URL: https://mail.newyearlights.com/
Submission Tags: phishingrod
Submission: On December 28 via api from DE — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 87 HTTP transactions. The main IP is 95.173.172.48, located in Turkey and belongs to NETINTERNET Netinternet Bilisim Teknolojileri AS, TR. The main domain is mail.newyearlights.com.
TLS certificate: Issued by R3 on December 28th 2023. Valid for: 3 months.
This is the only time mail.newyearlights.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
39 newyearlights.com
mail.newyearlights.com
www.newyearlights.com
1 MB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
289 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 60
14 KB
5 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1605
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997
30 KB
5 gstatic.com
fonts.gstatic.com
177 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
2 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3234
log.pinterest.com — Cisco Umbrella Rank: 4390
19 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
146 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4453
38 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 3043
901 B
87 14
Domain Requested by
38 www.newyearlights.com mail.newyearlights.com
www.newyearlights.com
8 pagead2.googlesyndication.com mail.newyearlights.com
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
5 www.bing.com 2 redirects googleads.g.doubleclick.net
mail.newyearlights.com
5 tpc.googlesyndication.com mail.newyearlights.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
4 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
mail.newyearlights.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
mail.newyearlights.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com mail.newyearlights.com
www.googletagmanager.com
2 fonts.googleapis.com mail.newyearlights.com
1 www.google.com tpc.googlesyndication.com
1 log.pinterest.com mail.newyearlights.com
1 www.googletagservices.com mail.newyearlights.com
1 cdn.adnxs.com mail.newyearlights.com
1 adsdk.microsoft.com mail.newyearlights.com
1 s.w.org mail.newyearlights.com
1 assets.pinterest.com www.newyearlights.com
1 region1.google-analytics.com www.googletagmanager.com
1 mail.newyearlights.com
87 19

This site contains links to these domains. Also see Links.

Domain
www.newyearlights.com
www.facebook.com
twitter.com
plus.google.com
www.linkedin.com
www.pinterest.com
Subject Issuer Validity Valid
whm.newyearlights.com
R3
2023-12-28 -
2024-03-27
3 months crt.sh
newyearlights.com
E1
2023-12-06 -
2024-03-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-07
a year crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA
2023-12-18 -
2025-01-17
a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02
2023-10-11 -
2024-04-08
6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05
2023-10-18 -
2024-06-27
8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 7 frames:

Primary Page: https://mail.newyearlights.com/
Frame ID: 40A278589DA711DFEA5D5CA1F299BC8A
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: F9D6F4EB278B7A41F18709B26F819969
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5378909606982325&output=html&adk=1812271804&adf=3025194257&lmt=1703730785&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_r&format=0x0&url=https%3A%2F%2Fmail.newyearlights.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703730785406&bpp=2&bdt=392&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1904712782299&frm=20&pv=2&ga_vid=457166896.1703730785&ga_sid=1703730786&ga_hid=1718757604&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532524%2C44798934%2C95320884&oid=2&pvsid=126141912747717&tmod=1311498830&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=232
Frame ID: CBB84C0E6F6691637A342AA2EBFEC799
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EAEDA856196583DFE83038EEC1D108C7
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 40052DE0A911A8EC2550DAEA58BF77AE
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF7F0CC051C13C14E18432D25DE4B76A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8EB260441579BB188E3DD0158DA1180F
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

newyearlights. com - Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

87
Requests

92 %
HTTPS

74 %
IPv6

14
Domains

19
Subdomains

20
IPs

3
Countries

2009 kB
Transfer

3835 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=20e6839e-f2f2-476d-b102-aa9767e23964&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0b04829-b0e0-40f5-bb21-977856d65a12&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dc5699a26c16144ea812f613114809262%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=6374911785700522419 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5699a26c16144ea812f613114809262&SNR=1&GV=2&med=10
Request Chain 77
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=20e6839e-f2f2-476d-b102-aa9767e23964&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0b04829-b0e0-40f5-bb21-977856d65a12&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dc5699a26c16144ea812f613114809262%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=6374911785700522419 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c5699a26c16144ea812f613114809262&tids=15000&med=10

