%2BvzVPnH9pNw9RhQTkYw%2FShTZy"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc93bffc79fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 ventrata-checkout.min.js Show response
cdn.checkout.ventrata.com/v3/pr/1548/ 28 B
610 B 499ms
148ms Script
text/javascript 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.checkout.ventrata.com/v3/pr/1548/ventrata-checkout.min.js
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0405cd35202d3daae458ea9d9f4a50b249c225ccaf1bac96bcf0321c44eea6e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Origin: https://winetrain.pages.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
x-goog-meta-goog-reserved-file-mtime: 1719307752
age: 0
x-guploader-uploadid: ACJd0NpYyOKbqq9NXW6mM2-Gr3-rYJzGDm1WiGndndKd08_BAIE7fLoZkTf3R2NOgAVASeSD2w0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28
last-modified: Tue, 25 Jun 2024 09:29:43 GMT
server: UploadServer
etag: "57f42fad0fa4a12fc80052b0b7be7d21"
x-goog-generation: 1719307783226185
x-goog-hash: crc32c=7iSS+Q==, md5=V/QvrQ+koS/IAFKwt759IQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=300
x-goog-stored-content-length: 28
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 tag-42de91de29102b9b5928763fe435d5cb.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 195 KB
54 KB 133ms
102ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-42de91de29102b9b5928763fe435d5cb.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=327249&u=https%3A%2F%2Fwinetrain.pages.dev%2F&f=1&vn=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams2 /
Resource Hash: 03e546871c88803a5282161853a73403b0d092612676ff88bf0d764b85715b01

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Origin: https://winetrain.pages.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:29 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 02 Jul 2024 12:47:59 GMT
server: gams2
etag: "6683f6ff-d810"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55312

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
143 B 116ms
107ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=327249&d=winetrain.pages.dev&u=D91ED6B832138E2E37C044528993832A2&h=3a805faca4509d8242332bed9ad4a1a7&t=false

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 6 KB
2 KB 109ms
90ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=327249&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-42de91de29102b9b5928763fe435d5cb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams2 /
Resource Hash: 8b7e89f9d814f0aa538792e65cb81ef5a92b0a2ad58684fb283c22e97cdec430

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
content-encoding: gzip
via: 1.1 google
server: gams2
etag: W/"1719924496"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 menu-expanded.png
winetrain.pages.dev/core/misc/ 37 KB
37 KB 209ms
145ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/core/misc/menu-expanded.png

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNaHSX6rP2udXJHoZDeJuD5hq8JFHDFkaPfh%2FvRirQ%2BUbp1TJW9Pa4POxDqJzjm%2FGyTP1A5AMgWev5Cr1iJlaZeyJyteKiMIuvrRvhg5if%2BziCW21kXgFP5pzLYgtktPXghr%2BPct"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc94229c99fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ProximaNova-Light.woff
winetrain.pages.dev/themes/custom/esb_theme/fonts/ 39 KB
40 KB 386ms
359ms Font
application/font-woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/themes/custom/esb_theme/fonts/ProximaNova-Light.woff

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0085c797bdae82c9e39804f7b9b67c4f682198428cdedf84499c7dd8983cefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
Origin: https://winetrain.pages.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8dea1fb4a5513fc4bcc5e2588c859ca3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94tesh7nVpJ9iA87DCADh1aexkA1Xngb3irRjYjoaZQ6k4Eeybvuyw9TGMnrXCSKd8skYLiv34fcy0TkuAzDy5vLhsN56K1qMHf9%2FgpA1Kth6X9dEA0b4rZU8yuGASGRGzbnO%2BaL"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942ead69fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1369cb1c99c253d0c2cb39e2df1d82324b84d8164e7afb71dbe1bb6093bde182

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H3 200 banner-listing-1.jpg
winetrain.pages.dev/sites/default/files/2019-11/ 274 KB
275 KB 155ms
106ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/sites/default/files/2019-11/banner-listing-1.jpg

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a8751366d8661d18f1b4e556f5edb47430729ebadd586575943591107e1fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "52f823676d65cbba99267eb8c68a9ddc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9KyGzlLHqonpWS1br4Q%2F3PpoS3G%2FUyWIFuI15g29YS%2BDAh%2FgbEWrCaNnUHOI74T69tBtx93O0Fm1%2Fn7OGYy5TVAL0%2Bnn%2BGCI0iieOdOq7JKJkSe8LHCXpuYg40BHxhz%2BnW2YvUvN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc94229e29fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 280703

GET
H3 200 body_bg_top.png
winetrain.pages.dev/themes/custom/esb_theme/images/ 76 KB
76 KB 202ms
153ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/themes/custom/esb_theme/images/body_bg_top.png

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4aa1d11da02f85aca7b89cea05521de37df92c4aa76790a945bba65c70ea8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ff6ce71655f76532596c3af34e22162f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEklxnAX%2BSETjEScMcP%2BPZKPsRZHli0RJNVTKIlJJ4Js%2BSBjXDIK6MDHY%2BruVGUsawJrE%2F7fMvR0nYWkPd5yZvp0Ob15JuBmKLlh%2B7ZkxLcPNLapHRjJsziYnUal43Su4s8kD8m%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc94229e59fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77598

GET
DATA 200
OK truncated
/ 326 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10b5a0414586941b0d5f54758f74a6bd2466576cd3bd3265eed69552712e9079

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H3 200 city-pass.png
winetrain.pages.dev/themes/custom/esb_theme/images/ 9 KB
10 KB 177ms
144ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/themes/custom/esb_theme/images/city-pass.png

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace41dc5b0a76c073bcde5a267da34f7f2ddbc75bc3c4949e4f706eb703da7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b8a12151dcd8895cb522b79e851d434f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJSLYjMG%2Fi6X5P6lnSAPwg%2B%2F%2BV28Y2cohnw2mJMQR6qFPoGFTB6tiVGitthvo74hjCIJ0oZI1G3%2B%2BEIlmyca33xmrMs5FxLCsFe8AKv3fU4eKo1T63C0DQMq7SKGPue7Qg6EHcCe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc9424a009fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9313

GET
H3 200 body_bg_bottom.png
winetrain.pages.dev/themes/custom/esb_theme/images/ 88 KB
89 KB 282ms
249ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/themes/custom/esb_theme/images/body_bg_bottom.png

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b037578590e038f8edd9149749c2a6f8757b6084feb7eed31f2669641dc76efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "78c407bf4fb1bc51ef7c30f61ff99a92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XE5OeCEongh3i1DWBrpSCy41hmbvDmJAVstFlgmlxaelN0XeeYLR%2Fsw2rOikLKflj4GzoUw2wDuL4xKF37WKx7DCCVA4vVNMgf4odY%2BajhKH1C3C05GwRo%2FIM6o6boytyLlnU%2Fkq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc9424a039fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 90280

GET
H3 200 ProximaNova-Bold.woff
winetrain.pages.dev/themes/custom/esb_theme/fonts/ 40 KB
40 KB 389ms
363ms Font
application/font-woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/themes/custom/esb_theme/fonts/ProximaNova-Bold.woff

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

031f0b115ae6467ce2e3fbb26776521146cf5aec41c0636bcc685872d171b085

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
Origin: https://winetrain.pages.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9ec2b4ad8bcbe971f5f55163f8e60168"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mId%2F5weVPrv9%2F6v9nFFCa7XoHkod%2BgHHDjUaH8AUAWpNgDJU%2F97FoKPKkhb69mXwmjHDl%2F23TY2JYyKFKKv3yamsRIp6%2BGWBsQIPn4PQymzoty4ELLv1qTgs9%2B89jWNQzJ2ytTIs"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942fae39fa5-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ESB_OBS_Logo_White_H.png
winetrain.pages.dev/sites/default/files/ 11 KB
12 KB 195ms
164ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/sites/default/files/ESB_OBS_Logo_White_H.png

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f0c4cde3dc687fb27d3bda02e9e02294451da5eddfd4d9f48bed5580ea57b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c28a86bf00bf599c11ab5feffc89c2d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByJ08j2lj4%2BoG83dFSsIp4jcmCKnrcDWIoGyx7pjHoChy3bZ9EAw8XhFeeMixUYKdwZCdoUGNZWmcSdFBfX8AkCtBnW%2BktiRKJjFqQqrqk7%2BMQFZPTw0QcqhjBKXa2pqpLBLjMEW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942eac89fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11415

GET
H3 200 General-Cityscape2.jpg
winetrain.pages.dev/sites/default/files/styles/small_feature/public/2020-07/ 126 KB
127 KB 224ms
201ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/sites/default/files/styles/small_feature/public/2020-07/General-Cityscape2.jpg

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc3cc308550fbee60ec02f1fdfdabde944ac52c1bd51c55f2e12f4764ce7d71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a94f41121ce99defbe0eb18e9096924b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yn4YBNNceb%2BICXzg5heYqYDJr%2Bbnyvj9%2B6LgHvSADKTg4Qjt0OAu1hcbBZu0M0ILPnARkq6L8HeB7nqLkJnYBUqRHMmIYEBdfxk1ISStksY9G6kZwZOTJzxcIqQsuQRdfRZPw829"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942eacc9fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 129526

GET
H3 200 102_ticket.jpg
winetrain.pages.dev/sites/default/files/styles/small_feature/public/2020-07/ 93 KB
94 KB 278ms
255ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/sites/default/files/styles/small_feature/public/2020-07/102_ticket.jpg

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

376ece001e3e49a86c2bc7d174e5878e7e8c923c08bdf7c51959abc36dd0251a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bb711256c5bd8bddf1cc7430617bc455"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRdXLqcxqw4ut1EIwJTFF2f3RcWiGXIM5Li23fij6VJqFXAqs9rVTzaymQfBW7z0aQO3CgOBBzzB1K3PFQDKlZ9pPbU8x3dKdScrYekUd0uf2Taif8RK%2BygfPlPVPhJgbpGtF9S%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942eacf9fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 95654

GET
H3 200 newyork-748x748-img.jpg
winetrain.pages.dev/sites/default/files/styles/small_feature/public/2022-07/ 117 KB
117 KB 324ms
301ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/sites/default/files/styles/small_feature/public/2022-07/newyork-748x748-img.jpg

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175939cd6657e4a6acd41e4a60825023b469c8c361547b175d5f223ca778f860

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b8a829abdc9cf5402f4bf78a5eb094c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDl5udD40FZFbqlwFDxBtxuJiKXLs4Yz2uBi5q5pAUcerggnOUmd42fGjaO6%2FjGgUork%2Fu3LB8sll8GpcBN8b9JqeYWvnq9mz83KXC4iB%2F5YGhvtFNkgRms0th%2BiHxHwSZ7RrQFp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942ead19fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 119372

GET
H3 200 20230211_ESB_Starbucks_490_ES3.jpg
winetrain.pages.dev/images/ 50 KB
50 KB 360ms
337ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/images/20230211_ESB_Starbucks_490_ES3.jpg

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0863b04d252571c3409339b7d8877e1c8b1a85726ad01493aebdab05207507cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "06f6f575fb8dd8c9c49afe5ad8ac7f29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cArYUWsuyuKQYMaLsQRWNIdXlVJUG1AA8DzUNxyuoV6oK3kOVfF%2BQftnMgS%2F4LEQCGvEM8gx%2BJGfCfEVtwSVS7L26q9cG1%2FAp76nVZsakQ5ArQjiYrpx1uf%2BU1T9OVcg3PjGCh3i"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942ead29fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 50788

GET
H3 200 ESRT19-0607_ESBO%20Starry%20Night%20FB%20Images%20-%20Resized%20for%20Social_OUT_Updated.jpg
winetrain.pages.dev/images/ 36 KB
37 KB 380ms
357ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/images/ESRT19-0607_ESBO%20Starry%20Night%20FB%20Images%20-%20Resized%20for%20Social_OUT_Updated.jpg

