play-rocket-lab.xyz Open in urlscan Pro
2606:4700:3033::6815:a2b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://play-rocket-lab.xyz/
Submission: On September 22 via api (September 22nd 2024, 9:49:06 am UTC) from BE — Scanned from DE

Summary HTTP 109 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 35 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3033::6815:a2b, located in United States and belongs to CLOUDFLARENET, US. The main domain is play-rocket-lab.xyz.
TLS certificate: Issued by WE1 on September 7th 2024. Valid for: 3 months.

This is the only time play-rocket-lab.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::6815:a2b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
41	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1 3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	3.210.24.138 3.210.24.138	14618 (AMAZON-AES) (AMAZON-AES)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.196.225.92 104.196.225.92	15169 (GOOGLE) (GOOGLE)
1	18.196.232.218 18.196.232.218	16509 (AMAZON-02) (AMAZON-02)
16 21	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:2c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:3b83:7891:cba5:2ce7	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.251.73.197 34.251.73.197	16509 (AMAZON-02) (AMAZON-02)
1 1	3.76.227.64 3.76.227.64	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	51.178.195.216 51.178.195.216	16276 (OVH) (OVH)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	52.44.245.245 52.44.245.245	14618 (AMAZON-AES) (AMAZON-AES)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.51.196.91 52.51.196.91	16509 (AMAZON-02) (AMAZON-02)
1	63.34.208.184 63.34.208.184	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
109	35

2 2606:4700:3033::6815:a2b (United States)

ASN13335 (CLOUDFLARENET, US)

play-rocket-lab.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

saratogany.wpenginepowered.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5357617.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.210.24.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-24-138.compute-1.amazonaws.com

rw1.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.196.225.92 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 92.225.196.104.bc.googleusercontent.com

saratogacasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.232.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-232-218.eu-central-1.compute.amazonaws.com

6188719.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.204.158.49 (Groningen, Netherlands) 16 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:3b83:7891:cba5:2ce7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.73.197 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-73-197.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.227.64 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-227-64.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.195.216 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip216.ip-51-178-195.eu

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.245.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-245-245.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.196.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-196-91.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.208.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-208-184.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	wpenginepowered.com saratogany.wpenginepowered.com	4 MB
23	simpli.fi 16 redirects tag.simpli.fi — Cisco Umbrella Rank: 4885 i.simpli.fi — Cisco Umbrella Rank: 4209 um.simpli.fi — Cisco Umbrella Rank: 939	13 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	837 KB
8	doubleclick.net 4 redirects 5357617.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 131 cm.g.doubleclick.net — Cisco Umbrella Rank: 283	1 KB
5	google.de www.google.de — Cisco Umbrella Rank: 11626	318 B
5	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4515	72 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	4 KB
3	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 92	5 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	75 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 274	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2086	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1460	401 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2649	913 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 565 d.agkn.com — Cisco Umbrella Rank: 775	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 468	1 KB
2	saratogacasino.com saratogacasino.com	5 KB
2	marchex.io rw1.marchex.io — Cisco Umbrella Rank: 39065	11 KB
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 6232	167 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 794	120 KB
2	play-rocket-lab.xyz play-rocket-lab.xyz	18 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 527	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 420	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 476	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 960	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 995	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1326	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1626	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6666	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 427	140 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 617	237 B
1	siteimproveanalytics.io 6188719.global.siteimproveanalytics.io	149 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3805	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405	33 KB
0	intentiq.com Failed sync.intentiq.com Failed
0	1rx.io Failed sync.1rx.io Failed
109	35

	Domain	Requested by
41	saratogany.wpenginepowered.com	play-rocket-lab.xyz saratogany.wpenginepowered.com
21	um.simpli.fi	16 redirects
9	www.googletagmanager.com	play-rocket-lab.xyz www.googletagmanager.com
5	www.google.de	play-rocket-lab.xyz
4	www.facebook.com	play-rocket-lab.xyz
3	www.google.com	3 redirects
3	googleads.g.doubleclick.net	3 redirects
3	www.googleadservices.com	1 redirects www.googletagmanager.com
3	connect.facebook.net	play-rocket-lab.xyz connect.facebook.net
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	sync.smartadserver.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	saratogacasino.com	play-rocket-lab.xyz saratogany.wpenginepowered.com
2	rw1.marchex.io	www.googletagmanager.com rw1.marchex.io
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	5357617.fls.doubleclick.net	1 redirects play-rocket-lab.xyz
2	vjs.zencdn.net	play-rocket-lab.xyz
2	code.jquery.com	play-rocket-lab.xyz
2	play-rocket-lab.xyz
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	6188719.global.siteimproveanalytics.io	play-rocket-lab.xyz
1	siteimproveanalytics.com	play-rocket-lab.xyz
1	tag.simpli.fi	www.googletagmanager.com
1	ajax.googleapis.com	play-rocket-lab.xyz
0	sync.intentiq.com Failed
0	sync.1rx.io Failed
109	42

This site contains links to these domains. Also see Links.

Domain
saratogacasino.com
www.facebook.com
www.twitter.com
www.instagram.com
www.youtube.com
www.saratogabets.com
reservations.travelclick.com
saratogany.wpenginepowered.com
scr.informz.net
www.lsm.works

Subject Issuer	Validity	Valid
play-rocket-lab.xyz WE1	`2024-09-07` - `2024-12-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
wpenginepowered.com E5	`2024-09-18` - `2024-12-17`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.googleadservices.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.marchex.io Amazon RSA 2048 M03	`2024-09-09` - `2025-10-08`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
siteimproveanalytics.com WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
saratogacasino.com R11	`2024-07-21` - `2024-10-19`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M02	`2024-09-02` - `2025-10-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://play-rocket-lab.xyz/
Frame ID: 5F8AB1B14FEF60EB6F5B40ED26635438
Requests: 107 HTTP requests in this frame

Frame: https://5357617.fls.doubleclick.net/activityi;dc_pre=CKaqlPKi1ogDFe-KgwcdU3AVAg;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775
Frame ID: 26A7A784826A94A3BDA2D67D3B931A08
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casino - Saratoga Casino Hotel, New York

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

109
Requests

79 %
HTTPS

41 %
IPv6

35
Domains

42
Subdomains

35
IPs

6
Countries

5281 kB
Transfer

8881 kB
Size

52
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://saratogacasino.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/saratogacasino

Search URL Search Domain Scan URL

URL: https://www.twitter.com/saratogacasino

Search URL Search Domain Scan URL

URL: https://www.instagram.com/saratogacasino

Search URL Search Domain Scan URL

URL: https://www.youtube.com/saratogacasino

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/hotel/
Title: Hotel

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/casino/
Title: Casino

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/promotions/
Title: Promotions

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/saratoga-club/
Title: Saratoga Club

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/casino/hot-games
Title: Games

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/vip-lounge/
Title: VIP Lounge

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/meet-the-hosts/
Title: Hosts

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/dining/
Title: Eat & Drink

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/dining/mortons/
Title: Morton's The Steakhouse

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/dining/lucky-joes/
Title: Lucky Joe's

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/dining/fortunes/
Title: Fortunes

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/dining/perks-marketplace/
Title: Perks Marketplace

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/dining/mane-home/
Title: Mane Bar

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/event-category/entertainment/
Title: Schedule

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/racing/
Title: Live Racing

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/racing/simulcast-wagering
Title: Simulcast Wagering

Search URL Search Domain Scan URL

URL: https://www.saratogabets.com/
Title: Wager Now

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/meetings-groups/
Title: Meetings & Groups

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/gift-cards/
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/player-portal/
Title: Player Portal

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/102302
Title: Book Now

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/promotions/2024-toyota-rav-4-car-giveaway/
Title: learn more

Search URL Search Domain Scan URL

URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/03/Win-Loss-Statement_REV1.24.pdf
Title: learn more

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/jackpot-winners/
Title: View Jackpot Winners

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/hot-games/
Title: View Our Games

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/promotion-category/casino-promos/
Title: view all

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/promotions/thirsty-thursday/
Title: learn more

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/promotions/food-drink-specials/
Title: learn more

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/promotions/20000-pumpkin-spice-payday-grand-prize/
Title: learn more

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/responsible-gaming-statement/
Title: Learn More About Responsible Gaming

Search URL Search Domain Scan URL

URL: http://scr.informz.net/SCR/profile.asp?fid=1789
Title: Learn More

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/faqs/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/hands-for-hope/
Title: Hands for Hope

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://saratogacasino.com/website-accessibility-statement/
Title: Website Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.lsm.works/
Title: LSM

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://5357617.fls.doubleclick.net/activityi;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775 HTTP 302
https://5357617.fls.doubleclick.net/activityi;dc_pre=CKaqlPKi1ogDFe-KgwcdU3AVAg;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775

Request Chain 59

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=IoX1CN-w7ewBEKOcmsYC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7ECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI-9qP8qLWiAMVy6j9Bx1DUDpdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov HTTP 302
https://www.google.com/pagead/1p-conversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=IoX1CN-w7ewBEKOcmsYC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7ECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI-9qP8qLWiAMVy6j9Bx1DUDpdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSGwDpaXnfNWoZeTBSP7qjP4Ewyh7pQyzkygvgPw&random=2996759295 HTTP 302
https://www.google.de/pagead/1p-conversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=IoX1CN-w7ewBEKOcmsYC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7ECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI-9qP8qLWiAMVy6j9Bx1DUDpdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSGwDpaXnfNWoZeTBSP7qjP4Ewyh7pQyzkygvgPw&random=2996759295&ipr=y