87 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mail.newyearlights.com/
93 KB
13 KB
Document
General
Full URL
https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.173.172.48 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
oss.ballmeta.net
Software
Apache /
Resource Hash
f7b691d473f212c8c7c8b2d8245f8afbeebe128a9c130cb95c62ce2938b8bf98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
13460
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 02:33:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.newyearlights.com/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
Apache
vary
Accept-Encoding
styles.css
www.newyearlights.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
912 B
Stylesheet
General
Full URL
https://www.newyearlights.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 19 Sep 2019 00:04:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hnYoJnqpUnA%2FsIQNi1KMhiP6yb7Pz7GxVr7mYGuvxTFj3fsPqRZhXcb3gC3chtjgXS7y0k1ae9zXteGfTdwltZt9JsmqKGnQ9GusucP5YejOhzAB5kx0DQdAQTzOenWdyhTZAgnQob2A0ukLcQkwJzOonw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c6657ec8b33a96-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
19 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400i%7CMontserrat:500,500i,400%7CMontserrat:300,300i,400%7CMontserrat:300,300i,400%7CRoboto:400,400i%7CMontserrat:400,400i%7CPrincess+Sofia:600,600i,400%7CMonda:600,600i,400%7CMontserrat:300,300i,400%7Cinherit:400,400i%7CMontserrat:300,300i,400%7Cinherit:300,300i,400
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62fa05888d69a537494a809587293a3ecfe0d5271d85da9b27ddf069a2bf02f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 02:33:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 02:33:05 GMT
slick.css
www.newyearlights.com/wp-content/themes/higher-place/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/css/slick.css?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa08928091a18ef795ffed7ded7e3839ace2da6f0e2d2817d49d7ba82f61923f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwGzfLJn%2BBxISLo7ucgGDcfCnHN7EIAvQPq%2BItjWmzkDf5Lfe9oHOp4RxCx7LN2BQceNAabT6p9S9Eq07EmnNPrkMABBZ2hN3W%2FpX9dYmszNXR5VYlivMYjkjJyvqejx5HeQwkSciEUooCWKuoSWjx81JIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c6657ec8b63a96-FRA
alt-svc
h3=":443"; ma=86400
main-min.css
www.newyearlights.com/wp-content/themes/higher-place/css/
449 KB
74 KB
Stylesheet
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/css/main-min.css?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fcf27398af52661908dbc1a6d149e67932eee9c4217443f8a5942757ea258f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nC0ZZpLSu2Y2QKcl9K7VuKB7x4GpBdxLzrJfyPxwcpHFz1WjJdqtsIZX38R7PijHoQbTWQjsi9MZTKymRUHV2ahw%2BIh7fL%2BKWxWmlgVaSJA%2FLvvfmQNu4Ss5X%2FmNvn9YGGdA7xne9zOBdSD6oVLW%2Baoocao%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c6657ec8b73a96-FRA
alt-svc
h3=":443"; ma=86400
style.css
www.newyearlights.com/wp-content/themes/higher-place/
615 B
656 B
Stylesheet
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/style.css?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08af747a7a6979df292a39b67e5d51e96f63010437c9e0df2f9a080b55b2ac25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqVjpwXzrFsk4d9qDFeWXegEpDnvgwAaE7T%2BfGuLr%2BvupfIlaGdvlE98XHdTaEcPXJgAp%2F6E8Mg%2B76Xu3B%2BeJUOGQRZyHr9AsrqrvzbuG8sNghFxfo6k2pNRFqiBghLb0UufSoebCDRSBBxF4u8i6GP2s6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c6657ec8b83a96-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0fc16d2f77d7c25f826364e9362c52516943216674243713fcd04883cba7f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 02:33:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 02:33:05 GMT
rst-writerCSS.min.css
www.newyearlights.com/wp-content/themes/higher-place/rslib/customize/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/rslib/customize/rst-writerCSS.min.css?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1275bd8de97c36442edc2a46f4e60356d4be18d76068f6955103646940ba16de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 15 Sep 2021 22:11:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPZvTTZ7maXPD6%2BROd9vw03%2BO2qfG4T%2BWKmRNY90tWf0PI7upKg%2FoDFWR%2BKEQAY5MvOBWCPdH%2FgohWWkLuxn7iJHVrACTLvoq%2F9bMWv2pwT34AUpKAtLQ9wxudhNjGAZAj3TZXSN2BU6893O1jdMKXTzJ8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c6657ec8b23a96-FRA
alt-svc
h3=":443"; ma=86400
rst-writerCSS.min.css
www.newyearlights.com/wp-content/themes/higher-place/rslib/customize/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/rslib/customize/rst-writerCSS.min.css?ver=20231228023304
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1275bd8de97c36442edc2a46f4e60356d4be18d76068f6955103646940ba16de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 15 Sep 2021 22:11:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ3%2BnJQNXjNW4vpDlI%2BZOtvDvjwp7Sh%2Bwe5UJ6wCBAongdldb%2FoBN4ANL3e5dx0%2BQ0eGF2s1KuLLLZMnDZxhtDIcd%2BNG2FMu6Irv3%2BQracOQXRqc%2Bo2IkxT3OijkUf72SbkHCGA%2BKgg1qo9wRoVRd62Wrfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c6657ec8ba3a96-FRA
alt-svc
h3=":443"; ma=86400
jquery.js
www.newyearlights.com/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://www.newyearlights.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 05 Sep 2019 00:15:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWiopr76QlzaycpVhrldQqhrP6bf2eTzJ%2FhGJCQAHYmLTEfBKDCK2Ye7QAByDGDeOEQXx5JlscaUKpDxjHMoh8Qj5F3YhHVV6Vk0K8Z1lZabSV%2F6Y76%2BuANF6DUNPCiOHfcsxzqbU2oGNYSjxfjZ3znkx4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c6657ec8bb3a96-FRA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.newyearlights.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://www.newyearlights.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 20 May 2016 08:41:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lfiA%2F78ANg6q13CefSrvOSfzSrnumf4FcqXy%2Fo0kQ%2FRd%2B%2FIZWzbDr1BgJ68LO8YyUYDoSEnxmdFqjx4JEk4INLWdYgfs9Xe9g7LbhinzBIhaiRXrYYqRIxwR5uNO1zbJ%2B%2BXVZNIgtZRToVLVUaAcKi0lZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c6657ec8bd3a96-FRA
alt-svc
h3=":443"; ma=86400
pinit.js
www.newyearlights.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/
782 B
712 B
Script
General
Full URL
https://www.newyearlights.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f24e26f4dd4abf4d3e447425223fed15ac5489439dccec9ec4afa21ca1fa9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 22:54:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgRb9tJAiPe6S9i%2Br7ucPsWbYtv38RJjzrPIqUj5bKRnWCGVW8%2FNWnzwm7FPL6P6o3o26efSAZNs5X9cz77Nl738nI3dmR%2FxvsqlVxPBGf3Wb%2FLqCJPiheNsixa2KPHGLZMek10CZjPZ%2B%2BosRVpbmpSZdjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d168fd7-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
187 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128384689-11
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e62afac6a2db345e7f90bcda0b2c98c3ec0dee15ec7d2399967177180c7fdbe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69060
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:33:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5378909606982325
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cb00313405df99e04a7bbef0c7836ab14d332bece32311f1de8e583f9582ddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.newyearlights.com/
Origin
https://mail.newyearlights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51262
x-xss-protection
0
server
cafe
etag
801385229489515112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:33:05 GMT
texas_teal_242392842_573248257156055_3150879116746573443_n-395x440.jpg
www.newyearlights.com/wp-content/uploads/2021/09/
60 KB
61 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/09/texas_teal_242392842_573248257156055_3150879116746573443_n-395x440.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b934596da2486b95679c0689f15f161a3752b4a2aae408df5b16f52e659099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Sat, 25 Sep 2021 20:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bmg4INV8JD1FpkgqMTm4%2B296BjRHDus0QesNPEeuOrI4KMrBPlB4o2lHZiu9DkET%2B%2FVgxe3LXR74AXhJW%2FsFHZ%2FMolbSfp3%2B%2FjR4%2BWmewilC9HkpnXQzvPmxL49H0jwfQi%2FQBOmCekwNwsf792s2GXrETE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c6657fd94f3a96-FRA
alt-svc
h3=":443"; ma=86400
content-length
61856
fall-bedroom-decor-ideas-27-395x494.jpg
www.newyearlights.com/wp-content/uploads/2021/09/
38 KB
38 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/09/fall-bedroom-decor-ideas-27-395x494.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a081de177d64b857eebf2454a956b1877bb16afe4be8036cc1ec61a2a55fc70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Sat, 25 Sep 2021 19:42:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aph6aoFSkkdXXucQ4i0Ru%2FsRf5LjwV8NZ50XZTh947ZVKqpLKp%2BrQCKCpPsPUOomkcDiHlX26ADJ5SsF2iyq1u4RMf%2BagXgBFQ0wYNdYefxaxeqQwn%2F7Uz0fCkM9FKvvO%2FGDrcPlAlojgQ%2FhdLj4c3HivyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c6657fd9513a96-FRA
alt-svc
h3=":443"; ma=86400
content-length
38767
christmas_bedroom_ideas-6-395x494.jpg
www.newyearlights.com/wp-content/uploads/2021/09/
41 KB
42 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/09/christmas_bedroom_ideas-6-395x494.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6781ed0cdd79937c4a1e14b88c3572e8f2ca8a7fedbaa1dc8275f0e5599366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Sat, 25 Sep 2021 18:11:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EVYXRSRy7LCz%2Fj0vGbsBin8t9mHAooRezwUHccto%2F5XwrQTv2kb9aA7mwRaRvLc1bTDC32aXXVMuJDOe7xEVoKRh4f6MyMur1dQRJworoByy3tZ9XVVxDvDlSTtDd%2Bc3ORydtxuVSSVYowiiUDh2h9zOTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d088fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
42059
love_aesthetics_122707356_3348131345278152_774910062718375547_n-395x594.jpg
www.newyearlights.com/wp-content/uploads/2021/08/
31 KB
31 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/08/love_aesthetics_122707356_3348131345278152_774910062718375547_n-395x594.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24677377dee81095dcf79a62cecd29f5786cd30a6190cfcff2ffa7ff7d055147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Aug 2021 13:34:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOYZdoqejN16Fu9uRQ%2BfkqqKggqPd%2B%2FrADuH9%2B9kCQKQ3gVeK3FIvmNG9eekT%2Bt2fjOA7WJKwDd%2F1mwBcznLW5jMnF5cqoxMquvS2WplSBTpPHldNfelH86wXktJ%2FUnFryF7BffZ5Rt7j8ZdxhuIXZ%2BhaSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d0a8fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
31647
21-395x592.jpg
www.newyearlights.com/wp-content/uploads/2021/08/
31 KB
31 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/08/21-395x592.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d0a84ea3a7d6316bc504e44ef1e19d220bbd4226e3f85a7294e4cd44fe3b6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Aug 2021 23:25:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PO1iJnQxguHAUMp3BRWZHK0bU7A0HPB3u%2BIu74H2bpKGHeiVQhFjHMJ%2BgaincTp4k3o744hTiyzul2C0HM3XcjmAxoA%2B%2BDfJVB8wRaiB5biWEY17M%2FBcbJ13jJ%2BoM5RnAXRK0kpOYyXs3j8ySh3XlIoHv9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d0b8fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
31240
kapak-395x494.jpg
www.newyearlights.com/wp-content/uploads/2021/08/
33 KB
33 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/08/kapak-395x494.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385d6f2f681d899bd71923b2269f42c89eed5ef4d30b843b60445ca31183d010