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45601a44d6aedb9fb7561f5fa97cf3b636d05b46fddc758312598b97f978a65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:30 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "475a33cbfb4a7ff6b3ca11546c2b5550"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8SFMoH5dpA5E94QHzFbEpOUtcbFQZG5VjxJ6GaMjkBV9s1k%2B5ctIrPHnndu45jpj1S%2BGZX%2F1RZ3vmPbG%2BX0YRgcGPW3DAK0tqufR8xTnOnnvyilLV1rwln%2B3zz%2FdG%2FkgDBDHES5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc942ead39fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37066

GET
DATA 200
OK truncated
/ 419 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3941783ca1c186293b064298f1e90f687fcbb4a995d9f4e6334b1a3d0216cef1

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 footer-background.webp
winetrain.pages.dev/themes/custom/esb_theme/images/ 150 KB
151 KB 103ms
82ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winetrain.pages.dev/themes/custom/esb_theme/images/footer-background.webp

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44cff12fec3617179e5be6691526ee32b09b16e21e1f8498625a00caa2aad657

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/sites/default/files/css/css_w1FEtNobx9YNjlR3RnzHFWOM3awV6fSo5IepPdFDwJs.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f6b6f0898f7fdd7f994b95506f5f616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g62fUm949ErluolNeZS8fXh%2Fj7nCe7Ttdcyp%2BeQ4rbDpOfsWz1fD8cdcXxlcabr%2Bl07m6SERkvZ4Vwh7PYl9sZkgRanBKA9rUZ0p9iE3YikNyz4aFyGESx50H0qe2tN42P%2Fium1T"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc944bda39fa5-AMS
alt-svc: h3=":443"; ma=86400
content-length: 153932

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be104846881749e3c2f5f37a02c69d593b2011fbc5f681bd90e1067111f1355a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 446 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20bb700a7d0352196ade8d971c001d9cc95e6a49f2c5ca9fe9c0f21d334f490b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 576 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d30bfe3691db1be28f346f5f0580f6ae3734ba88b03389f81b1f278022678b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a72c1d4abe807a05d5ba35bfe4a31b739e6306dafe58abcb02dc8b2a7da562cd

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 771 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 825c9ea07efed751191fba59eddd0a6727065b0067df64ecc8e47d79d4203211

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7a8966a8a6bea6d3864df8aa2f2cdc459ff653345455218254c5486a6042d44

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 447 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2af23f593f5268f84eae84edff567f57822bc03c0816c39eaa25fd66f22a988f

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eb417b1a9c6a3dd3c0671194e6a0e3683deebcd9402f6bd98ff3e398b921e08

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 559 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e87e957eff0b06ede9134c063380b5935cfbbb712d0910b43e835a286e0f7b44

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 420 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 129a6bad4aab2ebafa8e6062beb9f24f04ff768bf83010e3f54029f11b71d1b8

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a643d1e22e2eafb98a5ed2c5f058c897f34383e32a3e2bd6ef981a0b79b1d894

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 496c93f1d8f8916de2c1ddb0589503d67c2733489329f1a15de89528de0aab4e

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3fced85a9cc98674bfc95d3094402126eb234dc7ac2ae095d4d04fca353212

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
105 KB 95ms
87ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9S692RFY6S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

574095bd54bda8c84a108e0abd78b4eedb98c9b1ec451149ecc18e1f1d609a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Jul 2024 15:49:31 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 86ms
81ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9926338&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

869c7079716040abb6ff175ea4571d3649d30b64b401cbb531f668cbf9174150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78930
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jul 2024 15:49:31 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 189ms
184ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-661392374&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4cc07456e330134f81ad42c59de50300c787decdbb175fb9b20c2a87e8da965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93493
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jul 2024 15:49:31 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 803ms
94ms Script
application/javascript 104.126.37.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CMK5P0RC77UEANSKBUA0&lib=ttq
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-176.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 981bc1c2cd3d488a1565a861c85e9f8673538d4188bd390881c44efa3b46444b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 838e107e.cca0465
date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240702154931A0B73F367C490691C19F-7A8329E166FA72D0-00
x-cache: TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 114,104.126.37.172
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=12, inner; dur=4
content-length: 1926
pragma: no-cache
server: nginx
x-tt-logid: 20240702154931A0B73F367C490691C19F
x-cache-remote: TCP_MISS from a23-220-104-22.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.104.22
x-tt-trace-host: 0106d2e867081a693ce1763f6d53cf023f58e4ccb858e2e5761437eaf88eff2d35c4511e02ab2bb028c13af4849b51d2515afbd152eefb9e7a4ccd95405623baf0b9aa08395f3e07136be8de06af89656d9082ab57fd89cfdc960763cc1899e17d88fb1ca5167a68b9173d61deb35e236a
expires: Tue, 02 Jul 2024 15:49:31 GMT

GET
H2 200 235965 Show response
beacon.sojern.com/pixel/p/ 5 KB
1 KB 629ms
30ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/235965?f_v=v6_js&p_v=1&vid=tou&cid=
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 4da822867a6a2bcab6877a73a0867ed4a97bede2da3f4cec11a549ecebf4edd4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 914

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 221 KB
59 KB 607ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Jul 2024 15:49:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58251
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=15, mss=1297, tbw=2793, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: zxat/gTvCBu9ub8hO5NLRvSnDbX2Ut8havmCWX1Xinzt7jXYNodNoeyoLpi/smNAd83GRmuzhkHvmGiKrT4fMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 consenTag.js Show response
consentag.eu/public/3.0.1/ 6 KB
3 KB 599ms
2ms Script
text/javascript 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consentag.eu/public/3.0.1/consenTag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

171.173.107.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:42:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 648423
x-guploader-uploadid: ACJd0NqSucfBO5FLWiZPQwZ-s8nhJBFVi5tb3pE71nFpoT406nmcegsx65rOZQ8m-t0zHt6p6O0
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2606
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
etag: "bbf29cf3e8db1d93e091a797634232a9"
x-goog-hash: crc32c=Uvujaw==, md5=u/Kc8+jbHZPgkaeXY0IyqQ==
x-goog-generation: 1640523991137254
content-language: en
content-type: text/javascript
cache-control: no-transform
x-goog-stored-content-length: 2606
accept-ranges: bytes
expires: Wed, 25 Jun 2025 03:42:28 GMT

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=2397&pg=ot&
https://tag.yieldoptimizer.com/ps/ps?tc=636301543&t=s&p=2397&pg=ot&

1 KB
2 KB

87ms
13ms

Script
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=636301543&t=s&p=2397&pg=ot&
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4dd9541308e876478ce5a7899de49617dedebf1f7e659f61fb64d1afaa5a0e43

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1416
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=636301543&t=s&p=2397&pg=ot&
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
13 KB 557ms
27ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 05:44:24 GMT
Via: 1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 36308
x-amz-server-side-encryption: AES256
ETag: "a7eb6794e868fe870db350518165c868"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12320
X-Amz-Cf-Id: YEz_IogBD9mPY-1h9QWdXA00e1t9vvtsdsUefoFg6uYWnfMxvjWnkw==

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 990 B
885 B 314ms
21ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=78591385&nid=66354764&cont=s
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 347f475ddf79b15d7fb178d86ba601bfabafa218a2e26c98899bb5fe22cf614c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:30 GMT
content-encoding: gzip
via: 1.1 google
vary: accept-encoding
p3p: CP="NOI DSP COR NID CUR OUR NOR"
content-type: text/javascript
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 499ms
87ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72d68cb06863ceee0eb62affcb5194a584e498af21369fb40129fe0288dc49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-2195"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 89cfc948ab85b8e2-AMS
access-control-allow-headers: Content-Type, Origin
expires: Wed, 03 Jul 2024 15:49:31 GMT

GET
H2 200 app-2cd43057.js Show response
cdn.checkout.ventrata.com/v3/pr/1548/ 998 KB
219 KB 222ms
217ms Script
text/javascript 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 73c5a227786d5abb5bfd5ec96bef63823d64adc120f332e616d4fc1f956a2da1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.checkout.ventrata.com/v3/pr/1548/ventrata-checkout.min.js
Origin: https://winetrain.pages.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1719307752
x-guploader-uploadid: ACJd0NrNmNnWqZPGOLxpaKij1tRq1s2zGiW1AiJgC8WTYfcZWSBkJfJXhxd3ZfQUmWzMGcU-S2B1stFX0w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Tue, 25 Jun 2024 09:29:37 GMT
server: UploadServer
etag: W/"0d7b07a96eb0556860fc757ca879a6fe"
vary: Accept-Encoding
x-goog-generation: 1719307777172675
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=sTVrfw==, md5=DXsHqW6wVWhg/HV8qHmm/g==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 1022194
accept-ranges: none

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 482ms
0ms Script
application/javascript 2a02:26f0:e300:293::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:293::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1878

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 471ms
44ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Jul 2024 15:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 510
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 02 Jul 2024 17:41:01 GMT

GET json.gp
ssl.geoplugin.net/ 0
0

GET
H3 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 353ms
75ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1422285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFVYpGLYSECE8COORboDdNBtrh1jPi9lzb0CJQCVBg4IpqkHyK%2Bs84ojGTAmGs7Vda1p3hM50Q5dHmBHQyuG%2FYu%2Fpt7iCIvxlKHk6P7gFN9Q%2FI1mVwuirAV6tYGupBs7AfoYK%2Buo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89cfc948ae2d660c-AMS
expires: Sun, 22 Jun 2025 15:49:31 GMT

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 136ms
67ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sbedol3ImQpYcg%2Faic5oPBAzrqcxAHNumCJSrobkJx7zoyUVMMkiKQAmhv0CEfaWL1FC42DSa17RQaDwE7jHFyJz9BDmRC5GGNJkmve4VaIJHFpohE%2FokSHFpWV1d5Y0vtyLgDlV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89cfc94a0f9b660c-AMS
expires: Sun, 22 Jun 2025 15:49:31 GMT

GET
H3 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 4 KB
2 KB 66ms
59ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=211252&url=https%3A%2F%2Fwinetrain.pages.dev%2F&random=0.43697049574767965
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8FWLJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams2 /
Resource Hash: 0c504352cab55b63d0955b649c69eb504d50e28c55817eaf0dc799f87cc9f3e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
content-encoding: gzip
via: 1.1 google
server: gams2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 506ms
27ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:32 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 09 Jul 2024 15:49:32 GMT

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
51 B 168ms
167ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=211252&d=winetrain.pages.dev&u=D91ED6B832138E2E37C044528993832A2&h=3a805faca4509d8242332bed9ad4a1a7

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:31 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2

200

activityi;dc_pre=CI6_icfaiIcDFX40-QAdJdkK-w;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3...
9926338.fls.doubleclick.net/ Frame 473F
Redirect Chain

https://9926338.fls.doubleclick.net/activityi;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand...
https://9926338.fls.doubleclick.net/activityi;dc_pre=CI6_icfaiIcDFX40-QAdJdkK-w;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;ua...

0
0

221ms
171ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9926338.fls.doubleclick.net/activityi;dc_pre=CI6_icfaiIcDFX40-QAdJdkK-w;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9177598156z86557887za201zb6557887;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwinetrain.pages.dev%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9926338&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jul 2024 15:49:32 GMT
expires: Tue, 02 Jul 2024 15:49:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jul 2024 15:49:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9926338.fls.doubleclick.net/activityi;dc_pre=CI6_icfaiIcDFX40-QAdJdkK-w;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9177598156z86557887za201zb6557887;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwinetrain.pages.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CCh...
ad.doubleclick.net/ 0
23 B 584ms
219ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9926338;type=sitev0;cat=esb-s0;ord=1;num=9088316729605;npa=1;auiddc=1031918795.1719935371;ps=1;pcor=1700555739;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46q0v9177598156z86557887za201zb6557887;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwinetrain.pages.dev%2F?