Request Chain 79

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=qyUTCPD57d4BELXx1-YC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjrxrECCJvHsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIkNLa8qLWiAMV3bH9Bx2BBj1aMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov HTTP 302
https://www.google.com/pagead/1p-conversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=qyUTCPD57d4BELXx1-YC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjrxrECCJvHsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIkNLa8qLWiAMV3bH9Bx2BBj1aMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnf_2kdUg_pieSXrfhQK07vFPaH4-f-LlbZYMQQ4vBW5lseHdQU&random=791836469 HTTP 302
https://www.google.de/pagead/1p-conversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=qyUTCPD57d4BELXx1-YC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjrxrECCJvHsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIkNLa8qLWiAMV3bH9Bx2BBj1aMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnf_2kdUg_pieSXrfhQK07vFPaH4-f-LlbZYMQQ4vBW5lseHdQU&random=791836469&ipr=y

Request Chain 86

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 87

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/715A56134A7F47D9A80ABC7E95352A7D

Request Chain 88

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=715A56134A7F47D9A80ABC7E95352A7D&dongle=yf3

Request Chain 89

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 90

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=715A56134A7F47D9A80ABC7E95352A7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 91

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=715A56134A7F47D9A80ABC7E95352A7D HTTP 302
https://d.agkn.com/pixel/10751/?che=1726998538503&ip=217.114.215.132&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219703205013001254049 HTTP 302
https://um.simpli.fi/aa_px?sk=219703205013001254049 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 92

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 95

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=715A56134A7F47D9A80ABC7E95352A7D;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=715A56134A7F47D9A80ABC7E95352A7D;mimetype=img;sr HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

Request Chain 96

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=715A56134A7F47D9A80ABC7E95352A7D&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=715A56134A7F47D9A80ABC7E95352A7D&j=0&xl8blockcheck=1

Request Chain 98

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 99

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 100

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 101

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 102

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=715A56134A7F47D9A80ABC7E95352A7D

Request Chain 103

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1726998538105&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJvHsQI&pscrd=IhMI7_mS86LWiAMVwpL9Bx15Ay2KMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJvHsQI&pscrd=IhMI7_mS86LWiAMVwpL9Bx15Ay2KMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnfTn5T5pNKF17f0LVKDWG6IS51q2Sr0DFGie-TMc-za6F9zv9l&random=1429416645 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJvHsQI&pscrd=IhMI7_mS86LWiAMVwpL9Bx15Ay2KMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnfTn5T5pNKF17f0LVKDWG6IS51q2Sr0DFGie-TMc-za6F9zv9l&random=1429416645&ipr=y

Request Chain 105

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=715A56134A7F47D9A80ABC7E95352A7D HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D715A56134A7F47D9A80ABC7E95352A7D

Request Chain 106

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=715A56134A7F47D9A80ABC7E95352A7D&expires=365

Request Chain 107

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=715A56134A7F47D9A80ABC7E95352A7D

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
play-rocket-lab.xyz/ 75 KB
17 KB 1047ms
866ms Document
text/html 2606:4700:3033::6815:a2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:a2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af97c548ac87d8598126b6bb96c9900d9eaa11004ddc7ff13ff464afb657d6d7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c7161c508739a39-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 22 Sep 2024 09:48:54 GMT
expires: Sun, 22 Sep 2024 09:48:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnQE1T%2FoGTpYdIv9We%2BpPqZv1WphXVinV2HLbmZlMxz5Wp9hR%2FVVDcqlLlkBAmKaRS5D%2F7RrEVGK%2BO5Q4cybSjJBBA8AExjyEzCke7kR1l6sKXKRAbquOEC7qGISd4J%2BV77qaC0jBM%2F24YCItwdNwsS%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding

GET
H3 200 speculation
play-rocket-lab.xyz/cdn-cgi/ 128 B
554 B 33ms
31ms Other
application/speculationrules+json 2606:4700:3033::6815:a2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://play-rocket-lab.xyz/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:a2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://play-rocket-lab.xyz
Referer: https://play-rocket-lab.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdxpwDEZg62bioBW8bGz0gw2pYdo1Xi2oCV9TwX%2FlzK6L3YW9GYEgExKzfQLWik%2FeVK6liVdtno2tstxNxEZ6VzZYCB9ozZ6EaahOeFJ2BY8iN9avFh5gJ9aSXkCbfm6xDWZ9ZZz89E2bAZD3emUiQ3F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7161ca8d6e9a39-FRA
access-control-allow-origin: https://play-rocket-lab.xyz
content-length: 128
date: Sun, 22 Sep 2024 09:48:54 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
84 KB 325ms
39ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-684101155

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b61bb4ea0c7e1d10f9f21c8c82a90c0d65772909a94a3c2a7ac596f4cee6009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: br
expires: Sun, 22 Sep 2024 09:48:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 85174
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 98ms
93ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-752220341

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03362a4f3e7292ae4dce16ffc6b8e3daf45643f9b4a2f1e3bcaf8ed6f992c35a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: br
expires: Sun, 22 Sep 2024 09:48:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 94698
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 87ms
84ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4CD380528X

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1cb8b001290eb08c3ea80820ba7734305f516f568687ae0b7db7a1e877f754f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 22 Sep 2024 09:48:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93604
date: Sun, 22 Sep 2024 09:48:55 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 style.min.css
saratogany.wpenginepowered.com/wp-includes/css/dist/block-library/ 110 KB
15 KB 299ms
63ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669948b9-1b723"
age: 182906
cf-ray: 8c7161cc0d9539d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 18 Jul 2024 16:54:17 GMT

GET
H3 200 normalize.css
saratogany.wpenginepowered.com/wp-content/themes/Governor/css/ 8 KB
3 KB 276ms
41ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/normalize.css
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"5efc4240-1e5c"
age: 15984325
cf-ray: 8c7161cc0d9039d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Wed, 01 Jul 2020 07:58:56 GMT

GET
H3 200 webflow.css
saratogany.wpenginepowered.com/wp-content/themes/Governor/css/ 38 KB
9 KB 276ms
41ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/webflow.css
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8595bbee1793e931c0702909ee5bb43ac98d7170a378979873856687b8f17a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5efc4240-96a7"
age: 16647652
cf-ray: 8c7161cc0d9339d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Wed, 01 Jul 2020 07:58:56 GMT

GET
H3 200 saratoga-prototype.webflow.css
saratogany.wpenginepowered.com/wp-content/themes/Governor/css/ 164 KB
23 KB 300ms
64ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98fba519c5bb166ce2e5e8dc70ceb970e9194748baa545077374f4a8b897671

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"5ff2e123-28ff6"
age: 6963509
cf-ray: 8c7161cc0d9939d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 04 Jan 2021 09:34:27 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.11.4/themes/smoothness/ 34 KB
8 KB 294ms
23ms Stylesheet
text/css 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: gzip
etag: W/"28feccc0-898c"
age: 4140939
x-cache: HIT, HIT
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 60, 26226
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21926-LGA, cache-fra-etou8220105-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1726998535.081202,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8056
server: nginx

GET
H3 200 style.css
saratogany.wpenginepowered.com/wp-content/themes/Governor/ 32 KB
7 KB 298ms
63ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/style.css?ver=2.1.1.7
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53932599526d3ce49e8997a3f3961961721e2395ea336485f6b876095bf0e6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"65e446e4-81a6"
age: 2341497
cf-ray: 8c7161cc0d9439d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Sun, 03 Mar 2024 09:46:12 GMT

GET
H3 200 frontend-gtag.min.js Show response
saratogany.wpenginepowered.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 11 KB
3 KB 81ms
79ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=8.1.0
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554ce3ea3197fb708c54dec587182e7b5af1ce730b85bf4bdced685537928abf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66ed0133-2d7c"
age: 189852
cf-ray: 8c7161d03a3f39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 20 Sep 2024 04:59:31 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 298ms
23ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=1.0

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: gzip
age: 104983
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 04:39:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 04:39:12 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33434
x-xss-protection: 0
server: sffe

GET
H3 200 webflow.js Show response
saratogany.wpenginepowered.com/wp-content/themes/Governor/js/ 203 KB
63 KB 340ms
105ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/js/webflow.js?ver=1.0
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845f7841b02ba35ff2cebb15453e0865d92410bb0127d0ca25fd6942b3de64a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5f0d6bc1-32bda"
age: 16623275
cf-ray: 8c7161cc0da039d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 14 Jul 2020 08:24:33 GMT

GET
H3 200 jquery.min.js Show response
saratogany.wpenginepowered.com/wp-includes/js/jquery/ 86 KB
31 KB 338ms
104ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"64ecd5ef-15601"
age: 213855
cf-ray: 8c7161cc0d9f39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 28 Aug 2023 17:14:23 GMT

GET
H3 200 jquery-migrate.min.js Show response
saratogany.wpenginepowered.com/wp-includes/js/jquery/ 13 KB
5 KB 319ms
85ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6482bd64-3509"
age: 16647651
cf-ray: 8c7161cc0d9e39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 09 Jun 2023 05:49:24 GMT

