www.winstar.com Open in urlscan Pro
52.7.84.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.winstar.com/
Effective URL:
https://www.winstar.com/
Submission: On November 18 via manual (November 18th 2024, 9:10:29 pm UTC) from US — Scanned from DE

Summary HTTP 232 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 35 domains to perform 232 HTTP transactions. The main IP is 52.7.84.240, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.winstar.com. The Cisco Umbrella rank of the primary domain is 887232.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 6th 2024. Valid for: a year.

This is the only time www.winstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	52.7.84.240 52.7.84.240	14618 (AMAZON-AES) (AMAZON-AES)
129	2600:9000:266... 2600:9000:266e:e400:6:ec6d:cb40:21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:8dd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	2.16.97.249 2.16.97.249	16625 (AKAMAI-AS) (AKAMAI-AS)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
12	2600:9000:264... 2600:9000:2644:da00:1c:394e:64c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:275... 2600:9000:275d:8400:9:7301:d4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	18.245.46.112 18.245.46.112	16509 (AMAZON-02) (AMAZON-02)
1	18.245.46.63 18.245.46.63	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.213.161.204 23.213.161.204	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1 4	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
4 8	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
4	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	107.20.220.14 107.20.220.14	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.241.54.161 35.241.54.161	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (Amobee Am...) (Amobee Amobee EMEA Limited)
1 2	108.129.16.45 108.129.16.45	16509 (AMAZON-02) (AMAZON-02)
1 1	44.219.69.224 44.219.69.224	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
2	104.18.5.236 104.18.5.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.226.79.35 34.226.79.35	14618 (AMAZON-AES) (AMAZON-AES)
1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:275... 2600:9000:275b:9e00:e:6b13:2100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:26e... 2600:9000:26e8:8600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:7044:d421:e9fa:3958	16509 (AMAZON-02) (AMAZON-02)
232	45

10 52.7.84.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-84-240.compute-1.amazonaws.com

www.winstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

129 2600:9000:266e:e400:6:ec6d:cb40:21 (United States)

ASN16509 (AMAZON-02, US)

dkr2rmsityotp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.249 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-249.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2644:da00:1c:394e:64c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1awx0lut659jn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:275d:8400:9:7301:d4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

talkdeskchatsdk.talkdeskapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f131.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-112.fra56.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-63.fra56.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.adreadyclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.213.161.204 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-213-161-204.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.70 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

6820846.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10388130.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.220.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-220-14.compute-1.amazonaws.com

api.talkdeskapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (Amobee Amobee EMEA Limited, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.129.16.45 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-16-45.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.219.69.224 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-69-224.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.5.236 (None, )

ASN13335 (CLOUDFLARENET, US)

pixelconnector.adready.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.79.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-79-35.compute-1.amazonaws.com

wyv31614.live.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275b:9e00:e:6b13:2100:93a1 (United States)

ASN16509 (AMAZON-02, US)

qa-cdn-talkdesk.talkdeskdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26e8:8600:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:7044:d421:e9fa:3958 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
141	cloudfront.net dkr2rmsityotp.cloudfront.net d1awx0lut659jn.cloudfront.net	36 MB
15	doubleclick.net 4 redirects 6820846.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 145 10388130.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	4 KB
10	winstar.com www.winstar.com — Cisco Umbrella Rank: 887232	127 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	544 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3645 d.adroll.com — Cisco Umbrella Rank: 1673	30 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	141 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 google.com — Cisco Umbrella Rank: 1 region1.analytics.google.com — Cisco Umbrella Rank: 4108	989 B
4	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4958	2 KB
4	talkdeskapp.com talkdeskchatsdk.talkdeskapp.com — Cisco Umbrella Rank: 34780 api.talkdeskapp.com — Cisco Umbrella Rank: 26349	664 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531 match.adsrvr.org — Cisco Umbrella Rank: 377 insight.adsrvr.org — Cisco Umbrella Rank: 960	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
3	gstatic.com www.gstatic.com	240 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3653 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677 track.hubspot.com — Cisco Umbrella Rank: 2477	27 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	160 KB
3	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2580	2 KB
2	dynatrace.com wyv31614.live.dynatrace.com — Cisco Umbrella Rank: 39238	475 B
2	adready.com pixelconnector.adready.com — Cisco Umbrella Rank: 78004	1007 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194 ups.analytics.yahoo.com — Cisco Umbrella Rank: 548	522 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 10745	173 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
1	talkdeskdev.com qa-cdn-talkdesk.talkdeskdev.com — Cisco Umbrella Rank: 65971	997 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 281	224 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 606	1 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1126	415 B
1	adaraanalytics.com tag.adaraanalytics.com — Cisco Umbrella Rank: 31446	388 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 476	98 B
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3819	926 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 96	20 B
1	adreadyclick.com tracker.adreadyclick.com — Cisco Umbrella Rank: 68396	6 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 10001	578 B
1	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 25381	577 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2343	26 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2358	25 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 5095
232	35