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"6850783887553805433"}],"aggregatable_trigger_data":[{"filters":[{"14":["9401278"]}],"key_piece":"0x5a47d038bbac4571","source_keys":["12","13","14","15","16","17","18","19","20","21","15690048","15690049","15690050","15690051","15693616","15693617","15693618","15693619","628646852","628646853","628646854","628646855","628686836","628686837","628686838","628686839","634759024","634759025","634759026","634759027","634938660","634938661","634938662","634938663"]},{"key_piece":"0x44c5c35fab2a732c","not_filters":{"14":["9401278"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15690048","15690049","15690050","15690051","15693616","15693617","15693618","15693619","628646852","628646853","628646854","628646855","628686836","628686837","628686838","628686839","634759024","634759025","634759026","634759027","634938660","634938661","634938662","634938663"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15690048":655,"15690049":655,"15690050":655,"15690051":63569,"15693616":59,"15693617":59,"15693618":59,"15693619":5778,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628646852":327,"628646853":327,"628646854":327,"628646855":31784,"628686836":54,"628686837":54,"628686838":54,"628686839":5297,"634759024":81,"634759025":81,"634759026":81,"634759027":7946,"634938660":131,"634938661":131,"634938662":131,"634938663":12713},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"10916989939622810103","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6850783887553805433","filters":[{"14":["9401278"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6850783887553805433","filters":[{"14":["9401278"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6850783887553805433","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6850783887553805433","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9926338"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 466ms
0ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9S692RFY6S&gtm=45je46q0v894653511z86557887za200zb6557887&_p=1719935369515&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=745656548.1719935372&ul=nl-nl&are=1&frm=0&pscdl=noapi&_eu=Ag&_geo=1&_rdi=1&_s=1&sid=1719935371&sct=1&seg=0&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&dt=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2469&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9S692RFY6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 455ms
31ms Ping
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9S692RFY6S&cid=745656548.1719935372&gtm=45je46q0v894653511z86557887za200zb6557887&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9S692RFY6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 470ms
54ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9S692RFY6S&cid=745656548.1719935372&gtm=45je46q0v894653511z86557887za200zb6557887&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1001498636

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/661392374/ 3 KB
2 KB 418ms
103ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/661392374/?random=1719935371852&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetrain.pages.dev%2F&label=gnMbCNWLkM8YEPaXsLsC&hn=www.googleadservices.com&frm=0&tiba=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1031918795.1719935371&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-661392374&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

d1b4fe9ef2905deea3bc87bd7e35d4f1b72ea6e6f80339925849cee665de00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 369 KB
95 KB 203ms
181ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?4a73d8a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f64b2e24ad25bcbb3a35a4c2897e593a11bbe9e56dae7f5438698d28986e5e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-5c22c"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 89cfc94b2f3bb8e2-AMS
access-control-allow-headers: Content-Type, Origin
expires: Fri, 30 Jun 2034 15:49:32 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 113 KB
14 KB 112ms
90ms Stylesheet
text/css 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?4a73d8a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a46e52d6aa01f0604184c200f41d00de9555070dd9e0d0a17af751758505141b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Jun 2024 10:06:43 GMT
server: cloudflare
etag: W/"667d39b3-1c503"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 89cfc94b2f3eb8e2-AMS
access-control-allow-headers: Content-Type, Origin
expires: Fri, 30 Jun 2034 15:49:32 GMT

GET
H2 200 popup_silent.html
consentag.eu/public/3.0.1/ Frame E25A 0
0 233ms
27ms Document
text/html 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consentag.eu/public/3.0.1/popup_silent.html

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

171.173.107.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 648372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-language: en
content-length: 3889
content-type: text/html
date: Tue, 25 Jun 2024 03:43:20 GMT
etag: "961f6921c00edbfac20c24cc4deda043"
expires: Wed, 25 Jun 2025 03:43:20 GMT
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
strict-transport-security: max-age=31536000; includeSubDomains
x-goog-generation: 1640523991162202
x-goog-hash: crc32c=fNucYA== md5=lh9pIcAO2/rCDCTMTe2gQw==
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3889
x-guploader-uploadid: ACJd0NpFMtp1eTslD0qtTuhlBn-MOLT5gEIUzXnDsEBcxosU2dZwLTJOOgkzuEHIaZQybfTNkLGi6rTISA

GET
H3

200

src=9701287;dc_pre=CL-gm8faiIcDFWLh_QUde7gLcg;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9701287;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
https://ad.doubleclick.net/ddm/activity/src=9701287;dc_pre=CL-gm8faiIcDFWLh_QUde7gLcg;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
https://adservice.google.com/ddm/fls/z/src=9701287;dc_pre=CL-gm8faiIcDFWLh_QUde7gLcg;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

42 B
63 B

465ms
213ms

Image
image/gif

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9701287;dc_pre=CL-gm8faiIcDFWLh_QUde7gLcg;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 Jul 2024 15:49:32 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"5479077130566202897"}],"aggregatable_trigger_data":[{"filters":[{"14":["8981465"]}],"key_piece":"0x88c96070e49ff1a8","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x34b6b0e4a5d83c38","not_filters":{"14":["8981465"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"7337890339306347419","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5479077130566202897","filters":[{"14":["8981465"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5479077130566202897","filters":[{"14":["8981465"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5479077130566202897","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5479077130566202897","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9701287"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=9701287;dc_pre=CL-gm8faiIcDFWLh_QUde7gLcg;type=homep0;cat=empir0;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1545143&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1545143%26t%3D1

0
1 KB

38ms
28ms

Image
application/javascript

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1545143%26t%3D1

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
an-x-request-uuid: 6c59808d-629e-4ec0-8723-604ddb8eb289
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.149; 31.204.152.149; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
an-x-request-uuid: 718462b6-a70f-4100-81ab-e44ca302650e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1545143%26t%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.149; 31.204.152.149; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=28850141&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28850141%26t%3D1

0
1 KB

34ms
25ms

Image
application/javascript

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28850141%26t%3D1

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
an-x-request-uuid: d50bcf99-d858-4491-b50f-72bc9f3b5872
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.149; 31.204.152.149; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
an-x-request-uuid: 1454f654-b30d-4877-a079-beb6238ac667
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28850141%26t%3D1
x-proxy-origin: 31.204.152.149; 31.204.152.149; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 286ms
21ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ZDMzZjM1MDQtNGZiMi04NGUzLWQyNmEtYmRmY2Y4ZWUzNjhj&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=1c_L9Hb6zphPGTfq02EtY66zY_UlYvLSE1MlscakWhD-ZTpEyZxpRpDpEcMfyiLf&sjrn_ula=859404019

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 238ms
21ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=ZDMzZjM1MDQtNGZiMi04NGUzLWQyNmEtYmRmY2Y4ZWUzNjhj&google_nid=sojern_adh

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidnb
ib.adnxs.com/ 43 B
701 B 78ms
31ms Image
image/gif 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=1c_L9Hb6zphPGTfq02EtY66zY_UlYvLSE1MlscakWhD-ZTpEyZxpRpDpEcMfyiLf

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
an-x-request-uuid: 5eb6ee4c-be36-4c65-9e8a-921cb3d59c5f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.149; 31.204.152.149; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 614ms
24ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=1c_L9Hb6zphPGTfq02EtY66zY_UlYvLSE1MlscakWhD-ZTpEyZxpRpDpEcMfyiLf&ttd_tpi=1
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c&party=1296
https://pixel.sojern.com/idsync/adf?adfid=338667755683120190&cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c

0
230 B

375ms
29ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=338667755683120190&cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=338667755683120190&cid=d33f3504-4fb2-84e3-d26a-bdfcf8ee368c
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 76ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:24:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Jul 2024 16:24:34 GMT

GET
H2 200 main.f74ed22b.js Show response
s.pinimg.com/ct/lib/ 70 KB
20 KB 206ms
35ms Script
application/javascript 2a02:26f0:e300:293::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:293::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20114

GET
H2 200 main.MWU2NDEzYzJiMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
99 KB 211ms
44ms Script
application/javascript 104.126.37.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CMK5P0RC77UEANSKBUA0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-176.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8b5eaf40218075cea5deeb7f5b1f281030c970a307707acb1a2057518c64a902

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: cca0b55
date: Tue, 02 Jul 2024 15:49:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202407021144244262C3681013B57575A4
x-tt-trace-id: 00-2407021144244262C3681013B57575A4-5D68583136918CD8-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01baafe28d948399e1b4f93a621530cab6c5584cbd8e4ede4a20ced471555c12765d5f8ba26b4f00cd11e80307ae46eae3a4cecb051993b342ecf0efee7ef34bafe410c84d5b16bfa7bc7698293a66ee5c994f125da33712945d1aa4b6d5d532f2
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 100295

GET
H2 200 132779728136411 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 205ms
114ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/132779728136411?v=2.9.159&r=stable&domain=winetrain.pages.dev&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ceb85529fded44ddaef396be08ecc02bdcc11fe1011045abd45dbe86806e9a5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Jul 2024 15:49:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=62, mss=1297, tbw=63779, tp=-1, tpl=-1, uplat=99, ullat=0
pragma: public
x-fb-debug: lMgOgrpM8Br1s3WG3kyAug+xE/ML5/Z6T8ZWM7Sk8yXYuHxTCVTsnkek3tBU87D14fD3i9/ZgUkeRyqjsivNig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 58ms
31ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxODgyMDM5MzI5Nw&google_sc&gdpr=&gdpr_consent=&

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 597ms
25ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1&gdpr=&gdpr_consent=&
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET 394499.gif
idsync.rlcdn.com/ 0
0

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ 0
388 B 570ms
18ms Image
text/plain 35.241.54.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxODgyMDM5MzI5N3wxNzE5OTM1MzcyMDIx&gdpr=&gdpr_consent=&
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.54.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

src=12938704;dc_pre=CJbEpsfaiIcDFXzT_QUdI_YKWA;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12938704;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=12938704;dc_pre=CJbEpsfaiIcDFXzT_QUdI_YKWA;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://adservice.google.com/ddm/fls/z/src=12938704;dc_pre=CJbEpsfaiIcDFXzT_QUdI_YKWA;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

42 B
63 B

271ms
194ms

Image
image/gif

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12938704;dc_pre=CJbEpsfaiIcDFXzT_QUdI_YKWA;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 Jul 2024 15:49:33 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7747957526523877282"}],"aggregatable_trigger_data":[{"filters":[{"14":["13768183"]}],"key_piece":"0xac2997c4924c60b5","source_keys":["12","13","14","15","16","17","18","19","20","21","15703592","15703593","15703594","15703595","628697444","628697445","628697446","628697447","628799872","628799873","628799874","628799875","638125552","638125553","638125554","638125555"]},{"key_piece":"0xf6aaea58fcf11d7","not_filters":{"14":["13768183"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15703592","15703593","15703594","15703595","628697444","628697445","628697446","628697447","628799872","628799873","628799874","628799875","638125552","638125553","638125554","638125555"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15703592":218,"15703593":218,"15703594":218,"15703595":21189,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628697444":655,"628697445":655,"628697446":655,"628697447":63569,"628799872":327,"628799873":327,"628799874":327,"628799875":31784,"638125552":327,"638125553":327,"638125554":327,"638125555":31784},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15041707183118621181","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7747957526523877282","filters":[{"14":["13768183"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7747957526523877282","filters":[{"14":["13768183"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7747957526523877282","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7747957526523877282","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12938704"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=12938704;dc_pre=CJbEpsfaiIcDFXzT_QUdI_YKWA;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3750284232798492104

43 B
61 B

250ms
205ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3750284232798492104
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3750284232798492104
pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3018820393297&gdpr=&gdprconsent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3018820393297&gdpr=&gdprconsent=

42 B
718 B

246ms
0ms

Image
image/gif

54.154.75.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3018820393297&gdpr=&gdprconsent=

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

54.154.75.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-75-170.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v061-06a60358b.edge-irl1.demdex.com 10 ms
pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: tk8qj+USRf0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v061-02165f401.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: zwSu4GjjQ5U=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3018820393297&gdpr=&gdprconsent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adara&gdpr=&gdpr_consent=&
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=mXFvLQW4XQVH92sZafWtFB_MmJU

43 B
61 B

160ms
75ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=mXFvLQW4XQVH92sZafWtFB_MmJU
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=mXFvLQW4XQVH92sZafWtFB_MmJU
Date: Tue, 02 Jul 2024 15:49:33 GMT
Connection: keep-alive
Content-Length: 110
Content-Type: text/html; charset=utf-8

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58700/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADARA&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=