GET
H3 200 jquery.bind-first-0.2.3.min.js Show response
saratogany.wpenginepowered.com/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
870 B 318ms
84ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.6.1
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66ab33cb-525"
age: 143219
cf-ray: 8c7161cc0d9d39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 01 Aug 2024 07:05:47 GMT

GET
H3 200 js.cookie-2.1.3.min.js Show response
saratogany.wpenginepowered.com/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
1 KB 318ms
84ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"667ce922-6ad"
age: 6423971
cf-ray: 8c7161cc0d9b39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 27 Jun 2024 04:22:58 GMT

GET
H3 200 public.js Show response
saratogany.wpenginepowered.com/wp-content/plugins/pixelyoursite/dist/scripts/ 118 KB
19 KB 297ms
64ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.7.2
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb69f2363b8d61ca79aa77346468236ea06c62560a5b58bdff97e99c3bd7d65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"66cff8bf-1d87e"
age: 2092321
cf-ray: 8c7161cc0d9739d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 29 Aug 2024 04:27:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
105 KB 88ms
84ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QN4L09R5W4

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b6e6fa411a9a8c54a4d47e3abbf36a0407e41dd9bcab8c1eabc59d6106dc22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 22 Sep 2024 09:48:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107359
date: Sun, 22 Sep 2024 09:48:55 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 video-js.css
vjs.zencdn.net/6.2.5/ 53 KB
14 KB 297ms
26ms Stylesheet
text/css 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/6.2.5/video-js.css
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99ff02912da30b6b09fb7353c9edc4d582a8e3a5db5739704415b110ec4b91cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
content-encoding: gzip
etag: "379db74c25650541a4e07c4d1a3aec0a"
access-control-allow-origin: *
x-cache: HIT
content-length: 14357
date: Sun, 22 Sep 2024 09:48:55 GMT
last-modified: Wed, 16 Aug 2017 19:18:47 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220105-FRA
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
89 KB 112ms
109ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV39LC8

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbb978cc396084484b8f0f52ceebf93e9b1b99ee0480992923133733bee903f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: br
expires: Sun, 22 Sep 2024 09:48:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 91381
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 Logo-Gold.svg
saratogany.wpenginepowered.com/wp-content/themes/Governor/images/ 23 KB
4 KB 38ms
37ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/images/Logo-Gold.svg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ddfa546ced4902d56b13aa8c1c02fd593275f6edb00eaaa9d57f023ecee5ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"588822a2-5abc"
age: 16640589
cf-ray: 8c7161cf291739d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Wed, 25 Jan 2017 03:59:30 GMT

GET
H3 200 white-fb.png
saratogany.wpenginepowered.com/wp-content/themes/Governor/images/ 302 B
529 B 42ms
41ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/images/white-fb.png
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 113d5cf61aace5dc5a8a3a539f0266f8e1788facc6599748c136c8b71bc80e50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5efc4240-5e5"
age: 2634513
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1509
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/webp
content-disposition: inline; filename="white-fb.webp"
vary: Accept
last-modified: Wed, 01 Jul 2020 07:58:56 GMT
cache-control: public, max-age=31536000
cf-ray: 8c7161cf291e39d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 302
server: cloudflare

GET
H3 200 white-twitter.png
saratogany.wpenginepowered.com/wp-content/themes/Governor/images/ 530 B
761 B 92ms
90ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/images/white-twitter.png
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cf0c33069b130aa3376b18102c71b9840fb45e7afd37e1f20000edec3f5583d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5efc4240-805"
age: 1314679
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2053
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/webp
content-disposition: inline; filename="white-twitter.webp"
vary: Accept
last-modified: Wed, 01 Jul 2020 07:58:56 GMT
cache-control: public, max-age=31536000
cf-ray: 8c7161cf897c39d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 530
server: cloudflare

GET
H3 200 white-ig.png
saratogany.wpenginepowered.com/wp-content/themes/Governor/images/ 642 B
869 B 90ms
86ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/images/white-ig.png
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7051586b874341df95a43beefeb4f4628cfb11215f5a8e692f75947d1cb8f29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5efc4240-866"
age: 182905
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2150
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/webp
content-disposition: inline; filename="white-ig.webp"
vary: Accept
last-modified: Wed, 01 Jul 2020 07:58:56 GMT
cache-control: public, max-age=31536000
cf-ray: 8c7161cf898039d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 642
server: cloudflare

GET
H3 200 white-yt2.png
saratogany.wpenginepowered.com/wp-content/themes/Governor/images/ 322 B
549 B 90ms
86ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/images/white-yt2.png
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e8abe1182f8737557d55860197273a4f32db882328bc28b92cdad19054b78f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5efc4240-65a"
age: 189853
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1626
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/webp
content-disposition: inline; filename="white-yt2.webp"
vary: Accept
last-modified: Wed, 01 Jul 2020 07:58:56 GMT
cache-control: public, max-age=31536000
cf-ray: 8c7161cf898139d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 322
server: cloudflare

GET
H3 200 900x500_Hotel_StayAndPlayPackage-900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2020/05/ 98 KB
98 KB 156ms
132ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/05/900x500_Hotel_StayAndPlayPackage-900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d816cd23266b1ee1a20bd92127fdea61a88bcede483640e7dd89a13fc64c8691

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "5efc425c-18d7c"
age: 106472
cf-cache-status: HIT
cf-ray: 8c7161d08aa039d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=101756
content-length: 100463
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 07:59:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 900x500_Casino_JackpotWinners-900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2020/06/ 115 KB
116 KB 128ms
77ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/06/900x500_Casino_JackpotWinners-900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bb84778c84e0cd464675e41936b476bc48f0c0c13c77c8148bf62bfe8fbd628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "5efc425e-1d024"
age: 1571704
cf-cache-status: HIT
cf-ray: 8c7161d09aae39d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=118820
content-length: 118250
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 07:59:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 900x500_Casino_Clubcards-900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2020/06/ 82 KB
82 KB 152ms
150ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/06/900x500_Casino_Clubcards-900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464b5543893cfbd8cfe8fbc4cf174452c00fecdbd8ae7bbc724bad98a5b7b87b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5efc425e-153da"
age: 2759463
cf-cache-status: HIT
cf-polished: origSize=87002
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 07:59:26 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8c7161d50fb839d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84230
server: cloudflare

GET
H3 200 900x500_Casino_Games-900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2020/06/ 106 KB
106 KB 158ms
127ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/06/900x500_Casino_Games-900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53295e2de72408d2f37f34cd3b45af55d0934ab1f52af1ef9d3039f24cb391db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "5efc425e-1aa29"
age: 106473
cf-cache-status: HIT
cf-ray: 8c7161d5582339d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=109097
content-length: 108507
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 07:59:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 900x500_Casino_VIPLounge-900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2020/06/ 95 KB
95 KB 91ms
74ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/06/900x500_Casino_VIPLounge-900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626ef3a690cda6f4b9ba33f17730f674cc97352325657541f81d2e3516f28f4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5efc425e-17d40"
age: 2166667
cf-cache-status: HIT
cf-polished: origSize=97600
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 07:59:26 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8c7161d6594939d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96983
server: cloudflare

GET
H3 200 900x500_Casino_Host-900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2020/06/ 47 KB
47 KB 160ms
142ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/06/900x500_Casino_Host-900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac35c6b0a1f0b047a0c61ba377c2d4a21076aae20c8a6919bb37718d9bba429b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "5efc425e-c219"
age: 191046
cf-cache-status: HIT
cf-ray: 8c7161d6695039d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=49689
content-length: 48032
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 07:59:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ThirstyThursdays_900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2023/02/ 248 KB
249 KB 128ms
109ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2023/02/ThirstyThursdays_900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fa95db6662dd7e5b9c999660b94b6b935037bb0e1bb3240e6da2e7f2c5f32b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "63ebdccd-3f8c7"
age: 182905
cf-cache-status: HIT
cf-ray: 8c7161d6695839d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=260295
content-length: 254335
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Tue, 14 Feb 2023 19:11:09 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Sept2024_FoodSpecials_900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2024/09/ 386 KB
387 KB 163ms
144ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2024/09/Sept2024_FoodSpecials_900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a738748592b5dc49da10e786f8b154a514e2011db7e1d36d183082814714023c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "66d71337-7468b"
age: 1598335
cf-cache-status: HIT
cf-ray: 8c7161d6695b39d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=476811
content-length: 395749
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Tue, 03 Sep 2024 13:46:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Sept2024_20KPumpkinSpicePayDay_900x500.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2024/08/ 306 KB
307 KB 183ms
164ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2024/08/Sept2024_20KPumpkinSpicePayDay_900x500.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f3bb7274a9249e2a6dcd705ed264a006457a2b7dd91e89944f592d897aa3d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "66cf6750-5e502"
age: 1659861
cf-cache-status: HIT
cf-ray: 8c7161d6695d39d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=386306
content-length: 313737
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 18:07:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ny-lottery-logo.png
saratogany.wpenginepowered.com/wp-content/uploads/2016/04/ 19 KB
20 KB 183ms
164ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2016/04/ny-lottery-logo.png
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ba98866a1ff8adb1c2f566ce93f73e775afa805485dfc9c16b306856c96943

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5888229d-6a78"
age: 2263243
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=27256
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/webp
content-disposition: inline; filename="ny-lottery-logo.webp"
vary: Accept
last-modified: Wed, 25 Jan 2017 03:59:25 GMT
cache-control: public, max-age=31536000
cf-ray: 8c7161d6695f39d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19872
server: cloudflare