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Aug 2021 21:41:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iipnnn1Ku6zvbwlA%2FbO2pBKSJDgAYfzn6BWzxo7vNRVzRACEvbZZ87BN7FlSU8CikHWQetFviu11q5SOG7wUsuYIiHnGHEQsakmsSH%2FDvWuShTwUtu1AFyHmivfYMY0XAGMhy42v%2FsvJq09vX2zl%2BPeggJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d178fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
33651
bublikdesign_75538133_488694311748817_8402006314983836736_n-395x494.jpg
www.newyearlights.com/wp-content/uploads/2019/12/
38 KB
38 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/12/bublikdesign_75538133_488694311748817_8402006314983836736_n-395x494.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b20bc511c3d72c0d31a13cce4403f5257cf133bb8e74dc2c712ae203f306e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Dec 2019 11:42:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zlLdrP4JvPXSo4n5C76t6U8DUyEENVjelGbP65rkIATNUcS5Od0jMxRLjq8qx4JmefSBa9nsNTw5OQwi3EtJIsUNOCcB6uh%2FT%2BDPN%2BARDXwqTNyHzHlrpIJMpRUHE8XEkj9rekKJLhHdphkeNXHQhnFN7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d188fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38401
bulejowska_47205825_2081092565337524_5421613286554988063_n-395x494.jpg
www.newyearlights.com/wp-content/uploads/2019/12/
46 KB
46 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/12/bulejowska_47205825_2081092565337524_5421613286554988063_n-395x494.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01236f62fbf843affb15658c04f93b79445ebd877b7cdf3bd8225f76700c5630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Dec 2019 11:13:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKIOS3oJz6J%2BmFOxtlAOf0kuWn4C%2BxBUqY8WQpCMD0muFHMPrhtO%2BYzOHYmU0KK21IzeLK2R1sERfL%2BINYY7yLkSWduVCy6z%2F%2B8iRky2kwQH6d42a0xJa1cQcwtWUp2CjxPP6oQAbtunjB5JePSg37E1Kqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d198fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
46728
christmasinthevillage_74642756_1564534040391838_4800398755254277918_n-395x494.jpg
www.newyearlights.com/wp-content/uploads/2019/12/
59 KB
60 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/12/christmasinthevillage_74642756_1564534040391838_4800398755254277918_n-395x494.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e7e6f07636b9e02d73591318dde4308a5a94c879962aebbb370b390efc8704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Dec 2019 10:52:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xk5q1WpszhbrkHcAuLQfYG1JK1GwIoB2DzjR7fQw6nH3QY2WnvbI8wSyI4hdC%2F3kdQG1M9uof4qpleWzCDi39MkP%2BPl1tmDvxplsWM%2BO8GMHeikpEeKebFnW%2FdLDtnl50eIDMfa73ELMnab4ewE6wL1EAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d1b8fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
60850
christmas_santa_claaus_73057094_2498181013581180_6888077076755037234_n-1-395x494.jpg
www.newyearlights.com/wp-content/uploads/2019/12/
56 KB
56 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/12/christmas_santa_claaus_73057094_2498181013581180_6888077076755037234_n-1-395x494.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c872e0dc6fdad13e26185f140b17d6ccc406f31cb658d374e513282d5ac78462