	Domain	Requested by
129	dkr2rmsityotp.cloudfront.net	www.winstar.com dkr2rmsityotp.cloudfront.net
12	d1awx0lut659jn.cloudfront.net	www.winstar.com dkr2rmsityotp.cloudfront.net
10	www.winstar.com	dkr2rmsityotp.cloudfront.net www.winstar.com connect.facebook.net
6	10388130.fls.doubleclick.net	3 redirects www.googletagmanager.com
6	www.googletagmanager.com	www.winstar.com www.googletagmanager.com
5	analytics.tiktok.com	www.winstar.com analytics.tiktok.com
4	s.adroll.com	1 redirects www.winstar.com s.adroll.com
4	ad.doubleclick.net	www.winstar.com
4	tag.yieldoptimizer.com	1 redirects www.winstar.com
3	www.gstatic.com	www.google.com www.googletagmanager.com www.gstatic.com
3	talkdeskchatsdk.talkdeskapp.com	www.winstar.com talkdeskchatsdk.talkdeskapp.com
3	connect.facebook.net	www.winstar.com connect.facebook.net
3	js.hs-scripts.com	www.winstar.com www.googletagmanager.com
2	wyv31614.live.dynatrace.com	talkdeskchatsdk.talkdeskapp.com
2	pixelconnector.adready.com	tracker.adreadyclick.com
2	dpm.demdex.net	1 redirects www.winstar.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	google.com	www.googletagmanager.com
2	www.google.de	www.winstar.com
2	6820846.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	www.winstar.com
2	www.google.com	www.winstar.com www.googletagmanager.com
1	d.adroll.com	s.adroll.com
1	insight.adsrvr.org	js.adsrvr.org
1	track.hubspot.com
1	qa-cdn-talkdesk.talkdeskdev.com	www.winstar.com
1	ib.adnxs.com	www.winstar.com
1	ups.analytics.yahoo.com	www.winstar.com
1	cms.analytics.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	d.turn.com	1 redirects
1	tag.adaraanalytics.com	www.winstar.com
1	idsync.rlcdn.com	www.winstar.com
1	match.adsrvr.org	www.winstar.com
1	cm.g.doubleclick.net	www.winstar.com
1	perf-na1.hsforms.com	www.winstar.com
1	api.talkdeskapp.com	talkdeskchatsdk.talkdeskapp.com
1	region1.google-analytics.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	1 redirects
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.adsrvr.org	www.googletagmanager.com
1	tracker.adreadyclick.com	www.googletagmanager.com
1	cdn.callrail.com	www.googletagmanager.com
1	cdn.calltrk.com	www.googletagmanager.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	s7.addthis.com	www.winstar.com
232	50

This site contains links to these domains. Also see Links.

Domain
book.rguest.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
urldefense.com
www.winstarvillage.com
www.chickasawresponsiblegaming.com
adagaming.com
artesianhotel.com
www.myblackgoldcasino.com
mybordercasino.com
www.chickasawtravelstop.com
chisholmtrailcasino.com
mygoldmountaincasino.com
goldsbycasino.com
jetstreamcasino.com
lakecrestcasino.com
madillgaming.com
megastarcasino.com
newcastlecasino.com
theriverstarcasino.com
www.riverwind.com
www.saltcreekcasino.com
mytexomacasino.com
treasurevalleycasino.com
washitacasino.com
westbaycasino.com
www.tiktok.com
goo.gl
www.ncpgambling.org

Subject Issuer	Validity	Valid
winstar.com Amazon RSA 2048 M02	`2024-07-06` - `2025-08-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-28` - `2024-11-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
talkdeskapp.com Amazon RSA 2048 M03	`2024-02-01` - `2025-02-28`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
adreadyclick.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2024-07-10` - `2025-08-11`	a year	crt.sh
adready.com WE1	`2024-10-04` - `2025-01-02`	3 months	crt.sh
*.live.dynatrace.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-12-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
talkdeskdev.com Amazon RSA 2048 M03	`2024-08-24` - `2025-09-21`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M02	`2024-09-09` - `2025-10-09`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.winstar.com/
Frame ID: 55C408C9886B510FFF0AEE1971308B4E
Requests: 227 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.winstar.com
Frame ID: 1B893359BDF777AE909A9D377F2CC23F
Requests: 1 HTTP requests in this frame

Frame: https://6820846.fls.doubleclick.net/activityi;dc_pre=CNr248Dl5okDFU-4_Qcd4JsmRA;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181627262z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F
Frame ID: 8D701FB2D64B59240492517EBE52FB53
Requests: 1 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CImh5sDl5okDFcuo_QcdS-c2Eg;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F
Frame ID: E31015AEE98935AE5872570277A66E85
Requests: 1 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPGb5sDl5okDFZeS_QcdZvsH5w;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F
Frame ID: CAA5A31E13BD984CFFB5DEE21DFF1E06
Requests: 1 HTTP requests in this frame

Frame: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ-j5sDl5okDFda4_QcdwaIgMg;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F
Frame ID: FBABEFBB2F6D153DAC266657386C27C9
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=qrxks9s&ref=https%3A%2F%2Fwww.winstar.com%2F&upid=2i8akai&upv=1.1.0&paapi=1
Frame ID: 1A58BC50C3F368A14CB1C51A90249878
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to WinStar | The World's Biggest Casino

Page URL History Show full URLs

http://www.winstar.com/ HTTP 307
https://www.winstar.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

232
Requests

95 %
HTTPS

40 %
IPv6

35
Domains

50
Subdomains

45
IPs

6
Countries

39133 kB
Transfer

48596 kB
Size

46
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://book.rguest.com/onecart/wbe/offers/686/WinStar-World-Casino

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WinStarWorldCasino
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/winstarworld
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winstar_world/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Winstarcasino
Title: Youtube

Search URL Search Domain Scan URL

URL: https://urldefense.com/v3/__https:/seatgeek.com/venues/lucas-oil-live-at-winstar-world-casino-and-resort/concerts/tickets?aid=15861&pid=ad&rid=3&utm_medium=partnership&utm_source=winstar_sponsorship&utm_campaign=ad__;!!IMeFMrRG1GeY!eHLumNZXlvmvpOI9W2WHpHEVtEkVqi2TqW1M96m9mCKIRkqWOgwhikPSIuemy3rh1fgHQsqzRj0fAynuUjhJ1-sjO3U$
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.winstarvillage.com/
Title: Central Park at WinStar Village

Search URL Search Domain Scan URL

URL: http://www.chickasawresponsiblegaming.com/
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://adagaming.com/