GET
H3 200 career-form.css
saratogany.wpenginepowered.com/wp-content/themes/Governor/css/ 19 KB
4 KB 100ms
95ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/career-form.css?ver=6.6.1
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9798d6f7a31a83dd635df12b46ec1ff0e70d18fa03db9fa9625fa3c4a96dcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6190bd8c-4c64"
age: 4458871
cf-ray: 8c7161cf898239d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Sun, 14 Nov 2021 07:41:00 GMT

GET
H3 200 jquery.slimscroll.js Show response
saratogany.wpenginepowered.com/wp-content/themes/Governor/js/ 13 KB
4 KB 91ms
86ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/js/jquery.slimscroll.js?ver=1.0
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa7c85d5dc4c36564cdf43318e56be3b3f3d0220c90142a8e8dcc5fa2b38e3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"59cd571f-351e"
age: 15368503
cf-ray: 8c7161cf898339d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 28 Sep 2017 20:10:07 GMT

GET
H3 200 custom.js Show response
saratogany.wpenginepowered.com/wp-content/themes/Governor/js/ 26 KB
5 KB 90ms
85ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/js/custom.js?ver=1.0
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e00f6490dda8e435af1810b46cefcf6b0abfb927b8d80531bff70ccc53e7905

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65e44d7f-6930"
age: 16647649
cf-ray: 8c7161cf898539d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Sun, 03 Mar 2024 10:14:23 GMT

GET
H2 200 video.js Show response
vjs.zencdn.net/6.2.5/ 670 KB
152 KB 89ms
85ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/6.2.5/video.js?ver=1.0
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3966e566ead70835836978e683873f99af4c098a261ca529400e74cbb04092c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
content-encoding: gzip
etag: "8f250b75de98110ca407d92ef318678b"
access-control-allow-origin: *
x-cache: HIT
content-length: 155758
date: Sun, 22 Sep 2024 09:48:55 GMT
last-modified: Wed, 16 Aug 2017 19:18:47 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220105-FRA
x-cache-hits: 0
vary: Accept-Encoding

GET
H3 200 modernizr.js Show response
saratogany.wpenginepowered.com/wp-content/themes/Governor/js/ 5 KB
3 KB 96ms
85ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/js/modernizr.js?ver=1.0
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab0cb43d4edb2a4410953eee55184c500243f87f5440869bf9c862a461a90629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"59cd571c-1493"
age: 16623275
cf-ray: 8c7161d03a3c39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 28 Sep 2017 20:10:04 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.11.4/ 460 KB
112 KB 24ms
19ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.js?ver=1.0
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: gzip
etag: W/"28feccc0-72e44"
age: 1565718
x-cache: HIT, HIT
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 63, 27822
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21950-LGA, cache-fra-etou8220105-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1726998536.608924,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114093
server: nginx

GET
H3 200 parallax.min.js Show response
saratogany.wpenginepowered.com/wp-content/themes/Governor/js/ 7 KB
2 KB 96ms
85ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/js/parallax.min.js?ver=1.4.2
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd328906f8967003ff0d0d7024d8afca13fc4097dcc54495dbaf591e44414bdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"59cd571c-1a05"
age: 2263863
cf-ray: 8c7161d03a3d39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 28 Sep 2017 20:10:04 GMT

GET
H3 200 skip-link-focus-fix.js Show response
saratogany.wpenginepowered.com/wp-content/themes/Governor/js/ 880 B
662 B 96ms
85ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"59cd571d-370"
age: 16640907
cf-ray: 8c7161d03a3e39d9-FRA
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 28 Sep 2017 20:10:05 GMT

GET 848c4c65-0280-442f-976f-c25c12813d3a
https://play-rocket-lab.xyz/ Frame 0
0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 384ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=56, rtx=0, c=23, mss=1232, tbw=4555, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: s6RDhrZjpLAHZFwuYUGk4N4M1j8q++5D6j1U9nyoc6N6T4pawCPKWURJUe6nE5gF5eq0lzY9e1xhTdQG1IKRIg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKaqlPKi1ogDFe-KgwcdU3AVAg;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775
5357617.fls.doubleclick.net/ Frame 26A7
Redirect Chain

https://5357617.fls.doubleclick.net/activityi;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775?
https://5357617.fls.doubleclick.net/activityi;dc_pre=CKaqlPKi1ogDFe-KgwcdU3AVAg;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775?

0
0

113ms
38ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5357617.fls.doubleclick.net/activityi;dc_pre=CKaqlPKi1ogDFe-KgwcdU3AVAg;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775?

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://play-rocket-lab.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1945
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Sep 2024 09:48:56 GMT
expires: Sun, 22 Sep 2024 09:48:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 Sep 2024 09:48:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5357617.fls.doubleclick.net/activityi;dc_pre=CKaqlPKi1ogDFe-KgwcdU3AVAg;src=5357617;type=sarrt;cat=sarca0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9422273669848.775?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/684101155/ 5 KB
2 KB 351ms
54ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/684101155/?random=1726998535650&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=IoX1CN-w7ewBEKOcmsYC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-684101155

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

3756b8fe96917acd80fc4b16f13e38ad8cffb5471a989d86a36b310bb715b6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2524
date: Sun, 22 Sep 2024 09:48:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 109ms
107ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-752220341&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-684101155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa517aca1449e084f6a87ca725cb44e3f1ba6846edeecb8ac90f438fb4a9d742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: br
expires: Sun, 22 Sep 2024 09:48:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 94783
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 109ms
107ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4CD380528X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-684101155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7e6aed6705340ac4cfa11a9be857c810cb13edb972d6ae84eba9ef6ff501a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 22 Sep 2024 09:48:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93694
date: Sun, 22 Sep 2024 09:48:55 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
105 KB 109ms
107ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QN4L09R5W4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-684101155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71b5d72517c3f81dc3074f459c66d27bbe2558f39723723e13d2159a16395698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 22 Sep 2024 09:48:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107288
date: Sun, 22 Sep 2024 09:48:55 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 home-hero2.jpg
saratogany.wpenginepowered.com/wp-content/themes/Governor/images/ 385 KB
385 KB 105ms
85ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/images/home-hero2.jpg
Requested by: Host: saratogany.wpenginepowered.com
URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae9649feca83eef3a1cebbb6cc986bd75478c002605f1f5673871fec86e2a973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "5b4e677d-602d7"
age: 16647638
cf-cache-status: HIT
cf-ray: 8c7161d0eb1639d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: status=not_needed
content-length: 393943
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/jpeg
last-modified: Tue, 17 Jul 2018 22:02:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Sept2024_Rav4_2000x1333.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2024/09/ 1 MB
1 MB 189ms
160ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2024/09/Sept2024_Rav4_2000x1333.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af4869c375215db73d8890db9ef1e544feae359c9dcb78de8f08bcd30949767

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "66d711b2-165388"
age: 1598336
cf-cache-status: HIT
cf-ray: 8c7161d0fb1e39d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=1463176
content-length: 1345393
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: image/jpeg
last-modified: Tue, 03 Sep 2024 13:40:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 2000x1333_0006_Casino_Girlsonthefloor-2000x1333.jpg
saratogany.wpenginepowered.com/wp-content/uploads/2020/05/ 428 KB
428 KB 182ms
163ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saratogany.wpenginepowered.com/wp-content/uploads/2020/05/2000x1333_0006_Casino_Girlsonthefloor-2000x1333.jpg
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52cb4fa7e02554d4a779924fba85d516383fa50ebb6d788d0a9338b4bf465eb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
etag: "6014093a-6cdc4"
age: 2166897
cf-cache-status: HIT
cf-ray: 8c7161d6696139d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
cf-polished: origSize=445892
content-length: 438405
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: image/jpeg
last-modified: Fri, 29 Jan 2021 13:10:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Acumin-Pro-Condensed.otf
saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/ 75 KB
75 KB 452ms
391ms Font
application/octet-stream 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/Acumin-Pro-Condensed.otf
Requested by: Host: saratogany.wpenginepowered.com
URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5265ce59f6eefc441de826c3f20be9204eb42dab144502cb3994f7f3fc9ebf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://play-rocket-lab.xyz
Referer: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: "5efc4240-12ca4"
cf-ray: 8c7161d109fb3a6e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76964
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: application/octet-stream
last-modified: Wed, 01 Jul 2020 07:58:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 lato-v17-latin-300.woff2
saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/lato-v17-latin/ 23 KB
23 KB 113ms
54ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/lato-v17-latin/lato-v17-latin-300.woff2
Requested by: Host: saratogany.wpenginepowered.com
URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://play-rocket-lab.xyz
Referer: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: "5ff2de03-5ad0"
age: 998838
cf-ray: 8c7161d10a023a6e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23248
date: Sun, 22 Sep 2024 09:48:55 GMT
content-type: font/woff2
last-modified: Mon, 04 Jan 2021 09:21:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 lato-v17-latin-regular.woff2
saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/lato-v17-latin/ 23 KB
23 KB 291ms
239ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/lato-v17-latin/lato-v17-latin-regular.woff2
Requested by: Host: saratogany.wpenginepowered.com
URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://play-rocket-lab.xyz
Referer: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: "5ff2de13-5bbc"
cf-ray: 8c7161d0f9ee3a6e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23484
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: font/woff2
last-modified: Mon, 04 Jan 2021 09:21:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://play-rocket-lab.xyz
Referer

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 lato-v17-latin-700.woff2
saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/lato-v17-latin/ 22 KB
23 KB 593ms
536ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/fonts/lato-v17-latin/lato-v17-latin-700.woff2
Requested by: Host: saratogany.wpenginepowered.com
URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://play-rocket-lab.xyz
Referer: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/css/saratoga-prototype.webflow.css

Response headers

cache-control: public, max-age=31536000
cf-cache-status: HIT
etag: "5ff2de08-59d0"
cf-ray: 8c7161d109f93a6e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22992
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: font/woff2
last-modified: Mon, 04 Jan 2021 09:21:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

/
www.google.de/pagead/1p-conversion/684101155/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm...
https://www.google.com/pagead/1p-conversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=160...
https://www.google.de/pagead/1p-conversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600...