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Wed, 04 Dec 2019 01:53:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8H9vWn3Pj2i9d53Lm4C%2BQTwBu%2FR9HarQfvhg41ykN3UgVDQ8ZseUiBY4KhPvNXBHW3oKWx5PrhGnP0iOc4fU0s3nrXti9mhz6qkJE%2BLGAUnUZks8XzE3xCoc6ocO1kSlzhwWi38UMLasF6JWw7UMyKHCl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d1c8fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
57379
sophielouisesdiary_67667009_391632371484060_2180343482002458339_n-300x375.jpg
www.newyearlights.com/wp-content/uploads/2019/09/
37 KB
37 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/09/sophielouisesdiary_67667009_391632371484060_2180343482002458339_n-300x375.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7454d70bb83892e6c16d729e960e13432ba43ca973971e3598edd615783718b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 19 Sep 2019 00:20:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1etBd3ipqkNU59GAnyx%2BQ1XMAwjOhP4bp8g1y1t8qiSXH2t3omGUSK3lkrUcyUOwVfqQyFS3rwLA8oyRilAypbfALFNhcZDSjo6bsv3ySytSM5DPapOaDxlXebG3cDH5Q9gNXMcl5mBdl9oUB1Pw4fbZ7Sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d1d8fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37564
21-300x277.jpg
www.newyearlights.com/wp-content/uploads/2021/08/
15 KB
15 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/08/21-300x277.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1d19730088c7e172a18fce0be7f5e0a3fc78ed09578ddf6f4942764d2d7810d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Aug 2021 23:25:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTcQfxDJ4U8DfI1%2FwjIyzZHJf10zgYzSzZvdcqHasIYUfRXo7gB3toHZbShDt9IJLAQhLfmpHHT42mkrA%2FHxbsh%2B%2FhulxoN%2BiwdiEYIl8hU55M3%2FJDI6o43%2FqaEtYmBo4pH6M4WE4LgmnEltIo4KIQpwtTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d1e8fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
15118
dinapichkolet_70010212_747078152372099_6465940425284918349_n-e1572807300786-300x277.jpg
www.newyearlights.com/wp-content/uploads/2019/11/
13 KB
13 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/11/dinapichkolet_70010212_747078152372099_6465940425284918349_n-e1572807300786-300x277.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df30594a8ec59e4166e5172886992d7a1c7ee0e8c028863b94e36bcb82de4932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Sun, 03 Nov 2019 18:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCSvJrBw3q03J%2FJGFYATE08bKG8sXKX97VlkM6o9sBn2v32BDzbDJzNLHGjM34m%2BFSt%2BySiPTkb%2BSE9lUlfPVgGFuRIQK4YJDOmk8I%2FcKtcETH86xCId56m0KeP33GhWgnekbvD0OmfwrVPlW2lS%2BF6t5jA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d1f8fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
13255
15-300x277.jpg
www.newyearlights.com/wp-content/uploads/2019/09/
11 KB
12 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/09/15-300x277.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4868acc5db9aaef106e37ca649c19f1ba198b9184ba028de09e456318f05b34f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Sun, 18 Apr 2021 19:17:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS26Dc80SvIPdGphznGxSr4IVDF5g2zeO5JA5ZC1H%2BbnvdFmORRFnp2DLHqaYa7ighr%2FPjFMNOqNMeNnQlq5o1UroTbqw8GwjdyCnzay%2FwUy9mTv%2BJqYNXzHZp5Wei1u6j43E4QtaIq5cMNOSuxCG%2FkPrtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d208fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
11769
christmas_santa_claaus_73057094_2498181013581180_6888077076755037234_n-1-300x277.jpg
www.newyearlights.com/wp-content/uploads/2019/12/
29 KB
29 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/12/christmas_santa_claaus_73057094_2498181013581180_6888077076755037234_n-1-300x277.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c1c7ed1ec011a40ecbf01676197b5be2ce9ec18c41f11d5940e4e6c23e5e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Wed, 04 Dec 2019 01:53:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSgGrz1IQERMLANizXRC8T51S%2BpJmB61mVH3jqyJ1%2BdpallxuAfbZLayFstUop27ejJRW%2FZLMpD4I%2FuPKAXyZGs03m1g3Y%2B4XsJz6OOZokQZSt5brxidp4GuIdlIRDaimf9HY67qnfWvTrl5dQgovgEZvWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d218fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
29383
nav-style.css
www.newyearlights.com/wp-content/plugins/pagination/css/
1021 B
781 B
Stylesheet
General
Full URL
https://www.newyearlights.com/wp-content/plugins/pagination/css/nav-style.css?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cba7f24e0091fb525fae11dcf8fd6916bd4ddfb8bd8c39b0b852a3038ac5645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 17 Sep 2019 17:27:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XsLxIH4zijcg0b8mutpSCoE8vFHfleouq9VS6XHcxnTF4cpE99BrFsKSHbvh%2F35LMHD1w1uq8cKFvgr58%2BMXPdBZflEAmd8fwYm%2BO4h%2FiTYrlhBLJ5rk2hX7cn2zUi%2FOXPWP5bOKLJweFVolKcjX2FUp8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c665802d0c8fd7-FRA
alt-svc
h3=":443"; ma=86400
scripts.js
www.newyearlights.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
https://www.newyearlights.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 19 Sep 2019 00:04:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rRgVMKJZLDOzrYtwEaEKOtyk24pFlCzCpULbY7C9JU5nQX0D%2FTZeRaUxj%2FaXZTHsmyvL%2BB4ZScY7x53wTljH3l63jVXeYOXYm1E4G6knVYAj4IQhkDvLP%2Fjs6Esjdf2dk1I6kOEe7GIx%2FAxfOAGD5UAhyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d0d8fd7-FRA
alt-svc
h3=":443"; ma=86400
wow.js
www.newyearlights.com/wp-content/themes/higher-place/js/
11 KB
3 KB
Script
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/js/wow.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4866c375acd86d4e03516eb7080ec2dae8070a028d7197561035402aa5a0f9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeEslnBuZNda4dyXdZ0322CBPzeJG9jpKfII2f63NZxSXJlluDD1kiFI7e51F3omTxWQl2kjngObiE80Nixf0A0MWVDV6fbT3dSV5TFEBl31AgW44bBKBzA19VfLwtRdLQeN0zkoZ3xH%2B134GV3M8fJRUQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d0e8fd7-FRA
alt-svc
h3=":443"; ma=86400
main-min.js
www.newyearlights.com/wp-content/themes/higher-place/js/
32 KB
7 KB
Script
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/js/main-min.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0260237a41a6931dd8f0ceec16fbea62636761360e9eda1b99a193ff1518f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1P4dnse477nlh%2BxV2hQSQuNVQJ%2BvvIi%2ForF8GZSRGNrZG6LFmhyLrK2ePNe8MWheRf%2FgT1zRblPKzRTJmxqibNnAJy0czhrVzDKMwFcNwDNWAL9Hd7xxI2yTCxdP47CrVvGi24pOZGI5DMgI0vLtIX7hX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d0f8fd7-FRA
alt-svc
h3=":443"; ma=86400
wp-embed.min.js
www.newyearlights.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://www.newyearlights.com/wp-includes/js/wp-embed.min.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 17 May 2023 05:07:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W91fwyuXIrKDc%2FjPGwMCV1mqBzfb2DY2UFmoWTuhvAzQjmaW78ECZL6f5XOmN3BmxRoT3VWCgjJE%2FqzImKlDMjV9WZJZQ2PcislBd8AuyFa3ExRiM1gBoEipsMJd3h3BB3COtMvAH5QPOOXYxuscskoGAdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d108fd7-FRA
alt-svc
h3=":443"; ma=86400
slick.min.js
www.newyearlights.com/wp-content/themes/higher-place/js/
39 KB
10 KB
Script
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/js/slick.min.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8f0b71a0ec95227cb89cc37871e9e2b1d3dfaea962f17f9e887a660c83da36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Sep 2019 23:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOxcg4bzdhHO1h0ljQX4BudRpLLOJLTaTAuzasQ7pgCMmChCEYW5OSWkK4yoXzwqHtwG5PKgwAaPFTAKc3Ra3bSCmBlcPp9CUXVWBTPetc36v2pAUr4r3KHX7ma%2B7INYBIFOqF0UjnZwgTRzcKjrumKN9xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d118fd7-FRA
alt-svc
h3=":443"; ma=86400
modernizr.min.js
www.newyearlights.com/wp-content/themes/higher-place/rslib/scripts/
13 KB
8 KB
Script