0
87 B

233ms
42ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.121
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=
date: Tue, 02 Jul 2024 15:49:33 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.121
content-length: 364
content-language: en

GET javascript.gp
ssl.geoplugin.net/ 0
0

GET
H2 200 integration Show response
i.ctnsnet.com/int/ Frame 64BC 0
242 B 95ms
34ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?cguid=9b68075b5458414987a283b4754cd7fb&pixel=78591385&nid=66354764&cont=s&loc=https%3A%2F%2Fwinetrain.pages.dev%2F&ref=&cb=1719935372151&w=1600&h=1200
Requested by: Host: i.ctnsnet.com
URL: https://i.ctnsnet.com/int/integration?pixel=78591385&nid=66354764&cont=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CUR OUR NOR"
content-type: text/javascript
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 88ms
54ms XHR
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1880397651&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&ul=nl-nl&de=UTF-8&dt=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aDDAgUAjAAAAACAAo~&jid=1787858199&gjid=449885887&cid=745656548.1719935372&tid=UA-16005236-1&_gid=826010204.1719935372&_slc=1&gtm=45He46q0n71N8FWLJv6557887za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=186615836

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 79ms
30ms XHR
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16005236-1&cid=745656548.1719935372&jid=1787858199&gjid=449885887&_gid=826010204.1719935372&npa=1&_u=aDDAgUAjAAAAAGAAo~&z=1298330234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jul 2024 15:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ 47 KB
14 KB 86ms
64ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14107
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-bb78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRVBojj4GSD9fkgMYTBind2SiFEjH6Kc%2Box3BeEg6rVAxcw5SQLv4JK6WYAG98G1rv%2F%2B%2BcJi5HLwc35u3lKHvQR5lMBifjg8YyTkN0LLm1VdsxUKlLrB90ixs0bpz%2F9kWfYPBVGa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89cfc94c9aec660c-AMS
expires: Sun, 22 Jun 2025 15:49:32 GMT

GET
H2 200 / Show response
api.ipify.org/ 14 B
143 B 1120ms
472ms XHR
text/plain 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792f573327ce35a034824c683a1b83c13412991f9a04730e0ee1d3a16f3daa36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain
access-control-allow-origin: *
cf-ray: 89cfc95049b29f93-AMS
content-length: 14

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 70ms
52ms XHR
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1880397651&t=pageview&_s=1&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&ul=nl-nl&de=UTF-8&dt=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAUAjAAAAAGAEq~&jid=351601667&gjid=343241473&cid=745656548.1719935372&tid=UA-16005236-1&_gid=826010204.1719935372&_r=1&gtm=45He46q0n71N8FWLJv6557887za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd8=pageview&cd7=SID-20240702-00001740&cd9=1&cd10=1&cd11=745656548.1719935372&cd5=2024-07-02T17%3A49%3A32.222%2B02%3A00&cd6=VIDfed55a78-7dc8-2d6e-3471-1051b4fc88d2&cd12=(not%20set)&npa=1&z=2072724234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 465ms
97ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16005236-1&cid=745656548.1719935372&jid=1787858199&npa=1&_u=aDDAgUAjAAAAAGAAo~&z=1012004311

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 78ms
60ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16005236-1&cid=745656548.1719935372&jid=1787858199&npa=1&_u=aDDAgUAjAAAAAGAAo~&z=1012004311

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 48ms
37ms XHR
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16005236-1&cid=745656548.1719935372&jid=351601667&gjid=343241473&_gid=826010204.1719935372&npa=1&_u=aDDAAUAjAAAAAGAEq~&z=1435354793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jul 2024 15:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 1708fad0-9198-4809-99e0-6fe16746f0c5
api.ventrata.com/octo/products/ Frame 0
0 642ms
38ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/1708fad0-9198-4809-99e0-6fe16746f0c5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: cd5e319abc6ba13e6fdef3a4ddd55abd/6588011588529783105

OPTIONS
H2 200 46300757-2baf-4137-ba45-d1b28a09c6c6
api.ventrata.com/octo/products/ Frame 0
0 426ms
0ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/46300757-2baf-4137-ba45-d1b28a09c6c6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: 74058c5dcfb8d53c4c9e8fb341952601/4596696596092541147

OPTIONS
H2 200 9977b554-2a0a-46dd-b523-e579c168c765
api.ventrata.com/octo/products/ Frame 0
0 611ms
39ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/9977b554-2a0a-46dd-b523-e579c168c765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: 266273f68ffbf2cf6ccabfa896276df4/4707795000396441877

OPTIONS
H2 200 c742d2b4-3853-4ff1-b7c0-01c9567a51a8
api.ventrata.com/octo/products/ Frame 0
0 420ms
0ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/c742d2b4-3853-4ff1-b7c0-01c9567a51a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: e15a35cd9b1abe6c20156d77c980c87b/7493203185569968689

OPTIONS
H2 200 b0a5f563-3841-4b4d-afbf-4f2b0fd357d9
api.ventrata.com/octo/products/ Frame 0
0 424ms
0ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/b0a5f563-3841-4b4d-afbf-4f2b0fd357d9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: 6c79d15a7dad45e97ebffb4cffdaf970/9745093905379164233

OPTIONS
H2 200 ee4d16c6-2798-4109-9444-6a5e59a21e07
api.ventrata.com/octo/products/ Frame 0
0 418ms
0ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/ee4d16c6-2798-4109-9444-6a5e59a21e07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: f326f707d81dc725c210449a866928dc/8201925914783517313

OPTIONS
H2 200 1e53e877-44ff-4ba7-b18a-34d1249e5208
api.ventrata.com/octo/products/ Frame 0
0 428ms
0ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/1e53e877-44ff-4ba7-b18a-34d1249e5208
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: 061821472f4982f7fb2c43cd034dcdaa/2273439900445461603

OPTIONS
H2 200 73aef3d9-ea0e-4be0-aa3e-63fde6194f78
api.ventrata.com/octo/products/ Frame 0
0 414ms
0ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/products/73aef3d9-ea0e-4be0-aa3e-63fde6194f78
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:33 GMT
via: 1.1 google
x-cloud-trace-context: ef53b4afc15975671d2969e6325904b0/11850679058882204118

POST
H2 200 / Show response
o290279.ingest.sentry.io/api/4505005854883840/envelope/ 2 B
299 B 278ms
26ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o290279.ingest.sentry.io/api/4505005854883840/envelope/?sentry_key=019e2f53d51042158bd6d0465580083f&sentry_version=7&sentry_client=sentry.javascript.svelte%2F8.9.2

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ 2 KB
1 KB 780ms
21ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LcADk4pAAAAAONFVTAYiCEx7XZvjgajaOP1lcru

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c4f8112e1d197fea4b14acb157946631750560abb96dd6ac2a410e43206d7b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 02 Jul 2024 15:49:33 GMT

GET
H3 200 1708fad0-9198-4809-99e0-6fe16746f0c5 Show response
api.ventrata.com/octo/products/ 13 KB
5 KB 1133ms
1079ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/1708fad0-9198-4809-99e0-6fe16746f0c5

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

ff48999163c6c264f425a6d79934c3281a9fc99e52531fc1e0ad56992f4aace4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: 9455927c-2a6b-4da4-980a-c40bf5211ff1
x-runtime: 0.958913
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"ff48999163c6c264f425a6d79934c328"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: a41f35f3ee55fd8e991a08a253badf76/17444908109566699309
ventrata-hostname: webapp-main-5f78c9db75-w7scj
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H2 200 46300757-2baf-4137-ba45-d1b28a09c6c6 Show response
api.ventrata.com/octo/products/ 11 KB
4 KB 1588ms
1444ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/46300757-2baf-4137-ba45-d1b28a09c6c6

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

9ee9cae7e4d1bbff4578594881352486c9bc45a3b3d3c45347d15bfa8de3df9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: 25bf4db9-bab5-4bda-a86b-a48eb014e870
x-runtime: 1.358863
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"9ee9cae7e4d1bbff4578594881352486"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: 51164c1577138e491f5f9c769c100319/13533535829544947398
ventrata-hostname: webapp-main-5f78c9db75-s4dbb
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H3 200 9977b554-2a0a-46dd-b523-e579c168c765 Show response
api.ventrata.com/octo/products/ 6 KB
3 KB 605ms
549ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/9977b554-2a0a-46dd-b523-e579c168c765

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

66b7c69bba8f495e9096bf5cd621b399d2a048a14bdbb5e282f6ecb89c52343d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: b9452a3b-b6b2-4d1b-81f3-5776a51ed895
x-runtime: 0.370794
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"66b7c69bba8f495e9096bf5cd621b399"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: a93854ef6ae43203a26c19626fea439f/8341691127860754436
ventrata-hostname: webapp-main-5f78c9db75-s4dbb
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H2 200 c742d2b4-3853-4ff1-b7c0-01c9567a51a8 Show response
api.ventrata.com/octo/products/ 6 KB
3 KB 695ms
562ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/c742d2b4-3853-4ff1-b7c0-01c9567a51a8

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

49ece50e99eb57c4d4ad8e82491cb4bd31611c4b54af34a1462a8af82a2797df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: d2876aec-0f96-4148-ba42-e64e020faa4e
x-runtime: 0.456315
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"49ece50e99eb57c4d4ad8e82491cb4bd"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: 3fa91c4d7ddcab3b3acce05d415482a2/8304159746287721114
ventrata-hostname: webapp-main-5f78c9db75-2lh88
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H2 200 b0a5f563-3841-4b4d-afbf-4f2b0fd357d9 Show response
api.ventrata.com/octo/products/ 5 KB
3 KB 604ms
473ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/b0a5f563-3841-4b4d-afbf-4f2b0fd357d9

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

010dd5feb577e17c3bcc894701bc4d6fc3dcfe66121f92e501c41b4525b2df49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: d412a6c0-440b-4fc6-a640-496ff2e2789a
x-runtime: 0.385830
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"010dd5feb577e17c3bcc894701bc4d6f"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: 187153c49246bb167529cdb33a464bbb/6505368908232909369
ventrata-hostname: webapp-main-5f78c9db75-njssf
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H2 200 ee4d16c6-2798-4109-9444-6a5e59a21e07 Show response
api.ventrata.com/octo/products/ 6 KB
3 KB 1210ms
1080ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/ee4d16c6-2798-4109-9444-6a5e59a21e07

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

5a3b5b493ea0b41283bfc0cac2ee5bae7fb1746850e550c29f52fc34d5b006fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: 1e3bc78b-7ac5-4722-851c-017ff0137a71
x-runtime: 0.994214
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"5a3b5b493ea0b41283bfc0cac2ee5bae"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: bc0e049a2fe4e4667357034676580f33/6649403779148798099
ventrata-hostname: webapp-main-5f78c9db75-w7scj
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H2 200 1e53e877-44ff-4ba7-b18a-34d1249e5208 Show response
api.ventrata.com/octo/products/ 6 KB
3 KB 632ms
504ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/1e53e877-44ff-4ba7-b18a-34d1249e5208

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

f7b8f2a0b4c6f8b4567b618bc5e4d1937114050b665b620ee1b3783e92cc858f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: facb9dae-e39f-4372-b75d-fb8bb2f80e0e
x-runtime: 0.407270
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"f7b8f2a0b4c6f8b4567b618bc5e4d193"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: 035ddff2d14c0ad29f7786254576c6db/7773622744921727788
ventrata-hostname: webapp-main-5f78c9db75-2lh88
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H2 200 73aef3d9-ea0e-4be0-aa3e-63fde6194f78 Show response
api.ventrata.com/octo/products/ 7 KB
4 KB 687ms
556ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/products/73aef3d9-ea0e-4be0-aa3e-63fde6194f78

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

5a748b1c75f0b5ef9dbb6f85868dadcb6ec615b41fdecc98053c793a4f5bb91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en, en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: octo/content,octo/pricing,octo/questions,octo/pickups,octo/extras,octo/packages
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: 47857136-3337-4ba8-a215-8b8b446b988a
x-runtime: 0.456632
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"5a748b1c75f0b5ef9dbb6f85868dadcb"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: 46c5fad28765f9ba7f40cc6c51bdc29c/3697489343498982542
ventrata-hostname: webapp-main-5f78c9db75-2lh88
octo-capabilities: octo/content, octo/pricing, octo/questions, octo/pickups, octo/extras, octo/packages, ventrata/checkout