42 B
64 B

168ms
66ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=IoX1CN-w7ewBEKOcmsYC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7ECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI-9qP8qLWiAMVy6j9Bx1DUDpdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSGwDpaXnfNWoZeTBSP7qjP4Ewyh7pQyzkygvgPw&random=2996759295&ipr=y

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/684101155/?random=1383746103&cv=11&fst=1726998535650&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=IoX1CN-w7ewBEKOcmsYC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7ECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI-9qP8qLWiAMVy6j9Bx1DUDpdMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSGwDpaXnfNWoZeTBSP7qjP4Ewyh7pQyzkygvgPw&random=2996759295&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 238ms
80ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4CD380528X&gtm=45je49j0v9189859862za200&_p=1726998535185&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dNDMyYj&cid=169540984.1726998537&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726998536&sct=1&seg=0&dl=https%3A%2F%2Fsaratogacasino.com%2Fcasino%2F&dt=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&tfd=2866
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4CD380528X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://play-rocket-lab.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 194ms
36ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4CD380528X&cid=169540984.1726998537&gtm=45je49j0v9189859862za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4CD380528X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://play-rocket-lab.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 118ms
110ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4CD380528X&cid=169540984.1726998537&gtm=45je49j0v9189859862za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1590197900

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 1312166769155761 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 190ms
174ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1312166769155761?v=2.9.167&r=stable&domain=play-rocket-lab.xyz&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

731987d59cbf23587f37a35ad8442151f78b8bd77029ba1cd9c5484481804084

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=68, mss=1232, tbw=67227, tp=64, tpl=0, uplat=145, ullat=1
pragma: public
x-fb-debug: 6bEKH4jbbfM93l0pOWoxVhf80OPfsRszBjhk591BR2jAWrPvn445INVL6et8Tln8XYhSNKNU1wPArglBgZzURA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 243 KB
86 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-823934038&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV39LC8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4a9a3f320faf0e260113d5de5327434c1498e1a81010663f62603a71b1b9daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: br
expires: Sun, 22 Sep 2024 09:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Sep 2024 09:48:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 88098
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 number-changer.js Show response
rw1.marchex.io/euinc/ 35 KB
10 KB 648ms
121ms Script
text/javascript 3.210.24.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rw1.marchex.io/euinc/number-changer.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV39LC8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.210.24.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-24-138.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6493ebe5a8bb3751f00d3c4e48d0c8a8c7dc46be0b79e78d8831f3a2f3f45526

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google-analytics.com privacy-policy.truste.com .marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com .marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' www.google-analytics.com privacy-policy.truste.com *.marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com *.marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
permissions-policy: accelerometer=(), autoplay=*, camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=*, payment=(), picture-in-picture=(), publickey-credentials-get=*, screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), hid=(), idle-detection=(), serial=(), window-placement=()
accept-ranges: bytes
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: text/javascript
vary: Accept-Encoding,User-Agent
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 9540cbe0-c338-0135-413a-067f653fa718 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 523ms
31ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/9540cbe0-c338-0135-413a-067f653fa718
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV39LC8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 49e351cb7ca7c85519829a176415ca63f62d478e6d92e81830b92e0ec78482e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

x-request-id: F_eIBQ_8VWBnlJEQjJ7D
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 57ms
52ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QN4L09R5W4&gtm=45je49j0v895772049za200&_p=1726998535185&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dNDMyYj&cid=169540984.1726998537&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726998537&sct=1&seg=0&dl=https%3A%2F%2Fsaratogacasino.com%2Fcasino%2F&dt=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3295
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QN4L09R5W4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://play-rocket-lab.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 58ms
55ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QN4L09R5W4&cid=169540984.1726998537&gtm=45je49j0v895772049za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QN4L09R5W4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://play-rocket-lab.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 63ms
61ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QN4L09R5W4&cid=169540984.1726998537&gtm=45je49j0v895772049za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=629302347

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/752220341/ 5 KB
3 KB 43ms
42ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/752220341/?random=1726998537152&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=qyUTCPD57d4BELXx1-YC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-752220341

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

d44f104e12a6b9308a4621bbdbead6225498a89733a4f3aa14b0209a36005b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2549
date: Sun, 22 Sep 2024 09:48:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 745528792471095 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 191ms
190ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/745528792471095?v=2.9.167&r=stable&domain=play-rocket-lab.xyz&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de0e1db111c40aa0d8e15c4bb945563c19a8d700651236c525cd17f8330b1ddb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=81, mss=1232, tbw=82971, tp=80, tpl=0, uplat=166, ullat=0
pragma: public
x-fb-debug: IRluYeRVwLv+OKM59gIgGyCox2//o7QfdUWfujGPR+T7wu1RiYK/cIz0LewXzSeaHg19XnnJcwhNz04Vd1icxA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 141ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1312166769155761&ev=PageView&dl=https%3A%2F%2Fplay-rocket-lab.xyz%2F&rl=&if=false&ts=1726998537339&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726998537334.457306214283647962&cs_est=true&ler=empty&cdl=API_unavailable&it=1726998536665&coo=false&rqm=GET

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 294ms
175ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1312166769155761&ev=PageView&dl=https%3A%2F%2Fplay-rocket-lab.xyz%2F&rl=&if=false&ts=1726998537339&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726998537334.457306214283647962&cs_est=true&ler=empty&cdl=API_unavailable&it=1726998536665&coo=false&rqm=FGET

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417402237299559997"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: hUllQKeR+zqKnyd5dLxSbQxQU8iejnITDEjeLFDOB1IBWIFRnwuB42XnhfI9c9rcpRpA/1D9cYB6o/8V79bfAw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417402237299559997", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1328, tbw=3342, tp=-1, tpl=-1, uplat=153, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 siteanalyze_6188719.js Show response
siteimproveanalytics.com/js/ 26 KB
9 KB 249ms
114ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6188719.js
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e78c12f070a36e0db605a88e6cd07383641c3e8757b5ff6d65a85265844fd55c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "89902c2bacd44c45b211e384faed11c6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHaC3OY3ZBNvlRJgKSAWKkdmwIg1LCjWKK%2BUSq3i9%2BdTbJaxyRfXw9FEbq4yVsXwqmX4foS1Pf5pdAjuXa0X%2F0kpot%2BxM5h8FxSKik3hQHcGLnS%2FT9PVlv9MKPG0n7kbUQzoozkUxhhDIvsvm1phiB64cITfzFM%3D"}],"group":"cf-nel","max_age":604800}
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 30 Oct 2022 17:10:26 GMT
vary: Accept-Encoding
x-amz-id-2: myKbLkmHdrj+zSIUw6dUZEanZERAo88H44izw6XHPdLR8wBSZ156NVoiNwlzkGXN8g+C+3k9y27tTbFQakof5Q==
cache-control: max-age=86400, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTH3H2NCAK2HJBJC
cf-ray: 8c7161db58086aec-FRA
accept-ranges: bytes
content-length: 8946
server: cloudflare

GET
H2 200 wp-emoji-release.min.js Show response
saratogacasino.com/wp-includes/js/ 18 KB
5 KB 662ms
321ms Script
application/javascript 104.196.225.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogacasino.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.225.92 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.225.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"667d6e6f-4926"
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Thu, 27 Jun 2024 13:51:43 GMT

GET admin-ajax.php
saratogacasino.com/wp-admin/ 0
0

POST admin-ajax.php
saratogacasino.com/wp-admin/ 0
0

OPTIONS
H2 403 admin-ajax.php
saratogacasino.com/wp-admin/ Frame 0
0 636ms
322ms Preflight
text/html 104.196.225.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogacasino.com/wp-admin/admin-ajax.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.225.92 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.225.196.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: POST
Origin: https://play-rocket-lab.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 22 Sep 2024 09:48:58 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding
x-powered-by: WP Engine

GET
H3

200

/
www.google.de/pagead/1p-conversion/752220341/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm...
https://www.google.com/pagead/1p-conversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=160...
https://www.google.de/pagead/1p-conversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600...