Search URL Search Domain Scan URL

URL: https://artesianhotel.com/

Search URL Search Domain Scan URL

URL: https://www.myblackgoldcasino.com/

Search URL Search Domain Scan URL

URL: https://mybordercasino.com/

Search URL Search Domain Scan URL

URL: https://www.chickasawtravelstop.com/

Search URL Search Domain Scan URL

URL: https://chisholmtrailcasino.com/

Search URL Search Domain Scan URL

URL: https://mygoldmountaincasino.com/

Search URL Search Domain Scan URL

URL: https://goldsbycasino.com/

Search URL Search Domain Scan URL

URL: https://jetstreamcasino.com/

Search URL Search Domain Scan URL

URL: https://lakecrestcasino.com/

Search URL Search Domain Scan URL

URL: https://madillgaming.com/

Search URL Search Domain Scan URL

URL: https://megastarcasino.com/

Search URL Search Domain Scan URL

URL: https://newcastlecasino.com/

Search URL Search Domain Scan URL

URL: http://theriverstarcasino.com/

Search URL Search Domain Scan URL

URL: https://www.riverwind.com/

Search URL Search Domain Scan URL

URL: https://www.saltcreekcasino.com/

Search URL Search Domain Scan URL

URL: https://mytexomacasino.com/

Search URL Search Domain Scan URL

URL: https://treasurevalleycasino.com/

Search URL Search Domain Scan URL

URL: https://washitacasino.com/

Search URL Search Domain Scan URL

URL: https://westbaycasino.com/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@winstarworld
Title: tiktok

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/cw2ApAsm6pD2

Search URL Search Domain Scan URL

URL: https://www.ncpgambling.org/programs-resources/responsible-gaming/
Title: Responsible Gaming

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.winstar.com/ HTTP 307
https://www.winstar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://tag.yieldoptimizer.com/ps/ps?t=s&p=3773&pg=hm HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=497016045&t=s&p=3773&pg=hm

Request Chain 105

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181627262z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F HTTP 302
https://6820846.fls.doubleclick.net/activityi;dc_pre=CNr248Dl5okDFU-4_Qcd4JsmRA;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181627262z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F

Request Chain 107

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&dma=1&dma_cps=syphamo&npa=1&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&dma=1&dma_cps=syphamo

Request Chain 108

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CImh5sDl5okDFcuo_QcdS-c2Eg;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F

Request Chain 109

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPGb5sDl5okDFZeS_QcdZvsH5w;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F

Request Chain 110

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F HTTP 302
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ-j5sDl5okDFda4_QcdwaIgMg;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F

Request Chain 130

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3488204682239319137

Request Chain 131

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3019489371955&gdpr=&gdprconsent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3019489371955&gdpr=&gdprconsent=

Request Chain 132

https://sync.srv.stackadapt.com/sync?nid=adara&gdpr=&gdpr_consent=& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=adOgesjGVWdT0yjU-qKkd1D_B30

Request Chain 133

https://cms.analytics.yahoo.com/cms?partner_id=ADARA&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=

Request Chain 165

https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

232 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.winstar.com/
Redirect Chain

http://www.winstar.com/
https://www.winstar.com/

615 KB
72 KB

500ms
250ms

Document
text/html

52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-84-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5ef8fd059499d3331169f5dbbfbac1890f1c32df7a0e241e84db7c5f5f9cc362

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Nov 2024 21:10:18 GMT
link: <https://www.winstar.com/>; rel=shortlink
server: nginx
x-pj-cache-status: hit
x-tec-api-origin: https://www.winstar.com
x-tec-api-root: https://www.winstar.com/wp-json/tribe/events/v1/
x-tec-api-version: v1
x-upstream: CNDCFE3