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/rslib/scripts/modernizr.min.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2a7c5e3a2e89e3c1afda5e1efd8d7f416778211fa94df0f9fd67c57f2ac700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7%2FJJ1MKq6EKP8ufJTVALCtMCKylJhwNzHBlI4ovdCA2kcIt8u7I%2FUTmEAT0K4hnSwMFNMKxr6oVkopy%2BAt1fHHoSNWPy%2F%2BAjnqqRYgZc2ngUbaBEHvnHFA5RBM0lmakMmoQMYYaldyqGPOAqtXw1NehKeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d128fd7-FRA
alt-svc
h3=":443"; ma=86400
rs.common.min.js
www.newyearlights.com/wp-content/themes/higher-place/rslib/scripts/
14 KB
5 KB
Script
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/rslib/scripts/rs.common.min.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a83d59fc3bb0738393c2a1ec9e9b701bf36ab9bd8b3d90a715cd7af446f3c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J2Os2gePeZCqKTiJ94rAoUgYZz2BRbI41Ixf9rwNaJYs7L%2FAvEH9HGuE94qM8xXAywxTEO2vAf4UWVFAHY2NKaU7l%2Be3e9k5GLYKgkyDAhJ3IXT1PJHpxvHCFJhTgqMRNjyesmx6LDH4%2FZ4pAAsra7u390%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d148fd7-FRA
alt-svc
h3=":443"; ma=86400
group.js
www.newyearlights.com/wp-content/themes/higher-place/rslib/controls/group/
729 B
688 B
Script
General
Full URL
https://www.newyearlights.com/wp-content/themes/higher-place/rslib/controls/group/group.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf88c3432201cff984c65399eb7c3307a0c963090579f5b75467edcff7d4af6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Sep 2019 23:01:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB63DciURAw%2FNOiCZg7%2BOKpp4RWZ2tV3%2BJ1Ja4cYxJAwcwEb72WPKsl%2FUG%2FnvQdosn8%2B7iF9LE9rCAycZZKbHT%2FTrWeuAQN%2Bm8e8LTBhffbuzSl%2Bpf1ipyxpD%2BfVmRjsr9aUdZSRBoyL069Trd9wcBFW4Nk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d158fd7-FRA
alt-svc
h3=":443"; ma=86400
wp-emoji-release.min.js
www.newyearlights.com/wp-includes/js/
12 KB
5 KB
Script
General
Full URL
https://www.newyearlights.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.24
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Apr 2021 05:07:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyBTuiLj27U2wUjtoEawo20j64d0%2F1UszhuQkVIrKYiZ7EDM0sYjR9gLeBfOPXIZsnX4XsjEwGQgdvNn2lL7PuATwX%2BF0zj1w9EfQReXiGmWjHc%2FyUtHEaUUroBlm58B8JW%2Bipv2ppU18RlFgNWz%2BwMwfCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c665802d228fd7-FRA
alt-svc
h3=":443"; ma=86400
21.jpg
www.newyearlights.com/wp-content/uploads/2021/08/
116 KB
116 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/08/21.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb91482294cef07b479e6322c777330735c305ede867bd38050e76d07523c3ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Aug 2021 23:25:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ua5G6qZmpf1SbD9S3zZwZg7L7AEk3sMi2eXOOq6sRzYZT0TIRzFAv5g%2BpeHv34Fsp9nolFZZ1tRcXtome2GSm2kDYIT0qSrBD7FCfWbFYWEkZthXbjdXWbmhn8TeP9qTSF9FeiVjLMvqd%2Bj0RmlPAcZfnNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d238fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
118435
kapak.jpg
www.newyearlights.com/wp-content/uploads/2021/08/
153 KB
153 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2021/08/kapak.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf7a772481eee9c56e456031aaddb17e531bb749081f81e514409216fad73eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Aug 2021 21:41:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgwjO2qva7qbeItv93FbCoPLsKoOUFmFW3kBF%2BCQwaob0JPHuJLbtTbE9HcC9%2FXKf0P6UTpF2QCbhLEUmRScPLZHNHKuvOEIKrhRX2k1gkt82UGGZ5Uyd2iRb5Ui3A7LuuVsjhh5rbEutQz9cgpzdOOr%2BP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d248fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
156580
thedottedbow_46746011_2218426598445814_7541021336439240797_n.jpg
www.newyearlights.com/wp-content/uploads/2019/09/
126 KB
127 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/09/thedottedbow_46746011_2218426598445814_7541021336439240797_n.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
678d3c70b679a182719670fb2af3186b0a8f2dabe713bf4e388a4a16736efc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Wed, 18 Sep 2019 22:28:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3ojJ4N8At0%2FZftulog2a9wQFQocpwkoTYAmoyjz%2FzAQ2bhdhpNKxvdJNizARkAYdUjT4qVnRkP%2FYGMau23iD%2FoLMTtevMQu162Mb6kDYkJx8YXoo7JNgpZCR4FtHyoMjKRnYcFhtnELf9y39gGXJxHRc%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d258fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
129488
betsybenn_69647160_487387462104907_6999699582654017598_n.jpg
www.newyearlights.com/wp-content/uploads/2019/09/
57 KB
57 KB
Image
General
Full URL
https://www.newyearlights.com/wp-content/uploads/2019/09/betsybenn_69647160_487387462104907_6999699582654017598_n.jpg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a318 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141beaa0808d09a392483d8bd463247d29d65d699f0820d750dc3d232316cc93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
cf-cache-status
MISS
last-modified
Wed, 18 Sep 2019 19:49:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTZZjfnI12p%2BnbEGNWHIZHxUW0%2BudQB7gicefhb8%2BEFbIhbXmBYZyyM%2F4SdNcRj4TFAC%2F%2FkzdiMSuz7rxC8IWNb96K4bMkgtmwGuvhDzMMKXNe7p1vc5bbP%2FtwQoqpmbdhgLEu1aEvqwBxUZfsMhLESP8gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c665802d268fd7-FRA
alt-svc
h3=":443"; ma=86400
content-length
58012
0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v32/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400i%7CMontserrat:500,500i,400%7CMontserrat:300,300i,400%7CMontserrat:300,300i,400%7CRoboto:400,400i%7CMontserrat:400,400i%7CPrincess+Sofia:600,600i,400%7CMonda:600,600i,400%7CMontserrat:300,300i,400%7Cinherit:400,400i%7CMontserrat:300,300i,400%7Cinherit:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ff7d3790060dcf14289ea0e50e7df1f00893e53e882ff3101e078b2f948589f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.newyearlights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 11:42:06 GMT
x-content-type-options
nosniff
age
571859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19300
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:45:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 11:42:06 GMT
qWczB6yguIb8DZ_GXZst16n7GSz8kjQ.woff2
fonts.gstatic.com/s/princesssofia/v25/
92 KB
92 KB
Font
General
Full URL
https://fonts.gstatic.com/s/princesssofia/v25/qWczB6yguIb8DZ_GXZst16n7GSz8kjQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400i%7CMontserrat:500,500i,400%7CMontserrat:300,300i,400%7CMontserrat:300,300i,400%7CRoboto:400,400i%7CMontserrat:400,400i%7CPrincess+Sofia:600,600i,400%7CMonda:600,600i,400%7CMontserrat:300,300i,400%7Cinherit:400,400i%7CMontserrat:300,300i,400%7Cinherit:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1cd5c7f9c5835bfc8b59a8717965d2527ab1b71d4b0678f00d9ef8617c755a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.newyearlights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 05:45:15 GMT
x-content-type-options
nosniff
age
161270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94016
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 05:45:15 GMT
TK3tWkYFABsmjsphPho.woff2
fonts.gstatic.com/s/monda/v16/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/monda/v16/TK3tWkYFABsmjsphPho.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400i%7CMontserrat:500,500i,400%7CMontserrat:300,300i,400%7CMontserrat:300,300i,400%7CRoboto:400,400i%7CMontserrat:400,400i%7CPrincess+Sofia:600,600i,400%7CMonda:600,600i,400%7CMontserrat:300,300i,400%7Cinherit:400,400i%7CMontserrat:300,300i,400%7Cinherit:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28ce23ce073ab795fc6e49485c0ba2a48db59d46fa14f12f486828769280d76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.newyearlights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 05:04:11 GMT
x-content-type-options
nosniff
age
163734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17784
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:27:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 05:04:11 GMT
fontawesome-webfont.woff2
www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/
0
0

JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400i%7CMontserrat:500,500i,400%7CMontserrat:300,300i,400%7CMontserrat:300,300i,400%7CRoboto:400,400i%7CMontserrat:400,400i%7CPrincess+Sofia:600,600i,400%7CMonda:600,600i,400%7CMontserrat:300,300i,400%7Cinherit:400,400i%7CMontserrat:300,300i,400%7Cinherit:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.newyearlights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 17:34:04 GMT
x-content-type-options
nosniff
age
205141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 17:34:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400i%7CMontserrat:500,500i,400%7CMontserrat:300,300i,400%7CMontserrat:300,300i,400%7CRoboto:400,400i%7CMontserrat:400,400i%7CPrincess+Sofia:600,600i,400%7CMonda:600,600i,400%7CMontserrat:300,300i,400%7Cinherit:400,400i%7CMontserrat:300,300i,400%7Cinherit:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.newyearlights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
149936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:54:09 GMT
Signerica_Medium.woff
www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/
0
0

js
www.googletagmanager.com/gtag/
218 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KG0GQH9STD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128384689-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2da2f680fbc032531d6be628f329da017b9cbb1092c2bdb6ca7ceac1f1709310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79468
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Dec 2023 02:33:05 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128384689-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Dec 2023 01:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2688
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 28 Dec 2023 03:48:17 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5378909606982325&plah=mail.newyearlights.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5378909606982325
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aad37949ae297087519cb1b0c0f7506864232c511913dd672e1e26a592b53d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137956
x-xss-protection
0
server
cafe
etag
5349221874368147810
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:33:05 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame F9D6
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5378909606982325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.newyearlights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1718757604&t=pageview&_s=1&dl=https%3A%2F%2Fmail.newyearlights.com%2F&ul=en-us&de=UTF-8&dt=newyearlights.%20com%20-%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=950869183&gjid=1590752767&cid=457166896.1703730785&tid=UA-128384689-11&_gid=253569042.1703730785&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1690487007
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.newyearlights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.newyearlights.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KG0GQH9STD&gtm=45je3bt0v9112262585&_p=1703730785297&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=457166896.1703730785&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703730785&sct=1&seg=0&dl=https%3A%2F%2Fmail.newyearlights.com%2F&dt=newyearlights.%20com%20-%20Blog&en=page_view&_fv=1&_ss=1&tfd=2015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KG0GQH9STD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.newyearlights.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pinit_main.js
assets.pinterest.com/js/
66 KB
18 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js
Requested by
Host: www.newyearlights.com
URL: https://www.newyearlights.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
x-cdn
fastly
etag
"3725764cf05d1a0938de73d398772331"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=300
alt-svc
h3=":443";ma=600
content-length
18679
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
googleads.g.doubleclick.net/pagead/ Frame CBB8
85 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5378909606982325&output=html&adk=1812271804&adf=3025194257&lmt=1703730785&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_r&format=0x0&url=https%3A%2F%2Fmail.newyearlights.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703730785406&bpp=2&bdt=392&idt=190&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1904712782299&frm=20&pv=2&ga_vid=457166896.1703730785&ga_sid=1703730786&ga_hid=1718757604&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532524%2C44798934%2C95320884&oid=2&pvsid=126141912747717&tmod=1311498830&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5378909606982325&plah=mail.newyearlights.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f3ebc6533ba6137cc64d6032292873e273da32d5cac4cf864f8c5fa726074b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.newyearlights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
24546
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 02:33:05 GMT
expires
Thu, 28 Dec 2023 02:33:05 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2744.svg
s.w.org/images/core/emoji/11/svg/
1 KB
901 B
Image
General
Full URL
https://s.w.org/images/core/emoji/11/svg/2744.svg
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
9d51dd37d9ca180799c29c8a14e2079d01d2d3b576a096f3edcabe8bb8bcde0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 08 Jun 2018 13:09:35 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5378909606982325&plah=mail.newyearlights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e44128a2911dbcc9031a191b00018005dbde321e10a7c330fa6d603b02a07ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56011
x-xss-protection
0
server
cafe
etag
9336093937293375424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:33:05 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame EAED
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5378909606982325&plah=mail.newyearlights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.newyearlights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 4005
94 KB
38 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 28 Dec 2023 02:33:06 GMT
content-encoding
br
last-modified
Tue, 12 Dec 2023 23:02:54 GMT
vary
Accept-Encoding
x-azure-ref
20231228T023306Z-mekmcg8gkt4tfcmz5rf0eaem9000000001u0000000002wm4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
09ca77f5-901e-005a-4149-380798000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 4005
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.60 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 02:33:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Fri, 27 Dec 2024 02:33:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4005
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
18196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4005
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
18197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 21:29:49 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4005
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 02:33:06 GMT
c.gif
www.bing.com/aes/ Frame 4005
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=20e6839e-f2f2-476d-b102-aa9767e23964&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0b04829-b0e0-40f5...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5699a26c16144ea812f613114809262&SNR=1&GV=2&med=10
0
547 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5699a26c16144ea812f613114809262&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 56B9972A34D1471380E4CF298381EB76 Ref B: FRA31EDGE0712 Ref C: 2023-12-28T02:33:06Z
x-cdn-traceid
0.39d53e17.1703730786.34181ff1
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 28 Dec 2023 02:33:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8404DA17237B43E48196AD113C6B3288 Ref B: FRA31EDGE0522 Ref C: 2023-12-28T02:33:06Z
x-cdn-traceid
0.39d53e17.1703730786.34181fcd
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c5699a26c16144ea812f613114809262&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame 4005
12 KB
13 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.8246355588172_1DSGI2P9GR145THNI6&pid=21.2&c=16&roil=0.2381&roit=0&roir=0.7619&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e80d22ccd28f177c5519c368627c07a6dcff2041dd89fe3c7cee09f31222dc08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:06 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1703730786.34181fcc
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
12693
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame 4005
0
528 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fmail.newyearlights.com&e=wqT_3QLyA-jyAQAAAwDWAAUBCOG8s6wGELPzhenkj4-8WBgAKjYJlVGxIKdKlD8R7yAfYr_Hkz8ZAAAAIIXr8T8h7w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR42_QFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHmh0dHBzOi8vbWFpbC5uZXd5ZWFybGlnaHRzLmNvbYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoBxliIBQGYBQCgBazcluiU84vRTMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF97lW-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBAYtg4AYB8gYCCACABwGIBwCgBwHIB9v0BdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=ef7a69c7ff90caf3852c45263b50dbc015b72fc0&bdref=https%3A%2F%2Fmail.newyearlights.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fmail.newyearlights.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271804%26client%3Dca-pub-5378909606982325%26fa%3D4%26ifi%3D2%26uci%3Da!2%26btvi%3D1,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:06 GMT
an-x-request-uuid
9be60e8c-820d-4db6-abbf-10edae5b544d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.35; 81.95.5.35; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 4005
0
551 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmail.newyearlights.com&e=wqT_3QKkB-ikAwAAAwDWAAUBCOG8s6wGELPzhenkj4-8WBgAKjYJlVGxIKdKlD8R7yAfYr_Hkz8ZAAAAIIXr8T8h7w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR42_QFgAEBigEDVVNEkgUG9GkBmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh5odHRwczovL21haWwubmV3eWVhcmxpZ2h0cy5jb22AAwCIAwGQAwCYAwmgAwGqA64DCsQCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YTBiMDQ4MjktYjBlMC00MGY1LWJiMjEtOTc3ODU2ZDY1YTEyJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1hMGIwNDgyOS1iMGUwLTQwZjUtYmIyMS05Nzc4NTZkNjVhMTImcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFvRIAVN1Ykdyb3VwPXp6ZiUzQWtuYXFlXzNjX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYzNzQ5MTE3ODU3MDA1MjI0MTkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZNE9UY3lOemt4TVRrME56Y2pNak15T0RZNU5qa3dPRFF4T0RRMU5nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFrNyW6JTzi9FMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF97lW-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAABUt8AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB9v0BdIHDQkNJQUmCNoHBgm6qOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=e4c2e3347dfb0ba6c5ce4161bf1ed6c07dd29482&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=1916179301453541761&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:06 GMT
an-x-request-uuid
a009d6b6-7a04-4ee4-8049-a76193568a07
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.35; 81.95.5.35; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 4005
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68367a96c2e82aa353044c434b1d74900488b0224f5475570b1e6f647eb265dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
fontawesome-webfont.woff
www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/
0
0

adview
googleads.g.doubleclick.net/pagead/ Frame 4005
0
23 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXNKhYd6MZe-OKIGIgAekxIygAtLg1-Buj6S2k5MKwI23ARABIABglaqzgsAHggEXY2EtcHViLTUzNzg5MDk2MDY5ODIzMjXIAQmoAwHIAwKqBOcBT9AYumlBi8-iQbQuxhL0esedWIUKM1DNNcPqvHN5gjN5W07JnG9iy7-_gxmeAz_Ao8FGp6zkoUKXJsNDZLnhBBvRCgS-8KFIq8v5U516LEr57tSwWm79SIfqLxB4ZynidsF_eUrngj7iFnPGGzPypy8jcpFTfaUKALLDkbkeNgH5PGBKs5pZI2vb9xf-iDmwZCfA9vl2-ywroqJYZIX6zEfYk4HDUGRkfhXXXlf75WmTvbvxLh8NT_dkbebYP9Z8YkRmyeZtOZiDEuiK6twn8kdJdRsmtJklx_xy4Y76zZGczY7Ps-UigAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKehluKLsYMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTUzNzg5MDk2MDY5ODIzMjUYAA&sigh=LtXsVtmN9Ow&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_8kIX-0NV6WKgGku1vOu3tNxp6czYSpvrCHtz4V6XKrLugVhrco9s8VJlCiAGVgMV-E-AFvtPnqdtiGIqyHLTsJ5OhGqK2UJ-ChgB&cbvp=2&vis=1
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 28 Dec 2023 02:33:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 28 Dec 2023 02:33:06 GMT
it
ams3-ib.adnxs.com/ Frame 4005
0
528 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fmail.newyearlights.com&e=wqT_3QKkB-ikAwAAAwDWAAUBCOG8s6wGELPzhenkj4-8WBgAKjYJlVGxIKdKlD8R7yAfYr_Hkz8ZAAAAIIXr8T8h7w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR42_QFgAEBigEDVVNEkgUG9GkBmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh5odHRwczovL21haWwubmV3eWVhcmxpZ2h0cy5jb22AAwCIAwGQAwCYAwmgAwGqA64DCsQCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YTBiMDQ4MjktYjBlMC00MGY1LWJiMjEtOTc3ODU2ZDY1YTEyJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1hMGIwNDgyOS1iMGUwLTQwZjUtYmIyMS05Nzc4NTZkNjVhMTImcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFvRIAVN1Ykdyb3VwPXp6ZiUzQWtuYXFlXzNjX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYzNzQ5MTE3ODU3MDA1MjI0MTkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZNE9UY3lOemt4TVRrME56Y2pNak15T0RZNU5qa3dPRFF4T0RRMU5nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFrNyW6JTzi9FMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF97lW-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAABUt8AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB9v0BdIHDQkNJQUmCNoHBgm6qOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=e4c2e3347dfb0ba6c5ce4161bf1ed6c07dd29482&pp=ZYzeYQAKB28K4AQBAAMiJDdgUoqppd-JFJgnlA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC80tiYd6MZe-OKIGIgAekxIygAtLg1-Buj6S2k5MKwI23ARABIABglaqzgsAHggEXY2EtcHViLTUzNzg5MDk2MDY5ODIzMjXIAQmoAwHIAwKqBOoBT9AYumlBi8-iQbQuxhL0esedWIUKM1DNNcPqvHN5gjN5W07JnG9iy7-_gxmeAz_Ao8FGp6zkoUKXJsNDZLnhBBvRCgS-8KFIq8v5U516LEr57tSwWm79SIfqLxB4ZynidsF_eUrngj7iFnPGGzPypy8jcpFTfaUKALLDkbkeNgH5PGBKs5pZI2vb9xf-iDmwZCfA9vl2-ywroqJYZIX6zEfYk4HDUGRkfhXXXlf75WmTvbvxLh8NT_dkbebYP9Z8YgZk6HSvnWLuhhL-X0J-dvFNVhGivbc9Hl70uApGTbuw1U5OUYi2zOvxgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKehluKLsYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1u-teBtQAg9qbSPPjbVATbSSyoWw%26client%3Dca-pub-5378909606982325%26adurl%3D&cbvp=2
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:06 GMT
an-x-request-uuid
dfdba7e5-8c3b-455e-95b5-299617679dbe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.35; 81.95.5.35; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Signerica_Medium.ttf
www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/
0
0