42 B
64 B

36ms
36ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=qyUTCPD57d4BELXx1-YC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjrxrECCJvHsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIkNLa8qLWiAMV3bH9Bx2BBj1aMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnf_2kdUg_pieSXrfhQK07vFPaH4-f-LlbZYMQQ4vBW5lseHdQU&random=791836469&ipr=y

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/752220341/?random=1074239683&cv=11&fst=1726998537152&bg=ffffff&guid=ON&async=1&gtm=45be49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&label=qyUTCPD57d4BELXx1-YC&hn=www.googleadservices.com&frm=0&tiba=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&gtm_ee=1&npa=1&pscdl=noapi&auid=1921805535.1726998536&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjrxrECCJvHsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIkNLa8qLWiAMV3bH9Bx2BBj1aMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnf_2kdUg_pieSXrfhQK07vFPaH4-f-LlbZYMQQ4vBW5lseHdQU&random=791836469&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 25ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=745528792471095&ev=PageView&dl=https%3A%2F%2Fplay-rocket-lab.xyz%2F&rl=&if=false&ts=1726998537545&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726998537334.457306214283647962&ler=empty&cdl=API_unavailable&it=1726998536665&coo=false&rqm=GET

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1328, tbw=3195, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 138ms
137ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=745528792471095&ev=PageView&dl=https%3A%2F%2Fplay-rocket-lab.xyz%2F&rl=&if=false&ts=1726998537545&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726998537334.457306214283647962&ler=empty&cdl=API_unavailable&it=1726998536665&coo=false&rqm=FGET

Requested by

Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417402238312411844"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: GVWauM+qMjDFvPbLQglid+h7QXOGmmDpdS0cb8BGdUrFKmVruVRM7RptQhyuNz8wqqpUU/vctLnStGsIVrX62A==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417402238312411844", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1328, tbw=6157, tp=-1, tpl=-1, uplat=112, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 image.aspx
6188719.global.siteimproveanalytics.io/ 34 B
149 B 127ms
22ms Image
image/gif 18.196.232.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6188719.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fplay-rocket-lab.xyz%2F&title=Casino%20-%20Saratoga%20Casino%20Hotel%2C%20New%20York&res=1600x1200&accountid=6188719&rt=3926&prev=41f7750e-7f8b-3dd7-ac34-c0e598be4564&luid=5c6a86eb-e111-acaa-6d55-0ba1ecaa7ddb&rnd=87777
Requested by: Host: play-rocket-lab.xyz
URL: https://play-rocket-lab.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.232.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-232-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

expires: Sun, 22 Sep 2024 09:48:57 UTC
cache-control: max-age=0
content-length: 34
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: image/gif

GET
H2 200 getnumdata.js Show response
rw1.marchex.io/euinc/ 249 B
1 KB 124ms
123ms Script
text/javascript 3.210.24.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rw1.marchex.io/euinc/getnumdata.js?var=_vsrkpd.d;acc=Ch4NmVoy0IMH0QCj;cky=rkpd_Ch4NmVoy0IMH0QCj;ign=1;url=https%3A%2F%2Fplay-rocket-lab.xyz%2F;

Requested by

Host: rw1.marchex.io
URL: https://rw1.marchex.io/euinc/number-changer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.210.24.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-24-138.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9cc931101a2405b613a9193c9433d96e78e582db658781566a599f1007fded39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google-analytics.com privacy-policy.truste.com .marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com .marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' www.google-analytics.com privacy-policy.truste.com *.marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com *.marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
permissions-policy: accelerometer=(), autoplay=*, camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=*, payment=(), picture-in-picture=(), publickey-credentials-get=*, screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), hid=(), idle-detection=(), serial=(), window-placement=()
accept-ranges: bytes
p3p: CP="NOI COR NID TAI OUR BUS STA"
date: Sun, 22 Sep 2024 09:48:57 GMT
content-type: text/javascript
vary: Accept-Encoding,User-Agent
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 p Show response
i.simpli.fi/ 800 B
764 B 39ms
30ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=120625&cb=sifi_att_1194010._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/9540cbe0-c338-0135-413a-067f653fa718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: be932219bb12ef5e8658fae996a5af3d50004f281d2cf6c7edff8982c1295c7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

GET
H3 200 favicon-32x32.png
saratogany.wpenginepowered.com/wp-content/themes/Governor/favicon/ 642 B
893 B 36ms
35ms Other
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://saratogany.wpenginepowered.com/wp-content/themes/Governor/favicon/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 831ac5005febb072125e97aa2c4c77dd9897529d6dffc75a338bd2d089d163de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cf-bgj: imgq:100,h2pri
etag: "5f114543-3fc"
age: 2669027
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1020
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/webp
content-disposition: inline; filename="favicon-32x32.webp"
vary: Accept
last-modified: Fri, 17 Jul 2020 06:29:23 GMT
cache-control: public, max-age=31536000
cf-ray: 8c7161df1b6239d9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 642
server: cloudflare

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=715A56134A7F47D9A80ABC7E95352A7D

0
237 B

264ms
48ms

Image
text/plain

2600:9000:211e:2c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=715A56134A7F47D9A80ABC7E95352A7D
Protocol: H2
Server: 2600:9000:211e:2c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: bffuBiwcM_ZGH1Lu28dWdJJTTD2Kxz_wUiy_0WYoUQwqlT6PPKeKfQ==
date: Sun, 22 Sep 2024 09:48:58 GMT
x-amz-cf-pop: FRA56-C2
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

715A56134A7F47D9A80ABC7E95352A7D
sync.1rx.io/usersync/simplifi/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/715A56134A7F47D9A80ABC7E95352A7D

0
0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=715A56134A7F47D9A80ABC7E95352A7D&dongle=yf3

37 B
140 B

217ms
26ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=715A56134A7F47D9A80ABC7E95352A7D&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=715A56134A7F47D9A80ABC7E95352A7D&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=715A56134A7F47D9A80ABC7E95352A7D

43 B
175 B

461ms
113ms

Image
image/gif

2600:1f18:612b:4200:3b83:7891:cba5:2ce7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=715A56134A7F47D9A80ABC7E95352A7D
Protocol: H2
Server: 2600:1f18:612b:4200:3b83:7891:cba5:2ce7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=715A56134A7F47D9A80ABC7E95352A7D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=715A56134A7F47D9A80ABC7E95352A7D

95 B
429 B

37ms
35ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=715A56134A7F47D9A80ABC7E95352A7D

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=715A56134A7F47D9A80ABC7E95352A7D
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Sun, 22 Sep 2024 09:48:58 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=715A56134A7F47D9A80ABC7E95352A7D
https://d.agkn.com/pixel/10751/?che=1726998538503&ip=217.114.215.132&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219703205013001254049
https://um.simpli.fi/aa_px?sk=219703205013001254049
https://um.simpli.fi/empty.gif

43 B
361 B

28ms
27ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=715A56134A7F47D9A80ABC7E95352A7D

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 40ms
34ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 40ms
34ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=715A56134A7F47D9A80ABC7E95352A7D;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=715A56134A7F47D9A80ABC7E95352A7D;mimetype=img;sr
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

0
75 B

31ms
31ms

Image
text/plain

51.178.195.216
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 51.178.195.216 , France, ASN16276 (OVH, FR),
Reverse DNS: ip216.ip-51-178-195.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

date: Sun, 22 Sep 2024 09:48:58 GMT
content-length: 0

Redirect headers

cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Sun, 22 Sep 2024 09:48:58 GMT
pragma: no-cache

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=715A56134A7F47D9A80ABC7E95352A7D&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=715A56134A7F47D9A80ABC7E95352A7D&j=0&xl8blockcheck=1

0
751 B

54ms
53ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=715A56134A7F47D9A80ABC7E95352A7D&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Sun, 22 Sep 2024 09:48:58 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=715A56134A7F47D9A80ABC7E95352A7D&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 40ms
35ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=715A56134A7F47D9A80ABC7E95352A7D

0
421 B

522ms
113ms

Image
text/plain

52.44.245.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=715A56134A7F47D9A80ABC7E95352A7D
Protocol: HTTP/1.1
Server: 52.44.245.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-245-245.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

Date: Sun, 22 Sep 2024 09:48:57 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=715A56134A7F47D9A80ABC7E95352A7D

62 B
445 B

333ms
173ms

Image
image/gif

2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=715A56134A7F47D9A80ABC7E95352A7D
Protocol: H2
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://stags.bluekai.com/site/29931?id=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

404

tpid=715A56134A7F47D9A80ABC7E95352A7D
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=715A56134A7F47D9A80ABC7E95352A7D

49 B
265 B

268ms
44ms

Image
image/gif

52.51.196.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=715A56134A7F47D9A80ABC7E95352A7D
Protocol: H2
Server: 52.51.196.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-196-91.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
x-server: 10.45.6.44
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=715A56134A7F47D9A80ABC7E95352A7D

0
223 B

296ms
47ms

Image
text/plain

63.34.208.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=715A56134A7F47D9A80ABC7E95352A7D
Protocol: H2
Server: 63.34.208.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-208-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 22 Sep 2024 09:48:58 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=715A56134A7F47D9A80ABC7E95352A7D

0
98 B

86ms
32ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=715A56134A7F47D9A80ABC7E95352A7D
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Sep 2024 09:48:58 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1726998538105&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDs...