Redirect headers

Location: https://www.winstar.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.min.css
dkr2rmsityotp.cloudfront.net/wp-includes/css/dist/block-library/ 110 KB
15 KB 177ms
47ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"67076c68-1b72b"
age: 70627
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 01:33:11 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: ishm7CFEQU8Aups8u3BTyYtqLMd1nKcFJQTguBuhJo0f59KOfbUDow==
date: Mon, 18 Nov 2024 01:33:11 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 05:55:52 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 style-wpzoom-social-icons.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/ 9 KB
1 KB 175ms
45ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.14
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c9113a1bdcfe16115abcc7c453812c94c6fa018fec8afe493a04bb8063a8491f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"6282cf32-229a"
age: 59398
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:40:20 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: gZrWzvK58AcYXVJ0D9hrVQKuQ4_S094AKVs8aUbb9ihieWKuMbg1CQ==
date: Mon, 18 Nov 2024 04:40:20 GMT
content-type: text/css
last-modified: Mon, 16 May 2022 22:24:50 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 video-styles-combined.min.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/css/ 54 KB
13 KB 181ms
51ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/css/video-styles-combined.min.css?ver=1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9b314496498a7981acb001c61520b307b3386689ac63049ef126f8c48e99cacb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"6216a2c0-d9c5"
age: 52054
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 06:42:44 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: u8OaytrmbW3P9Cj8M_H6KOD7rPqQoGsdt4vA-6sKp8PnFGY-FepSIw==
date: Mon, 18 Nov 2024 06:42:44 GMT
content-type: text/css
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 child-theme.min.css
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/ 1 MB
187 KB 213ms
83ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=1710508027
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e075f2dceeef32beb0caf68935eeb12570ea42d733ba461ec6e88a83ed5760db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"6511f4e7-159257"
age: 52910
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 06:28:28 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: utWvYrqwZWjpzlQ4V2JAR7kSc1m8xMSflMU7burgqLrbRBb-xu4DVA==
date: Mon, 18 Nov 2024 06:28:28 GMT
content-type: text/css
last-modified: Mon, 25 Sep 2023 21:00:23 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 hs-form.css
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/ 123 B
564 B 181ms
52ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/hs-form.css?ver=1710508027
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4bd64cd22c1d8ece9cd8cf838f3c3e6c58fbcdc7dce6b4d71d13ca763c4207b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "65c2761c-7b"
age: 70627
expires: Wed, 18 Dec 2024 01:33:11 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: nPea9vYcX75CDFxq-EaqrL1P5g2qeoiM4haADuaa8UYwY6XEIM87oQ==
date: Mon, 18 Nov 2024 01:33:11 GMT
content-type: text/css
last-modified: Tue, 06 Feb 2024 18:10:36 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 123
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 wpzoom-socicon.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 27 KB
5 KB 280ms
151ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=4.2.14-ca
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b598e785100ff539e7d63577404d946c916484ae1bbecba17a77e021654ca1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"654130fb-6c09"
age: 59398
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:40:20 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: Q4TSIQLyW6hRJ10OI_hyMjyEMu8uYLCp7baG1ymwxrRXciyltwrWCA==
date: Mon, 18 Nov 2024 04:40:20 GMT
content-type: text/css
last-modified: Tue, 31 Oct 2023 16:53:15 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 genericons.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 8 KB
2 KB 309ms
180ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=4.2.14-ca
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6d41c3967be2609d77bcab64b36fff22ab9c60d939c4afdd08d8a55a4f7d225c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"63c6eb08-1f26"
age: 59398
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:40:20 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 6Mjr72RsXXU2uRJfJIjP7N0tXwq6rwhTDxyOPldX_NLdT_PkYgvYbA==
date: Mon, 18 Nov 2024 04:40:20 GMT
content-type: text/css
last-modified: Tue, 17 Jan 2023 18:38:00 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 academicons.min.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 10 KB
2 KB 307ms
179ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=4.2.14-ca
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cd4aaa5ca156fd2e2663a27b8e288d8ed4a24fd55bfa7b1a0bc8027bbd43235d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"6541314a-27dd"
age: 59398
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:40:20 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: Ib3w4h9lgabc4ZF6g7Q7g3J43AyTBmHRkrhEPU6RlYKO2hLDcOjEDg==
date: Mon, 18 Nov 2024 04:40:20 GMT
content-type: text/css
last-modified: Tue, 31 Oct 2023 16:54:34 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 font-awesome-3.min.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 30 KB
7 KB 308ms
179ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=4.2.14-ca
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 014da2c2fc006d274518c09e430d055e117efc0f76be195e24998dd0c8ea92f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"63c6eb08-77d1"
age: 52054
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 06:42:44 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: aef4fbMNH11-AXpAM3xNEO7BU8w30rjiIQuNy0lFFs8-iw78REdc2w==
date: Mon, 18 Nov 2024 06:42:44 GMT
content-type: text/css
last-modified: Tue, 17 Jan 2023 18:38:00 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 dashicons.min.css
dkr2rmsityotp.cloudfront.net/wp-includes/css/ 58 KB
35 KB 291ms
163ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/css/dashicons.min.css?ver=6.6.2
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"640ecf27-e688"
age: 59398
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:40:20 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: FuYa-v3lBnTBL8BvH7nTruo2wtZXpPx2yVY8WjY7ihi_b8hGLVIevA==
date: Mon, 18 Nov 2024 04:40:20 GMT
content-type: text/css
last-modified: Mon, 13 Mar 2023 07:22:15 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 wpzoom-social-icons-styles.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/ 4 KB
1 KB 299ms
171ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=4.2.14-ca
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 09148db51869a0004928641ad0237e112dd76220637425f6a49dab5fa364bd78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"6008b236-e62"
age: 52054
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 06:42:44 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: dLjLLg_lm8Sk0-eLWvCIAAUPlwZfL8WMcmfzHzvSZyAPm-GkWoevUQ==
date: Mon, 18 Nov 2024 06:42:44 GMT
content-type: text/css
last-modified: Wed, 20 Jan 2021 22:44:06 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 unsemantic-grid-responsive-tablet.css
dkr2rmsityotp.cloudfront.net/wp-content/plugins/custom-lightweight-grid-columns/css/ 27 KB
4 KB 311ms
183ms Stylesheet
text/css 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/custom-lightweight-grid-columns/css/unsemantic-grid-responsive-tablet.css?ver=1.0
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 565be41b015066abca0a932cfb8748da75952ace8741964a4db6250947db1d95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"6216a2c0-6c3c"
age: 52054
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 06:42:44 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: Kf_2-f2VrpPGtE4btJ_2pgBjUL95SQupoUmh20wB91A3mp9qVzA8Zg==
date: Mon, 18 Nov 2024 06:42:44 GMT
content-type: text/css
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/ 86 KB
30 KB 353ms
226ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"669004ab-15601"
age: 59398
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:40:20 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: P7PBn9ou4Crlmer25WaqUdZ3_RyQNpNHj8yM-YcvyWWqvcYR4-6E1A==
date: Mon, 18 Nov 2024 04:40:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 16:13:31 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/ 13 KB
5 KB 309ms
181ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"65182b06-3509"
age: 68656
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 02:06:02 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: 4mu4nFtEKVQZ3CD4REjv9xwoBVYbLqJEDzZQY-s-YFaLI8KQt-zJeA==
date: Mon, 18 Nov 2024 02:06:02 GMT
content-type: application/javascript
last-modified: Sat, 30 Sep 2023 14:04:54 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 public.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/mabel-business-hours-indicator-pro/public/js/ 734 B
1 KB 351ms
224ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/mabel-business-hours-indicator-pro/public/js/public.min.js?ver=2.4.6
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d24ecb7eb37b4d96efa8e02f34934dd12e13681ba55925824fc5b48107d3fa78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "6216a2c0-2de"
age: 59398
expires: Wed, 18 Dec 2024 04:40:20 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: lvE8ZuQvCm89zS8rOnFls43vsu4uDC0lXEd-CtgHIj4trsrhGDHygQ==
date: Mon, 18 Nov 2024 04:40:20 GMT
content-type: application/javascript
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 734
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 whenDefined.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/ 420 B
873 B 349ms
222ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/whenDefined.js?ver=1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8d677c877ee196e63674af60b0b0efb884da667f034e2e7d5aba6fac671ee473

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "6216a2c0-1a4"
age: 46176
expires: Wed, 18 Dec 2024 08:20:42 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: NnleeZvVmXKICKHjDSu641vk95M9zWGp0a3B1a3HMK3NbNBhTMxQww==
date: Mon, 18 Nov 2024 08:20:42 GMT
content-type: application/javascript
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 420
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 intersection-observer.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 24 KB
7 KB 351ms
223ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/intersection-observer.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52fdc524903bf82b78d5deabff63aa9860e60f1801f9aa4d7f2ba185b6783f43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"661ffefb-6106"
age: 60840
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:16:18 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: tOVlOZ5rVsYuqiGrbaAmMbbK1H7h5ZrpF0pnJhB4ySxA8KQE-PJxcg==
date: Mon, 18 Nov 2024 04:16:18 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 16:55:23 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 winstar_logo_mobile.svg
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/ 5 KB
3 KB 174ms
172ms Image
image/svg+xml 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/winstar_logo_mobile.svg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 790db0690aea8526789baad5093b2ed144b126b2ae72b89bfeb8e80c77695142