/
log.pinterest.com/
0
338 B
Image
General
Full URL
https://log.pinterest.com/?type=pidget&guid=ok465Wah3Edv&tv=2021110201&event=init&sub=www&button_count=11&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.newyearlights.com%2F&viaSrc=canonical
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 28 Dec 2023 02:33:06 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
4
x-pinterest-rid
6535484029117211
content-length
0
x-served-by
cache-fra-etou8220050-FRA
pragma
no-cache
server
envoy
x-timer
S1703730787.589863,VS0,VE30
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
fontawesome-webfont.ttf
www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/
0
0

c.gif
www.bing.com/aes/ Frame 4005
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=20e6839e-f2f2-476d-b102-aa9767e23964&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0b04829-b0e0-40f5...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c5699a26c16144ea812f613114809262&tids=15000&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c5699a26c16144ea812f613114809262&tids=15000&med=10
Requested by
Host: mail.newyearlights.com
URL: https://mail.newyearlights.com/
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:07 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8F62BEE0FFE243C0B1A63507095A8059 Ref B: FRA31EDGE0116 Ref C: 2023-12-28T02:33:07Z
x-cdn-traceid
0.39d53e17.1703730787.34182153
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 28 Dec 2023 02:33:07 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 100A0B82B42E4C0FB08CE7E244251AC0 Ref B: FRA31EDGE0720 Ref C: 2023-12-28T02:33:07Z
x-cdn-traceid
0.39d53e17.1703730787.34182148
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c5699a26c16144ea812f613114809262&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
vevent
ams3-ib.adnxs.com/ Frame 4005
0
551 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmail.newyearlights.com&e=wqT_3QKkB-ikAwAAAwDWAAUBCOG8s6wGELPzhenkj4-8WBgAKjYJlVGxIKdKlD8R7yAfYr_Hkz8ZAAAAIIXr8T8h7w0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR42_QFgAEBigEDVVNEkgUG9GkBmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh5odHRwczovL21haWwubmV3eWVhcmxpZ2h0cy5jb22AAwCIAwGQAwCYAwmgAwGqA64DCsQCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YTBiMDQ4MjktYjBlMC00MGY1LWJiMjEtOTc3ODU2ZDY1YTEyJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD1hMGIwNDgyOS1iMGUwLTQwZjUtYmIyMS05Nzc4NTZkNjVhMTImcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFvRIAVN1Ykdyb3VwPXp6ZiUzQWtuYXFlXzNjX3N5dnR1Z3JxX2EycSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYzNzQ5MTE3ODU3MDA1MjI0MTkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZNE9UY3lOemt4TVRrME56Y2pNak15T0RZNU5qa3dPRFF4T0RRMU5nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFrNyW6JTzi9FMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF97lW-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAABUt8AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB9v0BdIHDQkNJQUmCNoHBgm6qOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=e4c2e3347dfb0ba6c5ce4161bf1ed6c07dd29482&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=1916179301453541761&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:07 GMT
an-x-request-uuid
42aa5167-9121-4d47-8dbd-1ba02f522f7c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.35; 81.95.5.35; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4005
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyWaVTm6hyd2jPvpiyVk6Ah2bEogk8X4ToPewGiBbp60MRH_C_yB1BniNUK6zIbAYro7Ya51Fe5H16WjB5FPIM_z_9NB-B2Fn7xqbu1d3LQWgi4JljUQ&sig=Cg0ArKJSzB7eGMLQrcSREAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703730786002&rpt=251&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:33:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5378909606982325&plah=mail.newyearlights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aceb9911a8f65f77956fd4f66f278ac140929a4c6659c4e946b37a8dca7beb71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12293
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5378909606982325&plah=mail.newyearlights.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 02:33:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF7F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.newyearlights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
265796
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 00:43:12 GMT
expires
Tue, 24 Dec 2024 00:43:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8EB2
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7fc1a79c9dccfc945b44705de7b99bb48c7425791ba801dbe4cbfc2aa30cad13
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hVINkrtS-zWenbvApw1n_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.newyearlights.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hVINkrtS-zWenbvApw1n_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 02:33:08 GMT
expires
Thu, 28 Dec 2023 02:33:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame FF7F
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 14:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
43584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 14:26:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8EB2
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=126141912747717&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame FF7F
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?4_epfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:33:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=126141912747717&bg=!IyClIG_NAAY3kmNgF5I7ADQBe5WfOIINrjBRiU9Ys12JyyuLW6vXA_eD0_UjDYFY9p87JdEx4HiQrU0T-_dX3N39-Ei5AgAAADRSAAAAAmgBB5kC_wLd0btFC3bVNCwYun62ScMx-Wca3LWU3jlDFyMWg9LsARoSABsVvwbeDtqbI4YNXh_JyH2B5nO7YfONEkVSR0_MSBuOzdJ439jJQnX4GP8ERqmUWw8cGbcECZOEtEWN2Qe7d9ivjVuab9_07cRdgb-NRipJ5DqAoMSzRS6uNb7RWlzCGS6DCeF84EGXZ8RBspJK2OozTgMmPgAMmoTaVWq5WsAXTXfeuSztSAeN6_0YyEKb2XG-ZONtzzxPL-GX6d3aidy12NwbdBBnuY4q9SR592zzccLyRLFIoaVqOrbnIVavjRWyh8QQxInlnclDWc6LF7TrerD4cAaJ2GsJWTRp8ldUfqYOTMgobtF822n5oSAHdf0MgqdlfSXlSAHsNP6u94tP83wLUHCfM6_kGhBOWt7CAyVfApUzs2MEwN9kBa0mKf25QH06jvK8H_NqE8ja8rcfnxpOnoqnArmc0NymTSzXRI2PS9A4QClbKdrri1LCiPyLVgXFW3sqsbU1jwfctg_QwVFUkMGK7mUg3mA4w1EKXu5rQ2fYY-csmlhZ3jcGxvrU6Iyf63-5nqMJJwnsHM74DNd9ZRcn1_sV6y4ctvU0q4nZ4Y_hO0AKwFbxe5q9gNzykQUX5Ga3O0--8XoGSbFYAORyUFtnBO-LH2C7blVebSe6Es-OIMBfbtReMCeqbJTE4E1eTkfjjugFpFR_u2eRosuANqKFPR91jpcgEOLS6mIiv4fsJKHhMn1SGtOKkZTaEK-CBChz_l2yhlp1wiRdUF6YDsm3v9ywhx57ilvFZ57nNkih_GVdAYgisRf2PGvdZ2PnafYVZaBDjlgFNUUhnmCm_EiTFNNzPnBB4WdMO5BPOPVscn4KD3s5xWqEJGzZyaiURfGr-t-DBw_R0GSOIq9qcE6Vrso1frhgTuhL4qx0gsu2a5w7iwqN-vdmbxcnaTjs0tpR8lrAdv4_jx6qdcAUWUBlxfBM9C9XgVNPNAIx2sl30A8zwhdBLf77m9kBL3g6wyes4xed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.newyearlights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.newyearlights.com
URL
https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Domain
www.newyearlights.com
URL
https://www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/Signerica_Medium.woff
Domain
www.newyearlights.com
URL
https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.woff?v=4.5.0
Domain
www.newyearlights.com
URL
https://www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/Signerica_Medium.ttf
Domain
www.newyearlights.com
URL
https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.ttf?v=4.5.0