42 B
64 B

51ms
50ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJvHsQI&pscrd=IhMI7_mS86LWiAMVwpL9Bx15Ay2KMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnfTn5T5pNKF17f0LVKDWG6IS51q2Sr0DFGie-TMc-za6F9zv9l&random=1429416645&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:58 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1793396100&cv=7&fst=1726998538105&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJvHsQI&pscrd=IhMI7_mS86LWiAMVwpL9Bx15Ay2KMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3BsYXktcm9ja2V0LWxhYi54eXov&is_vtc=1&cid=CAQSKQDpaXnfTn5T5pNKF17f0LVKDWG6IS51q2Sr0DFGie-TMc-za6F9zv9l&random=1429416645&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 22 Sep 2024 09:48:58 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 42ms
37ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Sun, 22 Sep 2024 09:48:58 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=715A56134A7F47D9A80ABC7E95352A7D
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D715A56134A7F47D9A80ABC7E95352A7D

43 B
1 KB

28ms
28ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D715A56134A7F47D9A80ABC7E95352A7D

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 1ab239bd-6213-4bf0-9ff0-6b2501e84ff9
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 22 Sep 2024 09:48:58 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D715A56134A7F47D9A80ABC7E95352A7D
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 8bcad754-cc62-422f-9d72-f6e81d015e59
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 22 Sep 2024 09:48:58 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=715A56134A7F47D9A80ABC7E95352A7D&expires=365

0
239 B

237ms
24ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=715A56134A7F47D9A80ABC7E95352A7D&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=715A56134A7F47D9A80ABC7E95352A7D&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=715A56134A7F47D9A80ABC7E95352A7D

43 B
264 B

224ms
33ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=715A56134A7F47D9A80ABC7E95352A7D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=715A56134A7F47D9A80ABC7E95352A7D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 21 Sep 2024 09:48:58 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 22 Sep 2024 09:48:58 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 84ms
32ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://play-rocket-lab.xyz/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Sun, 22 Sep 2024 09:48:58 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play-rocket-lab.xyz
URL: blob:https://play-rocket-lab.xyz/848c4c65-0280-442f-976f-c25c12813d3a

Domain: saratogacasino.com
URL: https://saratogacasino.com/wp-admin/admin-ajax.php?action=pys_get_pbid

Domain: saratogacasino.com
URL: https://saratogacasino.com/wp-admin/admin-ajax.php

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync/simplifi/715A56134A7F47D9A80ABC7E95352A7D

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=715A56134A7F47D9A80ABC7E95352A7D

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
play-rocket-lab.xyz/	1970-01-21 00:27:56	Name: _subid Value: 304ii3p6c5lp6
play-rocket-lab.xyz/	1970-01-21 09:19:18	Name: 4e582 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIwMTU1XCI6MTcyNjk5ODUzM30sXCJjYW1wYWlnbnNcIjp7XCI2MjE5XCI6MTcyNjk5ODUzM30sXCJ0aW1lXCI6MTcyNjk5ODUzM30ifQ.e3kirchO7Mykths1SeS2cWN4SwE-7py3EUBt8tvqm1s
.play-rocket-lab.xyz/	1970-01-21 01:52:54	Name: _gcl_au Value: 1.1.1921805535.1726998536
.doubleclick.net/	1970-01-21 04:02:30	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 00:26:30	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 09:04:54	Name: IDE Value: AHWqTUmjYhjdX8uMxhJ28NB9Gnaqzh4s_JoLU2r1o-hWrCIINJLTWOBiOnpOuDuf
.yieldoptimizer.com/	1970-01-21 08:28:54	Name: cktst Value: 784905750
.yieldoptimizer.com/	1970-01-21 08:28:54	Name: ckid Value: 3019200755693
.yieldoptimizer.com/	1970-01-21 08:28:54	Name: ph Value: %7B%22p%22%3A%5B1025%2C1490%2C1203%2C1476%2C39%2C1305%2C1084%2C1022%5D%2C%22t%22%3A%5B137841%2C137841%2C137841%2C137841%2C137841%2C137841%2C137841%2C137841%5D%7D
.play-rocket-lab.xyz/	1970-01-21 09:19:18	Name: _ga_4CD380528X Value: GS1.1.1726998536.1.0.1726998536.60.0.0
.play-rocket-lab.xyz/	1970-01-21 09:19:18	Name: _ga Value: GA1.1.169540984.1726998537
.adaraanalytics.com/	1970-01-21 08:28:54	Name: ckid Value: 3019200755693
.adaraanalytics.com/	1970-01-21 08:28:54	Name: aackid Value: 3019200755693
.turn.com/	1970-01-21 04:02:30	Name: uid Value: 3875406460037671905
.demdex.net/	1970-01-21 04:02:30	Name: demdex Value: 65513387835672019923950896342700730697
.dpm.demdex.net/	1970-01-21 04:02:30	Name: dpm Value: 65513387835672019923950896342700730697
.play-rocket-lab.xyz/	1970-01-21 09:19:18	Name: _ga_QN4L09R5W4 Value: GS1.1.1726998537.1.0.1726998537.60.0.0
.play-rocket-lab.xyz/	1970-01-21 01:52:54	Name: _fbp Value: fb.1.1726998537334.457306214283647962
.simpli.fi/	1970-01-21 08:30:20	Name: suid Value: 715A56134A7F47D9A80ABC7E95352A7D
play-rocket-lab.xyz/	1970-01-20 23:43:22	Name: pys_session_limit Value: true
play-rocket-lab.xyz/	1969-12-31 23:59:59	Name: pys_start_session Value: true
play-rocket-lab.xyz/	1970-01-20 23:53:23	Name: pys_first_visit Value: true
play-rocket-lab.xyz/	1970-01-20 23:53:23	Name: pysTrafficSource Value: direct
play-rocket-lab.xyz/	1970-01-20 23:53:23	Name: pys_landing_page Value: https://play-rocket-lab.xyz/
play-rocket-lab.xyz/	1970-01-20 23:53:23	Name: last_pysTrafficSource Value: direct
play-rocket-lab.xyz/	1970-01-20 23:53:23	Name: last_pys_landing_page Value: https://play-rocket-lab.xyz/
sync.srv.stackadapt.com/	1970-01-21 08:28:54	Name: sa-user-id Value: s%3A0-6437cbe9-fb91-568c-528a-47b2f29fb06d.63HNmnf6vhDehfA11t4UryGu%2B7Bz3O%2FG4KV0F%2BTYRwU
.srv.stackadapt.com/	1970-01-21 08:28:54	Name: sa-user-id Value: s%3A0-6437cbe9-fb91-568c-528a-47b2f29fb06d.63HNmnf6vhDehfA11t4UryGu%2B7Bz3O%2FG4KV0F%2BTYRwU
sync.srv.stackadapt.com/	1970-01-21 08:28:54	Name: sa-user-id-v2 Value: s%3AZDfL6fuRVoxSikey8p-wbdly14Q.HuZbCuv8OxcUispxvncjP%2ButyLNNYwuRWbE8SAHBRkw
.srv.stackadapt.com/	1970-01-21 08:28:54	Name: sa-user-id-v2 Value: s%3AZDfL6fuRVoxSikey8p-wbdly14Q.HuZbCuv8OxcUispxvncjP%2ButyLNNYwuRWbE8SAHBRkw
sync.srv.stackadapt.com/	1970-01-21 08:28:54	Name: sa-user-id-v3 Value: s%3AAQAKICmNla4uSNSNYFQ1-tU_mcUce-P5VQYtG0RwxXOvcrsAEGcYBCCJ0L-3BjABOgS9RxseQgSYEAll.PcziXD%2FH7ITI6oUg7NJEdYdWVmypu8HL0Kxca8jUq3M
.srv.stackadapt.com/	1970-01-21 08:28:54	Name: sa-user-id-v3 Value: s%3AAQAKICmNla4uSNSNYFQ1-tU_mcUce-P5VQYtG0RwxXOvcrsAEGcYBCCJ0L-3BjABOgS9RxseQgSYEAll.PcziXD%2FH7ITI6oUg7NJEdYdWVmypu8HL0Kxca8jUq3M
.yieldoptimizer.com/	1970-01-21 08:28:54	Name: dph Value: %7B%22t%22%3A%5B137841%2C137841%2C137841%5D%2C%22dp%22%3A%5B8064%2C3078%2C4889%5D%7D
.play-rocket-lab.xyz/	1970-01-21 09:19:18	Name: nmstat Value: 41f7750e-7f8b-3dd7-ac34-c0e598be4564
.simpli.fi/	1970-01-20 23:53:23	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-21 01:09:42	Name: TapAd_TS Value: 1726998538493
.tapad.com/	1970-01-21 01:09:42	Name: TapAd_DID Value: aa4c4f18-9e65-4d30-b9c8-2ee26a9972ed
.agkn.com/	1970-01-21 08:28:54	Name: ab Value: 0001%3AcSysjBHCfAWFG7UMdjDwA7D2TxknFgS3
.pro-market.net/	1970-01-21 04:02:30	Name: anProfile Value: "-cbtqlzqsuwvd+1+1f=1+1g=1+1j=41+rs=s+rt=20011B601010000310119DC9B60FBB8F+s2=(sk7klm)+vm=24-715A56134A7F47D9A80ABC7E95352A7D"
.pro-market.net/	1970-01-21 00:26:30	Name: anHistory Value: "-cbtqlzqsuwvd+2+!#6wM$}!TKj"
.tapad.com/	1970-01-21 01:09:42	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-21 01:52:54	Name: XANDR_PANID Value: 7njoxbYg-4epGnz9HVXXd__syZU8Z6iYZKmA0aoFktD2E2i8J-r3oxfiiYAJ_vbAVHnSKKBooIydW_PmdyBfa3hN_dEVSnMFwuk1DvLQkqg.
.adnxs.com/	1970-01-21 09:19:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:52:54	Name: uuid2 Value: 693945291749318611
.adnxs.com/	1970-01-21 01:52:54	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C$KdBjcE!]tbPl1N!7OnM$=BXI4jFzini.L>flx-ireV@2RcxY=[lxxo(k`W!nliVs'd_(vA(j#iP(Md+>)fyMimP:5
.exelator.com/	1970-01-21 02:36:06	Name: EE Value: "4599cd1291a579e1d601d3f5431be286"
.bluekai.com/	1970-01-21 04:03:56	Name: bku Value: blx999gGftqtCcAO
.bluekai.com/	1970-01-21 04:03:56	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEzhBDWNBMWpBWWlHMxlHekOmeOOxA1lHEAN1pD0xE5W9y9Z5xrq
.agkn.com/	1970-01-21 08:28:54	Name: u Value: C\|0AAAAAAAALoKkigAAAAAA
.exelator.com/	1970-01-21 02:36:06	Name: ud Value: "eJxrXxzq6XKLQcHE1NIyOcXQyNIw0dTcMtUwxczAMMU4zdTE2DAp1cjCbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0GGjQkvyizPRFLq6Li1LSGBaVFJ8KPskzEQBx1Cl2"
.bfmio.com/	1970-01-21 08:28:54	Name: __141_cid Value: 715A56134A7F47D9A80ABC7E95352A7D
.bfmio.com/	1970-01-21 08:28:54	Name: __io_cid Value: 5e3127431b2b359fe88e2d48761e8dc09344c0c3