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"64aff778-1330"
age: 52053
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 06:42:45 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: K-p3418QCryHgP-f3lUXXo9bgcOGsrTQgbgnH5nXn8CpAz7HqEjtPA==
date: Mon, 18 Nov 2024 06:42:45 GMT
content-type: image/svg+xml
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 winstar_logo_new.svg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/ 9 KB
4 KB 175ms
173ms Image
image/svg+xml 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/winstar_logo_new.svg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"5b884d86-2497"
age: 61478
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:05:40 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: aEQkhXdXH_oP7P8LNAqvIGX4L5HIi5t-P0GjYG1R730hkitpZOpGPw==
date: Mon, 18 Nov 2024 04:05:40 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Aug 2018 20:03:18 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 footer_map.jpg
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/ 22 KB
22 KB 40ms
40ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/footer_map.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0d6b33b87ffcc52f84fdbcdcc7536c9fadf39f8f37d05adc34d6db6cdb22bdfc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "64aff778-56c7"
age: 52054
expires: Wed, 18 Dec 2024 06:42:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: xQzC7Adt2zDy4O6W3H2u6pJ8mn9LvbPOM0DN9aj2VqXNIgznY1GVDQ==
date: Mon, 18 Nov 2024 06:42:45 GMT
content-type: image/jpeg
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22215
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 4132260.js Show response
js.hs-scripts.com/ 1 KB
692 B 282ms
170ms Script
application/javascript 2606:4700::6810:8dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/4132260.js?integration=WordPress&ver=10.2.16

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6bfc3c9c83567e557e618e70d1c690d3ab20ffc8d2d72fd7280cb4994e54289

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 21:11:49 GMT
date: Mon, 18 Nov 2024 21:10:19 GMT
x-hubspot-correlation-id: cc0ca7dc-03cc-4d1f-ad3e-8d72e0465ea2
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Mon, 18 Nov 2024 21:10:19 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e4af251aca59769-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 599
server: cloudflare

GET
H2 200 am-video-player.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/ 493 KB
138 KB 60ms
55ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b795ece97224449967780313c67b1b224db511d0f93ff734f5ab9bbcc3da0bfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"6216a2c0-7b534"
age: 70656
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 01:32:43 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: CbC5Tw9eULhKMI66rQlbKIVvL62mlSgy4cHZounW958roueGPT-MFA==
date: Mon, 18 Nov 2024 01:32:43 GMT
content-type: application/javascript
last-modified: Wed, 23 Feb 2022 21:10:24 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 ejs.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 20 KB
7 KB 50ms
44ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ejs.min.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 01ba0ea8fdbfdb6771a69fe9f211f66e2c74a344b8a1dc319d6c9b00e85a8b80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"661ffefb-5111"
age: 60841
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:16:18 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: doSURRo8OhHOAfgs6-DxVB63qq7aCzQ7TqjT6oehFLlE3vyMuFS2Vw==
date: Mon, 18 Nov 2024 04:16:18 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 16:55:23 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 jquery.validate.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/ 47 KB
13 KB 48ms
43ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/jquery.validate.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"64aff778-ba49"
age: 44884
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 08:42:15 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: W5btdm2yxO8pLy4LQ5LCqTi91v18CtWJXddvDoKTBnkrCpHOVvwzuA==
date: Mon, 18 Nov 2024 08:42:15 GMT
content-type: application/javascript
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 jquery.validate.defaults.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/ 2 KB
1 KB 49ms
43ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/src/js/jquery.validate.defaults.js?ver=2.0.80
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aab92c326a1bed55b744fc756d3d4b31148c8ee463ad0e69c65b73ad6b71692c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"64aff778-713"
age: 44884
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 08:42:15 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: Hq8842gn7DJYjDQItOYIIjxipYR5GKOfPsxekNnpeqLcFvqMIDKOJg==
date: Mon, 18 Nov 2024 08:42:15 GMT
content-type: application/javascript
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 child-theme.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 131 KB
42 KB 68ms
64ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/child-theme.min.js?ver=1710508030
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a5b407261124be4904ddd07caa1cd783397a092c58205596a89fc67a85682ad4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"667dc2fa-20bb8"
age: 46177
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 08:20:42 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: Usy2NeNoGQbP_YPoptTyTNyuKxPim3SNlPDbz4UqLAwvMUKKbxFjHQ==
date: Mon, 18 Nov 2024 08:20:42 GMT
content-type: application/javascript
last-modified: Thu, 27 Jun 2024 19:52:26 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 child-my-casino.min.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/ 221 KB
61 KB 49ms
44ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/js/child-my-casino.min.js?ver=1710508028
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 06d94802face5823d4d9afb101dd44c940f796756a957146083ecf3582a1a57c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
content-encoding: gzip
etag: W/"661ffefb-374d0"
age: 59398
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 04:40:21 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: W8CXXsPW-DlqkCgtJf9KonlvhZRD_NIcgKGlH5rRJlEiXAutSeIsOQ==
date: Mon, 18 Nov 2024 04:40:21 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 16:55:23 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 social-icons-widget-frontend.js Show response
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/ 860 B
1 KB 71ms
68ms Script
application/javascript 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=4.2.14-ca
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6853d729a67593739860d399dc73e21340de4f57bda79cc930f536e428967b4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5970f88a-35c"
age: 60841
expires: Wed, 18 Dec 2024 04:16:18 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: ofgPQWUPikIiUewRFGf_3Bb7qch4xMmT9y7SJTl7EQX2f8dheOHl1g==
date: Mon, 18 Nov 2024 04:16:18 GMT
content-type: application/javascript
last-modified: Thu, 20 Jul 2017 18:38:02 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 860
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
969 B 153ms
50ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f4.1e100.net

Software

ESF /

Resource Hash

2108ac60bc352011468c22c5405ad3d88912de0a4d76200e8869e7a4d7ff0e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 21:10:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 18 Nov 2024 21:10:19 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 4132260.js Show response
js.hs-scripts.com/ 1 KB
965 B 233ms
164ms Script
application/javascript 2606:4700::6810:8dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/4132260.js