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| rs object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp boolean| PIN_19719 object| wpcf7 function| WOW object| quickview_main function| higher_place_main object| StickScope object| jQuery112408524725233747217 object| mainjs object| PIN_1703730785563 string| value object| key object| PinUtils function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| html5 object| Modernizr function| yepnope object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
mail.newyearlights.com/ Name: PHPSESSID
Value: 230d51aeaa7a2d21fecb213e4dab0c37
.newyearlights.com/ Name: _gid
Value: GA1.2.253569042.1703730785
.newyearlights.com/ Name: _gat_gtag_UA_128384689_11
Value: 1
.newyearlights.com/ Name: _ga_KG0GQH9STD
Value: GS1.1.1703730785.1.0.1703730785.0.0.0
.newyearlights.com/ Name: _ga
Value: GA1.1.457166896.1703730785
.bing.com/ Name: MUID
Value: 2F9A5F1EB8AE6F0D11B84CEBB9256E10
.newyearlights.com/ Name: __gads
Value: ID=42afddde81a3f64e:T=1703730785:RT=1703730785:S=ALNI_MblHzBH0rHPb4Y-Iyc0voQcfJxowA
.newyearlights.com/ Name: __gpi
Value: UID=00000d2cbe14870f:T=1703730785:RT=1703730785:S=ALNI_MYy7ZeiPtyG5S8GzigSy0x7-exnBw
.doubleclick.net/ Name: IDE
Value: AHWqTUn4hnQmltx5SuSvZTIFhAZ54Cif-ciN9ztG_oYdLE5Ryt9IqcLfCZvVMOE9IeQ

10 Console Messages

Source Level URL
Text
javascript error URL: https://mail.newyearlights.com/
Message:
Access to font at 'https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.woff2?v=4.5.0' from origin 'https://mail.newyearlights.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.newyearlights.com/
Message:
Access to font at 'https://www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/Signerica_Medium.woff' from origin 'https://mail.newyearlights.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/Signerica_Medium.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.newyearlights.com/
Message:
Access to font at 'https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.woff?v=4.5.0' from origin 'https://mail.newyearlights.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.woff?v=4.5.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.newyearlights.com/
Message:
Access to font at 'https://www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/Signerica_Medium.ttf' from origin 'https://mail.newyearlights.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.newyearlights.com/wp-content/themes/higher-place/css/SignericaMedium/Signerica_Medium.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.newyearlights.com/
Message:
Access to font at 'https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.ttf?v=4.5.0' from origin 'https://mail.newyearlights.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.newyearlights.com/wp-content/themes/higher-place/font-awesome-4.2.0/fonts/fontawesome-webfont.ttf?v=4.5.0
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
assets.pinterest.com
cdn.adnxs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
log.pinterest.com
mail.newyearlights.com
pagead2.googlesyndication.com
region1.google-analytics.com
s.w.org
tpc.googlesyndication.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.newyearlights.com
www.newyearlights.com
151.101.192.84
185.89.210.244
192.0.77.48
2001:4860:4802:32::178
2001:4860:4802:32::36
23.211.9.60
2606:4700:3035::ac43:a318
2620:1ec:bdf::45
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a02:26f0:480:22::1726:62f9
2a04:4e42:8d::84
95.173.172.48
01236f62fbf843affb15658c04f93b79445ebd877b7cdf3bd8225f76700c5630
08af747a7a6979df292a39b67e5d51e96f63010437c9e0df2f9a080b55b2ac25
0b6781ed0cdd79937c4a1e14b88c3572e8f2ca8a7fedbaa1dc8275f0e5599366
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2a7c5e3a2e89e3c1afda5e1efd8d7f416778211fa94df0f9fd67c57f2ac700
11c1c7ed1ec011a40ecbf01676197b5be2ce9ec18c41f11d5940e4e6c23e5e97
1275bd8de97c36442edc2a46f4e60356d4be18d76068f6955103646940ba16de
141beaa0808d09a392483d8bd463247d29d65d699f0820d750dc3d232316cc93
1cba7f24e0091fb525fae11dcf8fd6916bd4ddfb8bd8c39b0b852a3038ac5645
1cf88c3432201cff984c65399eb7c3307a0c963090579f5b75467edcff7d4af6
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
24677377dee81095dcf79a62cecd29f5786cd30a6190cfcff2ffa7ff7d055147
24e7e6f07636b9e02d73591318dde4308a5a94c879962aebbb370b390efc8704
28ce23ce073ab795fc6e49485c0ba2a48db59d46fa14f12f486828769280d76e
2da2f680fbc032531d6be628f329da017b9cbb1092c2bdb6ca7ceac1f1709310
2e44128a2911dbcc9031a191b00018005dbde321e10a7c330fa6d603b02a07ec
2fcf27398af52661908dbc1a6d149e67932eee9c4217443f8a5942757ea258f2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
385d6f2f681d899bd71923b2269f42c89eed5ef4d30b843b60445ca31183d010
3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
4868acc5db9aaef106e37ca649c19f1ba198b9184ba028de09e456318f05b34f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a081de177d64b857eebf2454a956b1877bb16afe4be8036cc1ec61a2a55fc70
4e8f0b71a0ec95227cb89cc37871e9e2b1d3dfaea962f17f9e887a660c83da36
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5b20bc511c3d72c0d31a13cce4403f5257cf133bb8e74dc2c712ae203f306e30
60a83d59fc3bb0738393c2a1ec9e9b701bf36ab9bd8b3d90a715cd7af446f3c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fa05888d69a537494a809587293a3ecfe0d5271d85da9b27ddf069a2bf02f5
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
678d3c70b679a182719670fb2af3186b0a8f2dabe713bf4e388a4a16736efc01
68367a96c2e82aa353044c434b1d74900488b0224f5475570b1e6f647eb265dd
6a0260237a41a6931dd8f0ceec16fbea62636761360e9eda1b99a193ff1518f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7454d70bb83892e6c16d729e960e13432ba43ca973971e3598edd615783718b0
7f3ebc6533ba6137cc64d6032292873e273da32d5cac4cf864f8c5fa726074b5
7fc1a79c9dccfc945b44705de7b99bb48c7425791ba801dbe4cbfc2aa30cad13
7ff7d3790060dcf14289ea0e50e7df1f00893e53e882ff3101e078b2f948589f
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
85f24e26f4dd4abf4d3e447425223fed15ac5489439dccec9ec4afa21ca1fa9a
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9cb00313405df99e04a7bbef0c7836ab14d332bece32311f1de8e583f9582ddc
9d51dd37d9ca180799c29c8a14e2079d01d2d3b576a096f3edcabe8bb8bcde0d
aa08928091a18ef795ffed7ded7e3839ace2da6f0e2d2817d49d7ba82f61923f
aad37949ae297087519cb1b0c0f7506864232c511913dd672e1e26a592b53d29
aceb9911a8f65f77956fd4f66f278ac140929a4c6659c4e946b37a8dca7beb71
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0fc16d2f77d7c25f826364e9362c52516943216674243713fcd04883cba7f4a
c872e0dc6fdad13e26185f140b17d6ccc406f31cb658d374e513282d5ac78462
cd1cd5c7f9c5835bfc8b59a8717965d2527ab1b71d4b0678f00d9ef8617c755a
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf7a772481eee9c56e456031aaddb17e531bb749081f81e514409216fad73eda
d1d19730088c7e172a18fce0be7f5e0a3fc78ed09578ddf6f4942764d2d7810d
d5d0a84ea3a7d6316bc504e44ef1e19d220bbd4226e3f85a7294e4cd44fe3b6e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df30594a8ec59e4166e5172886992d7a1c7ee0e8c028863b94e36bcb82de4932
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62afac6a2db345e7f90bcda0b2c98c3ec0dee15ec7d2399967177180c7fdbe7
e80d22ccd28f177c5519c368627c07a6dcff2041dd89fe3c7cee09f31222dc08
eb91482294cef07b479e6322c777330735c305ede867bd38050e76d07523c3ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4866c375acd86d4e03516eb7080ec2dae8070a028d7197561035402aa5a0f9f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b691d473f212c8c7c8b2d8245f8afbeebe128a9c130cb95c62ce2938b8bf98
f7b934596da2486b95679c0689f15f161a3752b4a2aae408df5b16f52e659099