GET
H2 200 loader_v3.9.8.js Show response
fp.ventrata.com/web/v3/AWmZ2M0sfe8OrvMIuomq/ 149 KB
53 KB 692ms
278ms Script
text/javascript 15.197.142.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.ventrata.com/web/v3/AWmZ2M0sfe8OrvMIuomq/loader_v3.9.8.js

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.142.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46b405d1b15c420e.awsglobalaccelerator.com

Software

awselb/2.0 /

Resource Hash

084179b30bc949e118446becfca5782b55a0ac13492bff0ac74fff1fbb3dbbe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: awselb/2.0
etag: W/"fHDO8Awym9M/56+qrOu/HgVJlFY"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3780, s-maxage=621511
cross-origin-resource-policy: cross-origin
x-robots-tag: noindex
timing-allow-origin: *
content-length: 54261

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 159ms
104ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16005236-1&cid=745656548.1719935372&jid=351601667&npa=1&_u=aDDAAUAjAAAAAGAEq~&z=622920393

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.nl/ads/ 42 B
63 B 267ms
221ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16005236-1&cid=745656548.1719935372&jid=351601667&npa=1&_u=aDDAAUAjAAAAAGAEq~&z=622920393

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/bdf12fb3-d670-40f2-a9e8-14240032bc2f/prelude/ 222 B
511 B 330ms
156ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/bdf12fb3-d670-40f2-a9e8-14240032bc2f/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-6-2-17-49

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4a73d8a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f81960474289643c592da75c0b48db6f9134c3f170810acd15788b9967dfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Jul 2024 15:49:33 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 89cfc9527864b8e2-AMS
access-control-allow-headers: Content-Type, Origin
expires: Tue, 02 Jul 2024 19:49:33 GMT

GET
H2 200 rules-p-YyyZGVw7xRPms.js Show response
rules.quantcount.com/ 2 KB
1 KB 328ms
26ms Script
application/javascript 2600:9000:20ab:3800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-YyyZGVw7xRPms.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be6e6c2d2e062ea25d8a28f736ffe96ecea7e79513fca107c9692b581609b038

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:09:44 GMT
content-encoding: gzip
via: 1.1 2b4f91feaec910b23d827812b244c812.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2590
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:44:55 GMT
server: AmazonS3
etag: W/"31a6b81e552ce70bd4713c1fe1210041"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: ocBlxCa4cT8MYt1w6b-8dZgBsS_osZBB1eejAmX-P5iuGp2Xmst-DQ==

GET
H3

200

/
www.google.nl/pagead/1p-conversion/661392374/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13...
https://www.google.com/pagead/1p-conversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=syph...
https://www.google.nl/pagead/1p-conversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=sypha...

42 B
64 B

1050ms
1004ms

Image
image/gif

142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetrain.pages.dev%2F&label=gnMbCNWLkM8YEPaXsLsC&hn=www.googleadservices.com&frm=0&tiba=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&value=0&npa=1&pscdl=noapi&auid=1031918795.1719935371&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI5dOXx9qIhwMV1Mg7Ah0RKwvKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd2luZXRyYWluLnBhZ2VzLmRldi8&is_vtc=1&cid=CAQSKQDaQooLYjX0du67iEIx9g8Mjf21OhrNtZtA43F-Futu9jhJ_oDSgbNy&eitems=ChAI8MqOtAYQm5La2oi1wophEh0AXChMlL4_2czAYDhtuZRXAt3piToCuhLX2QNgUw&random=4255305342&ipr=y

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/661392374/?random=1600431663&cv=11&fst=1719935371852&bg=ffffff&guid=ON&async=1&gtm=45be46q0v9170542365z86557887za201zb6557887&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetrain.pages.dev%2F&label=gnMbCNWLkM8YEPaXsLsC&hn=www.googleadservices.com&frm=0&tiba=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&value=0&npa=1&pscdl=noapi&auid=1031918795.1719935371&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI5dOXx9qIhwMV1Mg7Ah0RKwvKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HGh0dHBzOi8vd2luZXRyYWluLnBhZ2VzLmRldi8&is_vtc=1&cid=CAQSKQDaQooLYjX0du67iEIx9g8Mjf21OhrNtZtA43F-Futu9jhJ_oDSgbNy&eitems=ChAI8MqOtAYQm5La2oi1wophEh0AXChMlL4_2czAYDhtuZRXAt3piToCuhLX2QNgUw&random=4255305342&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
633 B 500ms
0ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2618702250614&cb=1719935373127&dep=2%2CPAGE_LOAD
Requested by: Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:33 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 5049833827926492
content-length: 185
pin-unauth: dWlkPVpqY3dNVEZpTjJZdFpEY3hZUzAwTWpBMkxXSXhOamN0TnpRd04yVXlNamN4TlRVeg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winetrain.pages.dev
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 285ms
32ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=132779728136411&ev=PageView&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&rl=&if=false&ts=1719935373270&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.2.1719935373213.606365068527701335&ler=empty&cdl=API_unavailable&it=1719935372128&coo=false&rqm=GET

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=1, c=7, mss=1297, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Jul 2024 15:49:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 365ms
186ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=132779728136411&ev=PageView&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&rl=&if=false&ts=1719935373270&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.2.1719935373213.606365068527701335&ler=empty&cdl=API_unavailable&it=1719935372128&coo=false&rqm=FGET

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7c705639ac513695","source_keys":["1","2"]},{"key_piece":"0x6043a0672733ff63","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 02 Jul 2024 15:49:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387066180195315475", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=1, c=8, mss=1297, tbw=3331, tp=-1, tpl=-1, uplat=149, ullat=0
pragma: no-cache
x-fb-debug: 43C90eq7hoeFGCyTKB6jLhNsAVbgaE1ur7wl+bJhEKv2g33t7LFkF+qQlOeLj0PxdWL5+K34kUVGt8JvuRcwrw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387066180195315475"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 119ms
15ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=132779728136411&ev=ViewContent&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&rl=&if=false&ts=1719935373299&sw=1600&sh=1200&v=2.9.159&r=stable&ec=1&o=4126&fbp=fb.2.1719935373213.606365068527701335&ler=empty&cdl=API_unavailable&it=1719935372128&coo=false&tm=1&rqm=GET

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=1, c=7, mss=1297, tbw=3185, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Jul 2024 15:49:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 223ms
168ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=132779728136411&ev=ViewContent&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&rl=&if=false&ts=1719935373299&sw=1600&sh=1200&v=2.9.159&r=stable&ec=1&o=4126&fbp=fb.2.1719935373213.606365068527701335&ler=empty&cdl=API_unavailable&it=1719935372128&coo=false&tm=1&rqm=FGET

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5be363c46447c27b","source_keys":["1","2"]},{"key_piece":"0x2a26c9e4f422f0d7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 02 Jul 2024 15:49:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387066178449124717", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=1, c=8, mss=1297, tbw=6530, tp=-1, tpl=-1, uplat=157, ullat=0
pragma: no-cache
x-fb-debug: qyBIhdVTeflrJyyBcT5lkJ9A5zHZz+Qn8txleyz88AtB8mmQXHiI4yAAf6DeCpwQSPD4sqbrg1d+hrH3kgtPwg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387066178449124717"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 113ms
0ms Script
application/javascript 104.126.37.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-176.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: cca1c2d
date: Tue, 02 Jul 2024 15:49:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024052114000028360ABE5A822A9D157C
x-tt-trace-id: 00-24052114000028360ABE5A822A9D157C-65016C1984D6CF15-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014a16450144a70267c8331d4ff43712d8e1aa548e71da4501fa7daafd5dc4fa2e2bfc0ce1813575125b39d9c0622b18aa7a2faed0f58404ba50a9eb55dc4b0a6f83daf2b9d2bf3c974a7138e6f9d1152019d91868398d1a2c7281abe5fab4e5ef
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 39703

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 281ms
98ms Ping
text/plain 104.126.37.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-176.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a3325c67.cca1eee
date: Tue, 02 Jul 2024 15:49:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24070215493379285E44A9EF268FE308-67B963944BBB3B0F-00
x-cache: TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 119,104.126.37.172
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=32, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024070215493379285E44A9EF268FE308
x-cache-remote: TCP_MISS from a23-220-104-17.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.220.104.17
x-tt-trace-host: 0106d2e867081a693ce1763f6d53cf023f58e4ccb858e2e5761437eaf88eff2d350775df1c36313708990c8c6b917a2179424d48c97c37daeeb3977a9a9507994848bb8ea39f54d66d7fa086c6d9734c21741bb4c6918fcc261fa15c95239ccc4f00d5f8c4e6fe6f065bf625c615529466
access-control-allow-headers: Authorization,*
expires: Tue, 02 Jul 2024 15:49:33 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
847 B 317ms
135ms Ping
text/plain 104.126.37.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-176.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 72a0ee70.cca1efa
date: Tue, 02 Jul 2024 15:49:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24070215493374AB0D10C2A33C94705A-393EA8411E472DDD-00
x-cache: TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 154,104.126.37.172
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=39, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024070215493374AB0D10C2A33C94705A
x-cache-remote: TCP_MISS from a23-220-104-18.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.220.104.18
x-tt-trace-host: 0106d2e867081a693ce1763f6d53cf023f58e4ccb858e2e5761437eaf88eff2d35b65f58199b28037c19ba80fdf496bb37749998f13f593cd47f1f220ecba4ef65f86b97b712c75bffb856bf187b357d8bd4130b2cd49670105923c10ff04f62d744e11d29479c19a6fbd24318728cd6cf
access-control-allow-headers: Authorization,*
expires: Tue, 02 Jul 2024 15:49:33 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 199ms
50ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2618702250614&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwinetrain.pages.dev%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.126%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1719935373559
Requested by: Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://winetrain.pages.dev
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1661226711316168
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 535 KB
213 KB 436ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LcADk4pAAAAAONFVTAYiCEx7XZvjgajaOP1lcru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae64db23eb03fc57c24c335a38e3ffb0ce8c74aa08c433bba1f13cb440d3f1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Origin: https://winetrain.pages.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217125
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 08:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jun 2025 02:10:23 GMT

GET
H3 200 integration Show response
i.ctnsnet.com/int/ 1 KB
431 B 171ms
151ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=69955051&nid=66354764&cont=s&loc=https%3A%2F%2Fwinetrain.pages.dev%2F&ref=&cst=&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a840e75ea27d6e49b33bb599432408841efd85efed848983b579d2fbd29025a1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:33 GMT
content-encoding: gzip
via: 1.1 google
vary: accept-encoding
p3p: CP="NOI DSP COR NID CUR OUR NOR"
content-type: text/javascript
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=2026307166;labels=_fp.event.Homepage;rf=0;a=p-YyyZGVw7xRPms;url=https%3A%2F%2Fwinetrain.pages.dev%2F;uht=2;fpan=1;fpa=P0-1170664360-1719935373060;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-2023120811...
pixel.quantserve.com/ 35 B
517 B 347ms
0ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2026307166;labels=_fp.event.Homepage;rf=0;a=p-YyyZGVw7xRPms;url=https%3A%2F%2Fwinetrain.pages.dev%2F;uht=2;fpan=1;fpa=P0-1170664360-1719935373060;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=winetrain.pages.dev;dst=1;et=1719935373794;tzo=-120;ogl=image%3Aurl.https%3A%2F%2Fwww%252Eesbnyc%252Ecom%2Fsites%2Fdefault%2Ffiles%2F2023-05%2Fesb-logo-black%252Ejpeg%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Eesbnyc%252Ecom%2Fsites%2Fdefault%2Ffiles%2F2023-05%2Fesb-logo-black%252Ejpeg;ses=73b8aa97-afe1-4f47-8bbd-193299d48013;mdl=