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88f0ffb33869f774a62a54e526b6f25bb713e2ce04f6d980fbc784dec705f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 21:11:49 GMT
date: Mon, 18 Nov 2024 21:10:19 GMT
x-hubspot-correlation-id: 24f2e8b7-738b-4afa-b571-bd670e9c08bc
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Mon, 18 Nov 2024 21:10:19 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e4af251aca99769-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 593
server: cloudflare

GET
H/1.1 500
Internal Server Error addthis_widget.js
s7.addthis.com/js/300/ 0
0 195ms
44ms Script
text/html 2.16.97.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 18 Nov 2024 21:10:19 GMT
Content-Length: 27
Date: Mon, 18 Nov 2024 21:10:19 GMT
AK-GRN: 0.bc87645f.1731964219.1af54c4
Content-Type: text/html

GET 2383779d-ea9f-4acc-8f68-eaaacf1dd691
https://www.winstar.com/ Frame 0
0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 108ms
43ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js?v=next

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

ade94b0a7e4417aaff64183516b645a79405d6557ee0c8f0a92e20ab71f4ea0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-G3HtmDcH' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-G3HtmDcH' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4429, tp=9, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: 5PiFbKcYjuthUjWQpxmoau17NK7kZCH8ejQJ0ik0SBUNAIZIpLrVmvXasER5+Ds/hK0+hFJuzAOdaMDqPshv9g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62148
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 561 KB
145 KB 216ms
96ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c20e5c3fe30ec7c5dd2537ccda84257ea041eb80b9c347551a8c3e6a5455fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 18 Nov 2024 21:10:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 147345
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd0a451cd75927c91d18c54f90255c1c79098085e2762b39e2cc19b1ac0466c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 122 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81ae22dc9680379e1cc5fd07c05e54778d0b27b7f54b457c185cb7cab0076dd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b89abdec40ea33f0a1cf2b73329c9795f46316574335c6973664259682cf9be8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af868596366f8adf5f4ea63ccedc8d589ad345f4ea52e10938017db993c8d6d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 07-brother1816-regular-web.woff2
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/ 36 KB
37 KB 140ms
44ms Font
application/octet-stream 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/07-brother1816-regular-web.woff2
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=1710508027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winstar.com
Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=1710508027

Response headers

etag: "64aff778-9044"
age: 49267
expires: Wed, 18 Dec 2024 07:29:12 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: Imo7vZqC35wN5F7OipFyPgzapKXTVMQ42X4i1fhp0ACBnsPQsoZSMw==
date: Mon, 18 Nov 2024 07:29:12 GMT
content-type: application/octet-stream
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36932
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f59d86222a4388b32180ca2f63e7c1779386560d34431bc8e85d8e37b0aefbe5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winstar.com
Referer

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 11-brother1816-bold-web.woff2
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/ 35 KB
35 KB 222ms
127ms Font
application/octet-stream 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/11-brother1816-bold-web.woff2
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=1710508027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winstar.com
Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=1710508027

Response headers

etag: "64aff778-8a98"
age: 49267
expires: Wed, 18 Dec 2024 07:29:12 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: v-soZFV4SSJvc2d12WC6mb-07txb4QKe3MCzXUGstupeNi8TnY9MdQ==
date: Mon, 18 Nov 2024 07:29:12 GMT
content-type: application/octet-stream
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35480
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 09-brother1816-medium-web.woff2
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/ 37 KB
38 KB 141ms
46ms Font
application/octet-stream 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/fonts/brother-1816/09-brother1816-medium-web.woff2
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=1710508027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winstar.com
Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/css/child-theme.min.css?ver=1710508027

Response headers

etag: "64aff778-94d0"
age: 49267
expires: Wed, 18 Dec 2024 07:29:12 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: PmAoh-dxQreYsLuzI-HR7dGBHIZtUU3PJKpHb_cFr4gctBhfh1Pv1Q==
date: Mon, 18 Nov 2024 07:29:12 GMT
content-type: application/octet-stream
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38096
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 206 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4.mp4
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 1 MB
0 148ms
44ms Media
video/mp4 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4.mp4
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.winstar.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

etag: "2b1c850a6df3b3b2864499deac96c331"
age: 2583920
Content-Range: bytes 0-6534501/6534502
via: 1.1 debf5a1694fcb96cc13d895660321eda.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
Content-Length: 6534502
x-amz-cf-id: ymEbcpzN1GNh2f6rPzkNc9yPZ9ym3mlSotVVraezarCh8fvcXvWuYw==
date: Sat, 19 Oct 2024 23:25:00 GMT
content-type: video/mp4
last-modified: Fri, 21 Feb 2020 18:31:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6

GET
H2 200 socicon.woff2
dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/ 50 KB
50 KB 98ms
45ms Font
application/octet-stream 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff2?v=4.2.14-ca
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=4.2.14-ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: eb210b6abc60e5bb93d2a62f6467a74e9c7ca917dbc43e64b9125c5f2af2224a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winstar.com
Referer: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=4.2.14-ca

Response headers

etag: "64c66566-c74c"
age: 55570
expires: Wed, 18 Dec 2024 05:44:09 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: ejBkZspZUYR6wF08lN_c8RksMXHkkwWkBRWY9yL57u7UlYOic-ALNw==
date: Mon, 18 Nov 2024 05:44:09 GMT
content-type: application/octet-stream
last-modified: Sun, 30 Jul 2023 13:28:06 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51020
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H3 200 openbridge3.js Show response
connect.facebook.net/signals/plugins/ 242 KB
83 KB 40ms
39ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/openbridge3.js?v=next