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://play-rocket-lab.xyz/ Message: Access to XMLHttpRequest at 'https://saratogacasino.com/wp-admin/admin-ajax.php' from origin 'https://play-rocket-lab.xyz' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://saratogacasino.com/wp-admin/admin-ajax.php Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://play-rocket-lab.xyz/ Message: Access to XMLHttpRequest at 'https://saratogacasino.com/wp-admin/admin-ajax.php?action=pys_get_pbid' from origin 'https://play-rocket-lab.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://saratogacasino.com/wp-admin/admin-ajax.php?action=pys_get_pbid Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=715A56134A7F47D9A80ABC7E95352A7D Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=715A56134A7F47D9A80ABC7E95352A7D Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5357617.fls.doubleclick.net
6188719.global.siteimproveanalytics.io
aa.agkn.com
ajax.googleapis.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
play-rocket-lab.xyz
region1.analytics.google.com
rw1.marchex.io
s.ad.smaato.net
saratogacasino.com
saratogany.wpenginepowered.com
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
vjs.zencdn.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
play-rocket-lab.xyz
saratogacasino.com
sync.1rx.io
sync.intentiq.com
104.196.225.92
141.193.213.10
142.250.185.194
142.250.186.38
172.217.18.98
18.196.232.218
2.23.197.190
2001:4860:4802:32::36
2600:1901:0:8eee::
2600:1f18:612b:4200:3b83:7891:cba5:2ce7
2600:9000:211e:2c00:1b:5138:8a40:93a1
2606:4700:3033::6815:a2b
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:810::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::649
2a04:4e42:400::729
2a06:98c1:3121::3
3.210.24.138
3.76.227.64
34.111.113.62
34.251.73.197
34.254.143.3
34.98.64.218
35.204.158.49
35.234.162.151
35.244.174.68
37.252.172.123
51.178.195.216
52.44.245.245
52.51.196.91
63.34.208.184
69.173.144.138
76.223.111.18
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
03362a4f3e7292ae4dce16ffc6b8e3daf45643f9b4a2f1e3bcaf8ed6f992c35a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
113d5cf61aace5dc5a8a3a539f0266f8e1788facc6599748c136c8b71bc80e50
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
17fa95db6662dd7e5b9c999660b94b6b935037bb0e1bb3240e6da2e7f2c5f32b
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
26e8abe1182f8737557d55860197273a4f32db882328bc28b92cdad19054b78f
28ddfa546ced4902d56b13aa8c1c02fd593275f6edb00eaaa9d57f023ecee5ab
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3756b8fe96917acd80fc4b16f13e38ad8cffb5471a989d86a36b310bb715b6fd
3966e566ead70835836978e683873f99af4c098a261ca529400e74cbb04092c8
3cf0c33069b130aa3376b18102c71b9840fb45e7afd37e1f20000edec3f5583d
3e00f6490dda8e435af1810b46cefcf6b0abfb927b8d80531bff70ccc53e7905
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
464b5543893cfbd8cfe8fbc4cf174452c00fecdbd8ae7bbc724bad98a5b7b87b
49e351cb7ca7c85519829a176415ca63f62d478e6d92e81830b92e0ec78482e0
4aa7c85d5dc4c36564cdf43318e56be3b3f3d0220c90142a8e8dcc5fa2b38e3a
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52cb4fa7e02554d4a779924fba85d516383fa50ebb6d788d0a9338b4bf465eb7
53295e2de72408d2f37f34cd3b45af55d0934ab1f52af1ef9d3039f24cb391db
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
554ce3ea3197fb708c54dec587182e7b5af1ce730b85bf4bdced685537928abf
5a8595bbee1793e931c0702909ee5bb43ac98d7170a378979873856687b8f17a
5b61bb4ea0c7e1d10f9f21c8c82a90c0d65772909a94a3c2a7ac596f4cee6009
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
626ef3a690cda6f4b9ba33f17730f674cc97352325657541f81d2e3516f28f4b
6493ebe5a8bb3751f00d3c4e48d0c8a8c7dc46be0b79e78d8831f3a2f3f45526
6bb84778c84e0cd464675e41936b476bc48f0c0c13c77c8148bf62bfe8fbd628
6e9798d6f7a31a83dd635df12b46ec1ff0e70d18fa03db9fa9625fa3c4a96dcc
71b5d72517c3f81dc3074f459c66d27bbe2558f39723723e13d2159a16395698
71ba98866a1ff8adb1c2f566ce93f73e775afa805485dfc9c16b306856c96943
731987d59cbf23587f37a35ad8442151f78b8bd77029ba1cd9c5484481804084
7bb69f2363b8d61ca79aa77346468236ea06c62560a5b58bdff97e99c3bd7d65
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
831ac5005febb072125e97aa2c4c77dd9897529d6dffc75a338bd2d089d163de
845f7841b02ba35ff2cebb15453e0865d92410bb0127d0ca25fd6942b3de64a1
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
99ff02912da30b6b09fb7353c9edc4d582a8e3a5db5739704415b110ec4b91cb
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9af4869c375215db73d8890db9ef1e544feae359c9dcb78de8f08bcd30949767
9b6e6fa411a9a8c54a4d47e3abbf36a0407e41dd9bcab8c1eabc59d6106dc22b
9cc931101a2405b613a9193c9433d96e78e582db658781566a599f1007fded39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1cb8b001290eb08c3ea80820ba7734305f516f568687ae0b7db7a1e877f754f
a5265ce59f6eefc441de826c3f20be9204eb42dab144502cb3994f7f3fc9ebf7
a53932599526d3ce49e8997a3f3961961721e2395ea336485f6b876095bf0e6a
a738748592b5dc49da10e786f8b154a514e2011db7e1d36d183082814714023c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab0cb43d4edb2a4410953eee55184c500243f87f5440869bf9c862a461a90629
ac35c6b0a1f0b047a0c61ba377c2d4a21076aae20c8a6919bb37718d9bba429b
ae9649feca83eef3a1cebbb6cc986bd75478c002605f1f5673871fec86e2a973
af97c548ac87d8598126b6bb96c9900d9eaa11004ddc7ff13ff464afb657d6d7
b4a9a3f320faf0e260113d5de5327434c1498e1a81010663f62603a71b1b9daa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be932219bb12ef5e8658fae996a5af3d50004f281d2cf6c7edff8982c1295c7b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb978cc396084484b8f0f52ceebf93e9b1b99ee0480992923133733bee903f9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f3bb7274a9249e2a6dcd705ed264a006457a2b7dd91e89944f592d897aa3d0
d44f104e12a6b9308a4621bbdbead6225498a89733a4f3aa14b0209a36005b35
d7e6aed6705340ac4cfa11a9be857c810cb13edb972d6ae84eba9ef6ff501a13
d816cd23266b1ee1a20bd92127fdea61a88bcede483640e7dd89a13fc64c8691
de0e1db111c40aa0d8e15c4bb945563c19a8d700651236c525cd17f8330b1ddb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7051586b874341df95a43beefeb4f4628cfb11215f5a8e692f75947d1cb8f29
e78c12f070a36e0db605a88e6cd07383641c3e8757b5ff6d65a85265844fd55c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f98fba519c5bb166ce2e5e8dc70ceb970e9194748baa545077374f4a8b897671
fa517aca1449e084f6a87ca725cb44e3f1ba6846edeecb8ac90f438fb4a9d742
fd328906f8967003ff0d0d7024d8afca13fc4097dcc54495dbaf591e44414bdb

play-rocket-lab.xyz Open in urlscan Pro 2606:4700:3033::6815:a2b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

79 %HTTPS

41 %IPv6

35 Domains

42 Subdomains

35 IPs

6 Countries

5281 kBTransfer

8881 kBSize

52 Cookies

45 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

play-rocket-lab.xyz Open in urlscan Pro
2606:4700:3033::6815:a2b Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

79 %
HTTPS

41 %
IPv6

35
Domains

42
Subdomains

35
IPs

6
Countries

5281 kB
Transfer

8881 kB
Size

52
Cookies

109 HTTP transactions
1 data transactions