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:34 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["PPOyxNRXpfC1JrQO9gqepA=="],"pcode":["p-YyyZGVw7xRPms"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
704 B 322ms
139ms Ping
text/plain 104.126.37.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-176.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cca249c
date: Tue, 02 Jul 2024 15:49:34 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240702154934911E9C537E9A208C69C9-63780C173FC63EE6-00
x-cache: TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=10, origin; dur=123
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240702154934911E9C537E9A208C69C9
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 123,104.126.37.172
x-tt-trace-host: 0106d2e867081a693ce1763f6d53cf023f58e4ccb858e2e5761437eaf88eff2d3534a3b98476c64c39b6f095e6a3a79b8affa4e25e41f88f802886ef440872ea8ff80b15ea8d17ba3da4eb9f46779e9841f5718383bc36ba9b1e662ff9ad53a664
access-control-allow-headers: Authorization,*
expires: Tue, 02 Jul 2024 15:49:34 GMT

GET
H3 200 config Show response
api.ventrata.com/octo/ventrata/checkout/ 394 B
359 B 211ms
186ms Fetch
application/json 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ventrata.com/octo/ventrata/checkout/config

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

192.66.160.34.bc.googleusercontent.com

Software

Resource Hash

f39f8a80416c29261a59be394cb0d46553b680678119fa541f84bacbf9ccc3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language: en-US, en
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer b654851d-20e1-423b-bbe7-6ace1f676f42
Octo-Env: test
Referer: https://winetrain.pages.dev/
Octo-Capabilities: ventrata/checkout
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-request-id: b5e1bc6d-0a1f-4d22-9f44-f679789b2f40
x-runtime: 0.040993
referrer-policy: strict-origin-when-cross-origin
octo-available-languages: en, zh-CN, de, es, fr, it, ja, ko, nl, pt, zh-TW
etag: W/"f39f8a80416c29261a59be394cb0d465"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
octo-env: test
cache-control: no-cache
content-language: en
vary: Accept, Origin,Accept-Encoding
x-cloud-trace-context: fa04570375a196964031d506660e8493/9006264590780628343
ventrata-hostname: webapp-main-5f78c9db75-2lh88
octo-capabilities: ventrata/checkout

OPTIONS
H3 200 config
api.ventrata.com/octo/ventrata/checkout/ Frame 0
0 188ms
127ms Preflight 34.160.66.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ventrata.com/octo/ventrata/checkout/config
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.66.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.66.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,octo-capabilities,octo-env
Access-Control-Request-Method: GET
Origin: https://winetrain.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,octo-capabilities,octo-env
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Octo-IP-Country, Octo-IP-Currency, Octo-Env, Octo-Available-Languages, Octo-Capabilities
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 02 Jul 2024 15:49:34 GMT
via: 1.1 google
x-cloud-trace-context: 6bc45d3c1a252e208139adb9f21272ec/11091981609915077685

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
77 B 829ms
46ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10188597&he={INSERT_MACRO_HERE}&auid={INSERT_MACRO_HERE}

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:34 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Jul 2024 15:49:34 GMT

GET
H3

200

src=11613066;dc_pre=CILXkcjaiIcDFcDi_QUdz3UFGg;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11613066;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=11613066;dc_pre=CILXkcjaiIcDFcDi_QUdz3UFGg;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;or...
https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CILXkcjaiIcDFcDi_QUdz3UFGg;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

42 B
63 B

223ms
221ms

Image
image/gif

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CILXkcjaiIcDFcDi_QUdz3UFGg;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 Jul 2024 15:49:35 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9589370923860977198"}],"aggregatable_trigger_data":[{"filters":[{"14":["12257120"]}],"key_piece":"0x52ba26f477c588aa","source_keys":["12","13","14","15","16","17","18","19","20","21","16243296","16243297","16243298","16243299","628492116","628492117","628492118","628492119","634916024","634916025","634916026","634916027"]},{"key_piece":"0x4e184abc572f1bd9","not_filters":{"14":["12257120"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16243296","16243297","16243298","16243299","628492116","628492117","628492118","628492119","634916024","634916025","634916026","634916027"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16243296":163,"16243297":163,"16243298":163,"16243299":15892,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628492116":327,"628492117":327,"628492118":327,"628492119":31784,"634916024":131,"634916025":131,"634916026":131,"634916027":12713},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"10501225581827584886","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9589370923860977198","filters":[{"14":["12257120"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9589370923860977198","filters":[{"14":["12257120"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9589370923860977198","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9589370923860977198","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11613066"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CILXkcjaiIcDFcDi_QUdz3UFGg;type=invmedia;cat=empir0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
500 B 817ms
40ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10177592

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:34 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Jul 2024 15:49:34 GMT

GET
H3

200

src=11613066;dc_pre=CJfZkcjaiIcDFffh_QUd5rsPLQ;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11613066;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=11613066;dc_pre=CJfZkcjaiIcDFffh_QUd5rsPLQ;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;o...
https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CJfZkcjaiIcDFffh_QUd5rsPLQ;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

42 B
63 B

243ms
227ms

Image
image/gif

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CJfZkcjaiIcDFffh_QUd5rsPLQ;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 Jul 2024 15:49:35 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2216208970374233104"}],"aggregatable_trigger_data":[{"filters":[{"14":["12296829"]}],"key_piece":"0xff5a0b6e84de0b9","source_keys":["12","13","14","15","16","17","18","19","20","21","16243296","16243297","16243298","16243299","628492116","628492117","628492118","628492119","634916024","634916025","634916026","634916027"]},{"key_piece":"0xae014ccc30c86e8c","not_filters":{"14":["12296829"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16243296","16243297","16243298","16243299","628492116","628492117","628492118","628492119","634916024","634916025","634916026","634916027"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16243296":163,"16243297":163,"16243298":163,"16243299":15892,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628492116":327,"628492117":327,"628492118":327,"628492119":31784,"634916024":131,"634916025":131,"634916026":131,"634916027":12713},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"1029085567831730504","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2216208970374233104","filters":[{"14":["12296829"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2216208970374233104","filters":[{"14":["12296829"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2216208970374233104","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2216208970374233104","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11613066"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=11613066;dc_pre=CJfZkcjaiIcDFffh_QUd5rsPLQ;type=invmedia;cat=empir00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/bdf12fb3-d670-40f2-a9e8-14240032bc2f/ 1 KB
895 B 107ms
65ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/bdf12fb3-d670-40f2-a9e8-14240032bc2f/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1718654894843

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4a73d8a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d14690261e8e9a226334221de5cadd61d8dd7745b9344686d190dfab6cf9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Jul 2024 07:38:25 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 89cfc958aedbb8e2-AMS
access-control-allow-headers: Content-Type, Origin
expires: Tue, 02 Jul 2024 19:49:34 GMT

GET
H2 200 xCJe Show response
fp.ventrata.com/t-4EVA/ 96 B
447 B 339ms
90ms XHR
text/plain 15.197.142.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.ventrata.com/t-4EVA/xCJe?q=AWmZ2M0sfe8OrvMIuomq

Requested by

Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.142.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46b405d1b15c420e.awsglobalaccelerator.com

Software

Resource Hash

7628c9315d4c764d46e3890825e5eab6bd8dd6e640960e833eb7b253403ab388

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:34 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 9 KB
4 KB 37ms
36ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?4a73d8a

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4a73d8a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa73579940d328bd40a632006eb9d544aa4ddd5b6cd896871c137cd7ee117225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jun 2024 15:02:29 GMT
server: cloudflare
etag: W/"66759605-250e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 89cfc95f4e12b8e2-AMS
access-control-allow-headers: Content-Type, Origin
expires: Fri, 30 Jun 2034 15:49:35 GMT

GET
H2 200 anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 60C9 0
0 256ms
92ms Document
text/html 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LcADk4pAAAAAONFVTAYiCEx7XZvjgajaOP1lcru&co=aHR0cHM6Ly93aW5ldHJhaW4ucGFnZXMuZGV2OjQ0Mw..&hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=1147rgbjf45n

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RnakKjSDGlOSObNdvQrXdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RnakKjSDGlOSObNdvQrXdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jul 2024 15:49:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 nr-rum.3709cb75-1.238.0.min.js Show response
js-agent.newrelic.com/ 43 KB
14 KB 67ms
18ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum.3709cb75-1.238.0.min.js

Requested by

Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

626b55eec0c819bcc0e797faccf7393babe486645f1860673218e9aaa0697f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: W_M6GIbgepZg8Jhv4nTMrSfdQTaIV8j0
content-encoding: br
via: 1.1 varnish
date: Tue, 02 Jul 2024 15:49:36 GMT
strict-transport-security: max-age=300
x-amz-request-id: PVKA3XAD2N1TFSE9
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14151
x-amz-id-2: Rh39FzAEwbMLtLI6+hNvGEoD4P8e8ur1vBxusrRr5LKXDOxYbY+npjmrL9j1+r4lMPd+mGs2D6xdKutPeilkyg==
x-served-by: cache-ams21039-AMS
last-modified: Wed, 18 Oct 2023 21:30:16 GMT
server: AmazonS3
etag: "f59a391a3f3bdc521e37f4984b33bf21"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 470ms
104ms Script
application/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: winetrain.pages.dev
URL: https://winetrain.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 15:49:37 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Tue, 02 Jul 2024 05:31:41 GMT
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Thu, 02 Jul 2026 15:49:37 GMT

GET
H2 200 Us.png
www.esbnyc.com/sites/default/files/styles/flag/public/flags/ 617 B
910 B 130ms
128ms Image
image/png 107.21.104.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esbnyc.com/sites/default/files/styles/flag/public/flags/Us.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.104.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-104-61.compute-1.amazonaws.com

Software

nginx /

Resource Hash

245b3f38c0510ffd4ea1b969174e640b656baa9e7c01a5469ed94ba1e4afef88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 14 Jul 2024 18:13:14 GMT
date: Tue, 02 Jul 2024 15:49:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 21:57:43 GMT
server: nginx
age: 164181
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 617
x-request-id: v-6b28ff10-370c-11ef-a4f9-6329b5c813c7
x-cache-hits: 94

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
32ms Image
image/gif 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1880397651&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&ul=nl-nl&de=UTF-8&dt=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=JavaScript%20Error&ea=Uncaught%20TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27hasAgreed%27)&el=https%3A%2F%2Fcdn.checkout.ventrata.com%2Fv3%2Fpr%2F1548%2Fapp-2cd43057.js&_u=aDDAgUAjAAAAAGAEq~&jid=&gjid=&cid=745656548.1719935372&tid=UA-16005236-1&_gid=826010204.1719935372&gtm=45He46q0n71N8FWLJv6557887za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=657733256

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 22:28:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62446
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 8A2C 0
0 191ms
35ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijmzr34&ref=https%3A%2F%2Fwinetrain.pages.dev%2F&upid=h6aw9sn&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Tue, 02 Jul 2024 15:49:36 GMT
server: Kestrel

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 37ms
15ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:36 GMT
x-cdn: fastly
age: 6244
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame 0971 0
0 153ms
61ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://winetrain.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 02 Jul 2024 15:49:36 GMT
pinterest-version: cac24a94a4695e758e25b435c5c0c6dca81d437a
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 4315124620378727

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 95ms
89ms Image
image/gif 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1880397651&t=timing&_s=2&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&ul=nl-nl&de=UTF-8&dt=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7399&pdt=67&dns=19&rrt=1&srt=77&tcp=57&dit=2033&clt=3578&_gst=2045&_gbt=2743&_u=aDDAAUAjAAAAAGAEq~&jid=&gjid=&cid=745656548.1719935372&tid=UA-16005236-1&_gid=826010204.1719935372&gtm=45He46q0n71N8FWLJv6557887za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd8=timing&cd7=SID-20240702-00001740&cd9=2&cd10=1&cd11=745656548.1719935372&cd5=2024-07-02T17%3A49%3A36.847%2B02%3A00&cd6=VIDfed55a78-7dc8-2d6e-3471-1051b4fc88d2&cd12=d6cf69851a63f9ce44004eb9808cb5849817661bd931e75a4ea8d75bc20039e5&npa=1&z=2050068517