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

5e87be3a91b9765545950e0e5382c2232e1989eed7362afc7701c6ccff10fc80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-3kcCfy8b' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3kcCfy8b' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=76, mss=1232, tbw=70333, tp=66, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: aHXH54CFe5sZW0UnwpBPphUGSV9xkFEJBuFUB546lh+3Tjak0KK2niBaUgx+it8SOD8tnkzD+Da/5Kfxf8zgWQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 84682
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 727075671205102 Show response
connect.facebook.net/signals/config/ 79 KB
16 KB 102ms
102ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727075671205102?v=next&r=stable&domain=www.winstar.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

d3eeae2961426a7c7746bce046deb48181c3eb2db1a206b75d62b822dcd9d4ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-JXXlFK5q' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-JXXlFK5q' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=124, mss=1232, tbw=157501, tp=140, tpl=0, uplat=63, ullat=0
pragma: public
x-fb-debug: qNp+B9J2YYUv/buHIBwG+fJZKK0cU6AvhC73wD3tyPrT6eWNkBjuM23Gqk8lgIz/ucQkuvjnVajYhfmUlVhFYg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 4132260.js Show response
js.hs-analytics.net/analytics/1731964200000/ 71 KB
25 KB 310ms
193ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1731964200000/4132260.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js?integration=WordPress&ver=10.2.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62000222840bacf8794dd992def0dc7e0a7a1f6070587b89476289111df8972

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 432a55ad-883c-4b6d-a75f-1bacc47180dc
content-encoding: gzip
cf-cache-status: MISS
etag: W/"f729713497bec0ccedc192ec22c24554"
x-amz-version-id: null
expires: Mon, 18 Nov 2024 21:15:19 GMT
x-evy-trace-listener: listener_https
date: Mon, 18 Nov 2024 21:10:19 GMT
x-hubspot-correlation-id: 432a55ad-883c-4b6d-a75f-1bacc47180dc
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:42:21 GMT
vary: origin, Accept-Encoding
x-amz-id-2: UgDCZ7+FNyd7/SxNktih0xU4UE43/ZcV3hW0Xsskh4J3r3qDQ3AgJTbyFFSTOjNfiPhB6oeJukY=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-wjf2r
x-envoy-upstream-service-time: 38
access-control-allow-credentials: false
x-amz-request-id: 7BEKH258G1H4051C
cf-ray: 8e4af2539ae7bbdd-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4132260/ 71 KB
26 KB 466ms
350ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4132260/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js?integration=WordPress&ver=10.2.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4493309b76de8b147bfd023d5c11a3148e101694f270a04444537eb658d25082

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: f0c6ee1d-2d01-49d3-bd43-bf597c1856e3
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"8071a9ea84b32dde4e00834f26400501"
x-amz-version-id: Ai8ZNJHpWK5x.dg.ldHO0l8PcPoz53cQ
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Mon, 18 Nov 2024 21:15:19 GMT
x-evy-trace-listener: listener_https
date: Mon, 18 Nov 2024 21:10:19 GMT
x-hubspot-correlation-id: f0c6ee1d-2d01-49d3-bd43-bf597c1856e3
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 15 Apr 2024 14:20:16 GMT
vary: origin, Accept-Encoding
x-amz-id-2: oI/so/VoZOmtB6dZmcjbXW129Z9G3VvUfiRM9EDcdq0ZBOoh8zZ/cPyTskEKiIlHl4KG0JVoszi3Jb8Bj71UiSFS7eKVlCpb
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-27f6l
x-envoy-upstream-service-time: 74
access-control-allow-credentials: true
x-amz-request-id: K09KXAV2D34BB8NV
cf-ray: 8e4af2539bbd2c02-FRA
access-control-allow-origin: https://www.winstar.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 279ms
163ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4132260.js?integration=WordPress&ver=10.2.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1adb8f4ff0f589850abec6b8c7802e2d3439388ac02ca1634869a2642ca4386d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winstar.com
Referer: https://www.winstar.com/

Response headers

x-request-id: 7d7eb567-40c2-43ca-a482-00b0b073f26c
content-encoding: gzip
cf-cache-status: EXPIRED
x-amz-version-id: c2Jc_8cU.BBkGlDm8HIc5dijlex1B2uR
etag: W/"a38d86c9f9be42e9c8c2b36ef58a3f75"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhiwz3m08AMkIaU0Lf0mG7PhHV5xftbVwScGh6Ky9vJgA1y5aeagmW8THVk9G7pC3cMuJFwxXyzxiDgtLmmzJHMNoi3I1R6G2QgQoDkUYoFc6uLbOkbrADCgmldq7I%2F8ppZJvIrhaCOTXc5D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: fk578WLtWaP37_ER65tVe3zaY9OELCqQetIskYhNmbNf7osMEHU3cg==
x-hubspot-correlation-id: 7d7eb567-40c2-43ca-a482-00b0b073f26c
content-type: application/javascript; charset=utf-8
last-modified: Mon, 18 Nov 2024 11:52:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-km9nb
x-envoy-upstream-service-time: 7
x-hs-target-asset: web-interactives-embed/static-2.1751/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Mon, 18 Nov 2024 21:10:19 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1751/bundles/project.js&cfRay=8e4af2539db9bbbb-FRA
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-ray: 8e4af2539db9bbbb-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 21 B
443 B 410ms
408ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php?action=check_login_status

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-84-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4a40fdd50fa2fa6991af1f9fb09e1d83a2b75f52c45bb2e949fa7adf17e066b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.winstar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
pragma: no-cache
x-pj-cache-status: miss
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE2
x-frame-options: SAMEORIGIN

GET
H2 200 talkdeskchatsdk.js Show response
talkdeskchatsdk.talkdeskapp.com/ 2 MB
424 KB 212ms
100ms Script
application/x-javascript 2600:9000:275d:8400:9:7301:d4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8400:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a3dbaafa3a954d0904cb2bf9a86195b74c14994cc4cbeffd136664fe274a7c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
content-encoding: gzip
etag: W/"214cad8fbb41cf38a7008f9bdfa0a23e"
x-amz-version-id: xaKMhkC1yIH4jjW.X4Szm0EC8Rwl4orL
age: 285
via: 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: aTs-83mDF1N-iUUU26TJ7Jsa2-y0FUrxd2OHJ1kff6s-gEAnOvVsIQ==
date: Mon, 18 Nov 2024 21:05:34 GMT
content-type: application/x-javascript
last-modified: Tue, 22 Oct 2024 03:38:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET fa5404fe-e732-4163-9cd3-bdcc2272947c
https://www.winstar.com/ Frame 0
0