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 22:28:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62446
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 86ms
84ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9S692RFY6S&gtm=45je46q0v894653511za200zb6557887&_p=1719935369515&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=745656548.1719935372&ul=nl-nl&are=1&frm=0&pscdl=noapi&_eu=AAg&_geo=1&_rdi=1&_s=2&sid=1719935371&sct=1&seg=0&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&dt=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&cu=USD&en=site_visit&epn.value=0&_et=11&tfd=7582&_z=fetch
Requested by: Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:49:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 0d17e8fd04 Show response
bam.nr-data.net/1/ 148 B
596 B 354ms
220ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/0d17e8fd04?a=56250616&v=1.238.0&to=ZQABMRFTCxJQVRFYV1xKIgYXWwoPHkYEVl1tBgIGC1c%3D&rst=7635&ck=0&s=d2c97a0fa29070b3&ref=https://winetrain.pages.dev/&qt=3&ap=37&be=160&fe=7361&dc=3479&at=SUcCR1lJGBw%3D&perf=%7B%22timing%22:%7B%22of%22:1719935369271,%22n%22:0,%22f%22:1,%22dn%22:4,%22dne%22:22,%22c%22:22,%22s%22:23,%22ce%22:79,%22rq%22:82,%22rp%22:160,%22rpe%22:227,%22di%22:2033,%22ds%22:3578,%22de%22:3638,%22dc%22:7399,%22l%22:7399,%22le%22:7521%7D,%22navigation%22:%7B%7D%7D&fp=1667&fcp=1667
Requested by: Host: cdn.checkout.ventrata.com
URL: https://cdn.checkout.ventrata.com/v3/pr/1548/app-2cd43057.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6badfb2e8cf85f00ad7168f161b8387ca9a7748e0ed0d8030d7e3475aa7d833d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 02 Jul 2024 15:49:37 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://winetrain.pages.dev
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://winetrain.pages.dev
Content-Length: 148
x-served-by: cache-ams21050-AMS

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
488 B 113ms
113ms Script
text/html 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=13669&account_id=620321&title=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&url=https%3A%2F%2Fwinetrain.pages.dev%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 15:49:37 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
cache-control: max-age=63072000
Connection: keep-alive
Content-Length: 89
expires: Thu, 02 Jul 2026 15:49:37 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
25ms Image
image/gif 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1880397651&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwinetrain.pages.dev%2F&ul=nl-nl&de=UTF-8&dt=Buy%20Empire%20State%20Building%20Tickets%20%7C%20Empire%20State%20Building&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=JavaScript%20Error&ea=Script%20error.&el=&_u=aDDAgUAjAAAAAGAEq~&jid=&gjid=&cid=745656548.1719935372&tid=UA-16005236-1&_gid=826010204.1719935372&gtm=45He46q0n71N8FWLJv6557887za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=7857537

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 22:28:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62447
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
winetrain.pages.dev/themes/custom/esb_theme/favicons/ 15 KB
1 KB 50ms
50ms Other
image/vnd.microsoft.icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winetrain.pages.dev/themes/custom/esb_theme/favicons/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

475f7eb778c17327c8bbf2e9f41f92322a727554498dca4695fc095fc569ff80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winetrain.pages.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:49:37 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"74359e4dc6af8b634ba5b191157f879e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xwhy4Z6%2Boh5EEu0%2BHCCDqBaSQk97cbiAYtG9VhbUUMXG8d9PcP%2FeySujlxuf5WWsYrrr1oyePDGy4zsBYzRTy%2BhEdD7kfeN9usdkIFPbh4pcuQBRKppypxz7iwwPwxNGCiKlJ%2FTP"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 89cfc96cbad09fa5-AMS
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssl.geoplugin.net
URL: https://ssl.geoplugin.net/json.gp?k=a4c98efc854f23a2&jsoncallback=jQuery363003946426012082682_1719935370854&_=1719935370855

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3018820393297&gdpr=&gdpr_consent=&

Domain: ssl.geoplugin.net
URL: https://ssl.geoplugin.net/javascript.gp?k=a4c98efc854f23a2

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winetrain.pages.dev/	1970-01-21 06:32:37	Name: _vwo_uuid_v2 Value: D91ED6B832138E2E37C044528993832A2\|3a805faca4509d8242332bed9ad4a1a7
.winetrain.pages.dev/	1970-01-21 00:09:35	Name: _vis_opt_s Value: 1%7C
.winetrain.pages.dev/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.winetrain.pages.dev/	1970-01-21 07:21:35	Name: _vwo_uuid Value: D91ED6B832138E2E37C044528993832A2
.winetrain.pages.dev/	1970-01-20 23:55:11	Name: _vwo_ds Value: 3%241719935369%3A53.54910835%3A%3A
.winetrain.pages.dev/	1970-01-20 21:45:37	Name: _vwo_sn Value: 0%3A1
.winetrain.pages.dev/	1970-01-20 23:55:11	Name: _gcl_au Value: 1.1.1031918795.1719935371
winetrain.pages.dev/	1970-01-20 21:45:37	Name: session Value: 1
winetrain.pages.dev/	1970-01-20 21:45:37	Name: browsingPath Value: /
.yieldoptimizer.com/	1970-01-21 06:31:11	Name: cktst Value: 636301543
.winetrain.pages.dev/	1970-01-21 07:21:35	Name: _ga_9S692RFY6S Value: GS1.1.1719935371.1.0.1719935371.60.0.0
.tiktok.com/	1970-01-21 07:07:11	Name: _ttp Value: 2ihGPVekqRLSlOfxDBRvymJVaOL
.yieldoptimizer.com/	1970-01-21 06:31:11	Name: ckid Value: 3018820393297
.yieldoptimizer.com/	1970-01-21 06:31:11	Name: ph Value: %7B%22p%22%3A%5B1025%2C1490%2C1491%2C1203%2C1476%2C39%2C1305%2C1084%2C1022%5D%2C%22t%22%3A%5B135879%2C135879%2C135879%2C135879%2C135879%2C135879%2C135879%2C135879%2C135879%5D%7D
.winetrain.pages.dev/	1970-01-20 21:45:37	Name: _ga Value: GA1.3.745656548.1719935372
.winetrain.pages.dev/	1970-01-20 21:47:01	Name: _gid Value: GA1.3.826010204.1719935372
.winetrain.pages.dev/	1970-01-20 21:45:35	Name: _dc_gtm_UA-16005236-1 Value: 1
.winetrain.pages.dev/	1970-01-21 06:31:11	Name: VisitorUID Value: VIDfed55a78-7dc8-2d6e-3471-1051b4fc88d2
.winetrain.pages.dev/	1970-01-20 21:45:37	Name: EAI_SessionId Value: SID-20240702-00001740
.winetrain.pages.dev/	1969-12-31 23:59:59	Name: EAI_PageViewOrder Value: SID-20240702-00001740$1
.winetrain.pages.dev/	1970-01-20 21:45:35	Name: _gat_UA-16005236-1 Value: 1
.ctnsnet.com/	1970-01-21 06:31:11	Name: cid Value: ab5980b748774365b8198320006aaab3
.adnxs.com/	1970-01-21 07:21:35	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:55:11	Name: XANDR_PANID Value: YT482n8uOM6d9RMTTBltBzf-P8P5rNyO_tApKp4fxvT_FYh1s3sr8zLpJtbLVZ5zx8menDAxiS8m9JtzJ0CebYVYTwv-T4VqOWpFJSIOv6c.
.adnxs.com/	1970-01-20 23:55:11	Name: uuid2 Value: 5756193845700414687
.doubleclick.net/	1970-01-20 22:28:47	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:04:47	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:55:11	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C%3H?goH!@wnf-Te9(>wL5L!!'2#$WrGC
.doubleclick.net/	1970-01-21 07:07:11	Name: IDE Value: AHWqTUmonauF1lhvHBCwivKChJPLEYQmh_qxSZYi7xow6PkGz3rfg4X5H-a37w6Pz5Y
.adaraanalytics.com/	1970-01-21 06:31:11	Name: ckid Value: 3018820393297
.adaraanalytics.com/	1970-01-21 06:31:11	Name: aackid Value: 3018820393297
.turn.com/	1970-01-21 02:04:47	Name: uid Value: 3750284232798492104
.demdex.net/	1970-01-21 02:04:47	Name: demdex Value: 38403092169578417732762307420112060603
.adform.net/	1970-01-20 22:30:13	Name: C Value: 1
sync.srv.stackadapt.com/	1970-01-21 06:31:11	Name: sa-user-id Value: s%3A0-99716f2d-05b8-5d05-47f7-6b1969f5ad14.YpW%2BDJoYxOAeKMzhEyUyceoy7kMrvbH2tGmGJNp1vEE
.srv.stackadapt.com/	1970-01-21 06:31:11	Name: sa-user-id Value: s%3A0-99716f2d-05b8-5d05-47f7-6b1969f5ad14.YpW%2BDJoYxOAeKMzhEyUyceoy7kMrvbH2tGmGJNp1vEE
sync.srv.stackadapt.com/	1970-01-21 06:31:11	Name: sa-user-id-v2 Value: s%3AmXFvLQW4XQVH92sZafWtFB_MmJU.%2B96JdgWZ8%2BlkhLajDeW%2B0zhxc0CzmI2SsB97sJ7ksko
.srv.stackadapt.com/	1970-01-21 06:31:11	Name: sa-user-id-v2 Value: s%3AmXFvLQW4XQVH92sZafWtFB_MmJU.%2B96JdgWZ8%2BlkhLajDeW%2B0zhxc0CzmI2SsB97sJ7ksko
sync.srv.stackadapt.com/	1970-01-21 06:31:11	Name: sa-user-id-v3 Value: s%3AAQAKIHkvVzMnzjWgNIJMaDobg8E0EpkfmgRzDg7h06FvPao2EHwYBCCNw5C0BjABOgRpr-VwQgQBWEPZ.hGgw32RTm%2Fq4F0SCMNQU5YYrkArFGhYD9eqyGHl%2BMEQ
.srv.stackadapt.com/	1970-01-21 06:31:11	Name: sa-user-id-v3 Value: s%3AAQAKIHkvVzMnzjWgNIJMaDobg8E0EpkfmgRzDg7h06FvPao2EHwYBCCNw5C0BjABOgRpr-VwQgQBWEPZ.hGgw32RTm%2Fq4F0SCMNQU5YYrkArFGhYD9eqyGHl%2BMEQ
.dpm.demdex.net/	1970-01-21 02:04:47	Name: dpm Value: 38403092169578417732762307420112060603
.winetrain.pages.dev/	1970-01-20 23:55:11	Name: _fbp Value: fb.2.1719935373213.606365068527701335
.adform.net/	1970-01-20 23:11:59	Name: uid Value: 338667755683120190
.winetrain.pages.dev/	1970-01-21 07:07:11	Name: _tt_enable_cookie Value: 1
.winetrain.pages.dev/	1970-01-21 07:07:11	Name: _ttp Value: v6TpzSD2poPEQmLA5Y54vhvy-3R
.yieldoptimizer.com/	1970-01-21 06:31:11	Name: dph Value: %7B%22t%22%3A%5B135879%2C135879%2C135879%5D%2C%22dp%22%3A%5B8064%2C4889%2C2397%5D%7D
.winetrain.pages.dev/	1970-01-20 21:45:37	Name: EAI_IP Value: d6cf69851a63f9ce44004eb9808cb5849817661bd931e75a4ea8d75bc20039e5
.winetrain.pages.dev/	1970-01-21 06:31:11	Name: _pin_unauth Value: dWlkPVpqY3dNVEZpTjJZdFpEY3hZUzAwTWpBMkxXSXhOamN0TnpRd04yVXlNamN4TlRVeg
.consentag.eu/	1970-01-21 01:21:35	Name: bid Value: uk-1719935373-b7afc9e6c6b841a9b26e827fb2bd5b3f
.sojern.com/	1970-01-21 06:31:11	Name: cid Value: d33f3504-4fb2-84e3-d26a-bdfcf8ee368c#1719878400000
.sojern.com/	1970-01-21 06:31:11	Name: adfid Value: 338667755683120190
.pinterest.com/	1970-01-21 06:31:11	Name: ar_debug Value: 1
winetrain.pages.dev/	1970-01-21 06:31:11	Name: __tmbid Value: uk-1719935373-b7afc9e6c6b841a9b26e827fb2bd5b3f
.winetrain.pages.dev/	1970-01-21 02:08:23	Name: crisp-client%2Fsession%2Fbdf12fb3-d670-40f2-a9e8-14240032bc2f Value: session_d653bc29-8ee2-40d1-b757-e1202023432e
.quantserve.com/	1970-01-21 07:15:49	Name: mc Value: 6684218e-219ae-8231f-8a544
.winetrain.pages.dev/	1970-01-21 07:10:04	Name: __qca Value: P0-1170664360-1719935373060
.winetrain.pages.dev/	1969-12-31 23:59:59	Name: EAI_HitOrder Value: SID-20240702-00001740$2
.winetrain.pages.dev/	1969-12-31 23:59:59	Name: EAI_HitTime Value: 2024-07-02T17:49:36.847+02:00

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "/images/MicrosoftTeams-image"
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "/images/MicrosoftTeams-image"
security	error	URL: https://winetrain.pages.dev/ Message: Refused to execute script from 'https://winetrain.pages.dev/modules/contrib/eu_cookie_compliance/js/eu_cookie_compliance.min.js?v=9.5.10' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	warning	URL: https://checkout.ventrata.com/checkout/widget/js?locale=en&prefix=checkout Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9926338.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.ipify.org
api.ventrata.com
assets.ventrata.com
bam.nr-data.net
beacon.sojern.com
c1.adform.net
cdn.checkout.ventrata.com
cdnjs.cloudflare.com
checkout.ventrata.com
client.crisp.chat
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consentag.eu
ct.pinterest.com
d.turn.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
fp.ventrata.com
googleads.g.doubleclick.net
i.ctnsnet.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
match.adsrvr.org
o290279.ingest.sentry.io
pi.pardot.com
pixel.quantserve.com
pixel.sojern.com
region1.analytics.google.com
rules.quantcount.com
s.pinimg.com
secure.adnxs.com
secure.quantserve.com
sp.analytics.yahoo.com
ssl.geoplugin.net
stats.g.doubleclick.net
sync.srv.stackadapt.com
tag.adaraanalytics.com
tag.yieldoptimizer.com
ups.analytics.yahoo.com
winetrain.pages.dev
www.esbnyc.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
idsync.rlcdn.com
ssl.geoplugin.net
104.126.37.176
104.17.24.14
104.18.29.104
104.26.12.205
107.178.244.119
107.21.104.61
142.250.184.194
142.250.184.195
142.250.185.66
142.250.186.166
15.197.142.117
151.101.0.84
162.247.243.29
172.217.16.198
172.217.18.4
18.172.103.101
18.208.125.13
185.89.210.153
188.114.97.3
2001:4860:4802:34::36
2001:678:cb4:bbbb::13
216.58.206.78
216.58.212.162
2600:9000:20ab:3800:6:44e3:f8c0:93a1
2602:816:5001::39
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c1f::9b
2a02:26f0:e300:293::1931
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.255.41.64
3.71.149.231
34.107.173.171
34.120.195.249
34.160.66.192
34.96.102.137
35.186.193.173
35.186.212.60
35.241.54.161
35.71.131.137
37.157.6.233
52.223.40.198
54.154.75.170
54.164.16.2
010dd5feb577e17c3bcc894701bc4d6fc3dcfe66121f92e501c41b4525b2df49
031f0b115ae6467ce2e3fbb26776521146cf5aec41c0636bcc685872d171b085
03e546871c88803a5282161853a73403b0d092612676ff88bf0d764b85715b01
0405cd35202d3daae458ea9d9f4a50b249c225ccaf1bac96bcf0321c44eea6e6
084179b30bc949e118446becfca5782b55a0ac13492bff0ac74fff1fbb3dbbe1
0863b04d252571c3409339b7d8877e1c8b1a85726ad01493aebdab05207507cf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c504352cab55b63d0955b649c69eb504d50e28c55817eaf0dc799f87cc9f3e6
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10b5a0414586941b0d5f54758f74a6bd2466576cd3bd3265eed69552712e9079
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
129a6bad4aab2ebafa8e6062beb9f24f04ff768bf83010e3f54029f11b71d1b8
1369cb1c99c253d0c2cb39e2df1d82324b84d8164e7afb71dbe1bb6093bde182
175939cd6657e4a6acd41e4a60825023b469c8c361547b175d5f223ca778f860
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20bb700a7d0352196ade8d971c001d9cc95e6a49f2c5ca9fe9c0f21d334f490b
2100291b9276e5d2630ab5a99eda95fe4eb9c46c5d90894c636c86e3b654939c
245b3f38c0510ffd4ea1b969174e640b656baa9e7c01a5469ed94ba1e4afef88
2af23f593f5268f84eae84edff567f57822bc03c0816c39eaa25fd66f22a988f
347f475ddf79b15d7fb178d86ba601bfabafa218a2e26c98899bb5fe22cf614c
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
376ece001e3e49a86c2bc7d174e5878e7e8c923c08bdf7c51959abc36dd0251a
3941783ca1c186293b064298f1e90f687fcbb4a995d9f4e6334b1a3d0216cef1
39f81960474289643c592da75c0b48db6f9134c3f170810acd15788b9967dfd4
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
41d14690261e8e9a226334221de5cadd61d8dd7745b9344686d190dfab6cf9d6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44cff12fec3617179e5be6691526ee32b09b16e21e1f8498625a00caa2aad657
45601a44d6aedb9fb7561f5fa97cf3b636d05b46fddc758312598b97f978a65b
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
475f7eb778c17327c8bbf2e9f41f92322a727554498dca4695fc095fc569ff80
496c93f1d8f8916de2c1ddb0589503d67c2733489329f1a15de89528de0aab4e
49ece50e99eb57c4d4ad8e82491cb4bd31611c4b54af34a1462a8af82a2797df
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da822867a6a2bcab6877a73a0867ed4a97bede2da3f4cec11a549ecebf4edd4
4dd9541308e876478ce5a7899de49617dedebf1f7e659f61fb64d1afaa5a0e43
51a8751366d8661d18f1b4e556f5edb47430729ebadd586575943591107e1fe6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
574095bd54bda8c84a108e0abd78b4eedb98c9b1ec451149ecc18e1f1d609a0d
5a3b5b493ea0b41283bfc0cac2ee5bae7fb1746850e550c29f52fc34d5b006fd
5a3fced85a9cc98674bfc95d3094402126eb234dc7ac2ae095d4d04fca353212
5a748b1c75f0b5ef9dbb6f85868dadcb6ec615b41fdecc98053c793a4f5bb91c
5f389485105b39eacb8eeefb12dcf3493cd08af3d6e5026ad6de18eba0acb2a4
626b55eec0c819bcc0e797faccf7393babe486645f1860673218e9aaa0697f4b
66b7c69bba8f495e9096bf5cd621b399d2a048a14bdbb5e282f6ecb89c52343d
6badfb2e8cf85f00ad7168f161b8387ca9a7748e0ed0d8030d7e3475aa7d833d
73c5a227786d5abb5bfd5ec96bef63823d64adc120f332e616d4fc1f956a2da1
7628c9315d4c764d46e3890825e5eab6bd8dd6e640960e833eb7b253403ab388
792f573327ce35a034824c683a1b83c13412991f9a04730e0ee1d3a16f3daa36
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
7eb417b1a9c6a3dd3c0671194e6a0e3683deebcd9402f6bd98ff3e398b921e08
819c06828afcbfb5ea0e6208fa0a5072994c2a132c4ad7fabd75f74fe608a40f
825c9ea07efed751191fba59eddd0a6727065b0067df64ecc8e47d79d4203211
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
869c7079716040abb6ff175ea4571d3649d30b64b401cbb531f668cbf9174150
8b5eaf40218075cea5deeb7f5b1f281030c970a307707acb1a2057518c64a902
8b7e89f9d814f0aa538792e65cb81ef5a92b0a2ad58684fb283c22e97cdec430
8c4f8112e1d197fea4b14acb157946631750560abb96dd6ac2a410e43206d7b8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
981bc1c2cd3d488a1565a861c85e9f8673538d4188bd390881c44efa3b46444b
9ee9cae7e4d1bbff4578594881352486c9bc45a3b3d3c45347d15bfa8de3df9a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3bcec406bfdb32566ec9aad7d498ceb8d35058c4308c86a98910b8e617a7e12
a46e52d6aa01f0604184c200f41d00de9555070dd9e0d0a17af751758505141b
a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223
a643d1e22e2eafb98a5ed2c5f058c897f34383e32a3e2bd6ef981a0b79b1d894
a72c1d4abe807a05d5ba35bfe4a31b739e6306dafe58abcb02dc8b2a7da562cd
a840e75ea27d6e49b33bb599432408841efd85efed848983b579d2fbd29025a1
aa0abd02f197aad0cddf6f6dd9aecfb114ebb21723f83faf8332d4c5f62aefe9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ace41dc5b0a76c073bcde5a267da34f7f2ddbc75bc3c4949e4f706eb703da7b9
ada6d74399a39dcb8339f159b60786b1f3f80bb6c630c9f44ddf6f6b8439bad4
ae64db23eb03fc57c24c335a38e3ffb0ce8c74aa08c433bba1f13cb440d3f1cc
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b037578590e038f8edd9149749c2a6f8757b6084feb7eed31f2669641dc76efa
b3d30bfe3691db1be28f346f5f0580f6ae3734ba88b03389f81b1f278022678b
b68a1c191b947df0092a5732353c7541a93599766e2de3be3706a158996f5836
b72d68cb06863ceee0eb62affcb5194a584e498af21369fb40129fe0288dc49d
be104846881749e3c2f5f37a02c69d593b2011fbc5f681bd90e1067111f1355a
be6e6c2d2e062ea25d8a28f736ffe96ecea7e79513fca107c9692b581609b038
c1f0c4cde3dc687fb27d3bda02e9e02294451da5eddfd4d9f48bed5580ea57b6
c35144b4da1bc7d60d8e5477467cc715638cddac15e9f4a8e487a93dd143c09b
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ceb85529fded44ddaef396be08ecc02bdcc11fe1011045abd45dbe86806e9a5a
d1b4fe9ef2905deea3bc87bd7e35d4f1b72ea6e6f80339925849cee665de00af
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
d7a8966a8a6bea6d3864df8aa2f2cdc459ff653345455218254c5486a6042d44
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87e957eff0b06ede9134c063380b5935cfbbb712d0910b43e835a286e0f7b44
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
eb4aa1d11da02f85aca7b89cea05521de37df92c4aa76790a945bba65c70ea8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0085c797bdae82c9e39804f7b9b67c4f682198428cdedf84499c7dd8983cefa
f21c972523e24c9449bc4f2f99bd708a408432f49aa6b404b4f32ebc2332800a
f39f8a80416c29261a59be394cb0d46553b680678119fa541f84bacbf9ccc3aa
f4cc07456e330134f81ad42c59de50300c787decdbb175fb9b20c2a87e8da965
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f64b2e24ad25bcbb3a35a4c2897e593a11bbe9e56dae7f5438698d28986e5e48
f7b8f2a0b4c6f8b4567b618bc5e4d1937114050b665b620ee1b3783e92cc858f
fa73579940d328bd40a632006eb9d544aa4ddd5b6cd896871c137cd7ee117225
fc3cc308550fbee60ec02f1fdfdabde944ac52c1bd51c55f2e12f4764ce7d71c
ff48999163c6c264f425a6d79934c3281a9fc99e52531fc1e0ad56992f4aace4

winetrain.pages.dev Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

89 %HTTPS

29 %IPv6

40 Domains

57 Subdomains

46 IPs

9 Countries

3002 kBTransfer

8796 kBSize

58 Cookies

12 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winetrain.pages.dev Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

89 %
HTTPS

29 %
IPv6

40
Domains

57
Subdomains

46
IPs

9
Countries

3002 kB
Transfer

8796 kB
Size

58
Cookies

148 HTTP transactions
16 data transactions