GET
H2 200 winstar-globe-dusk-768x455.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/01/ 59 KB
60 KB 51ms
48ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/01/winstar-globe-dusk-768x455.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3e732b56ee037ec03322062dfd3460e2d4ae15e48b797045e3d52ed2b375938b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253acb-ecd0"
age: 60840
expires: Wed, 18 Dec 2024 04:16:18 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: HQe7_cupfkS498XGT1irMbTXLjTGZ47CNh24ZaXqsuI1vl-hC12vjw==
date: Mon, 18 Nov 2024 04:16:18 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 20:32:11 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60624
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 Winstar_LOL_Dero-17-scaled-768x512.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/06/ 54 KB
54 KB 47ms
43ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/06/Winstar_LOL_Dero-17-scaled-768x512.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5271ed90abfbf9de2d1fd715b63157067d1a57212687a749a3bf63c81288ed07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67378877-d6ca"
age: 60840
expires: Wed, 18 Dec 2024 04:16:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: fEJ8FGwAaKGzPmR5Nz90ebFOujVh1Tz2J0ARh7eICC_3X79Ve7-Adw==
date: Mon, 18 Nov 2024 04:16:19 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 17:44:23 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54986
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-spa-web-A-1920x1080-3.01-AT-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/ 52 KB
52 KB 55ms
52ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/cndc-ws-spa-web-A-1920x1080-3.01-AT-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 91ed3916ddc6356d44ca000dd2b6411e35c3c8a7f5b3e9054f959ed0c8022565

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253acf-cfbe"
age: 54689
expires: Wed, 18 Dec 2024 05:58:50 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: xO2gU45zQzBv8k0go9_iFfGRU_6j9m-3xLRyNTOhV5cEIzT-OpEtgQ==
date: Mon, 18 Nov 2024 05:58:50 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 20:32:15 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53182
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-apr-app-photo-1920x1080-1.00-AT-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/ 39 KB
40 KB 111ms
108ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/cndc-ws-apr-app-photo-1920x1080-1.00-AT-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 26997b33ed89614fbebe09dd7ceb978dcd585dcd63500e60ed7caf3c9867669c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253ad0-9dc7"
age: 60840
expires: Wed, 18 Dec 2024 04:16:18 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 9sCEMyDcbkln0E705W9xsGPozU1J4iVzrk4p6P5lFTqEXV5hO0I91A==
date: Mon, 18 Nov 2024 04:16:18 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 20:32:16 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40391
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 113ms
57ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winstar.com
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
age: 242236
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 01:53:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 01:53:03 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

GET
H2 200 wp-emoji-release.min.js Show response
www.winstar.com/wp-includes/js/ 18 KB
19 KB 246ms
245ms Script
application/javascript 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winstar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-84-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
etag: "669004ab-4926"
expires: Wed, 18 Dec 2024 21:10:19 GMT
accept-ranges: bytes
content-length: 18726
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 16:13:31 GMT
server: nginx

GET f3f1a522-b616-40e7-878e-3709fd954339
https://www.winstar.com/ Frame 0
0

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4.m3u8 Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 2 KB
787 B 163ms
56ms XHR
application/x-mpegurl 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4.m3u8
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b938761c37dc3d8b8d3154655d533b46c169b47841217e5c9db58dcb5de2d04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
etag: W/"4ec216c65e00a97a104f207a9032686a"
age: 2341489
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.winstar.com
x-cache: Hit from cloudfront
x-amz-cf-id: _I96J3Mqi4IF-iHe6KCIFrrBQwoaS89zNWGC9TblhB6NrhJNZrGTug==
date: Tue, 22 Oct 2024 18:45:31 GMT
content-type: application/x-mpegURL
last-modified: Fri, 21 Feb 2020 18:31:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
vary: Accept-Encoding,Origin

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 12 KB
5 KB 405ms
404ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-84-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8c7dc74ebd37ab69d43e8f0427b04031e6c3bbba048c015c605d6dd90814c131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.winstar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-pj-cache-status: miss
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
access-control-allow-origin: https://www.winstar.com
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE3
x-frame-options: SAMEORIGIN

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 35 KB
13 KB 518ms
517ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-84-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7caf7d67f35ddb9f968ecd2614a5d1144b6bfff02d223c42ff6db748266a02fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.winstar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-pj-cache-status: miss
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
access-control-allow-origin: https://www.winstar.com
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE2
x-frame-options: SAMEORIGIN

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 1 KB
981 B 552ms
551ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-84-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c3423c7d9240cfc86239d89aaf6046d02aa6ea444c760010583223065ccb7ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.winstar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
pragma: no-cache
x-pj-cache-status: miss
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
access-control-allow-origin: https://www.winstar.com
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE1
x-frame-options: SAMEORIGIN

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 102 KB
16 KB 772ms
771ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-84-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5f4dd009bac3d340234903a4f8f7801f60861972dd29edfbd31b3656bcfeb3c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.winstar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-pj-cache-status: miss
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
access-control-allow-origin: https://www.winstar.com
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE3
x-frame-options: SAMEORIGIN

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 0
391 B 645ms
643ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-84-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.winstar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-pj-cache-status: miss
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
access-control-allow-origin: https://www.winstar.com
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE2
x-frame-options: SAMEORIGIN

POST
H2 200 admin-ajax.php Show response
www.winstar.com/wp-admin/ 1 KB
950 B 570ms
569ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winstar.com/wp-admin/admin-ajax.php

Requested by

Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-84-240.compute-1.amazonaws.com

Software

nginx /

Resource Hash

692617833abf8b47af4b814a8ae7f3a4629686ea61543b843992b45dc47e4847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.winstar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-pj-cache-status: miss
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
access-control-allow-origin: https://www.winstar.com
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE1
x-frame-options: SAMEORIGIN

POST
H2 200 / Show response
www.winstar.com/ 0
236 B 200ms
198ms XHR
text/html 52.7.84.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winstar.com/?ob=open-bridge/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/plugins/openbridge3.js?v=next
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.84.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-84-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.winstar.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
x-pj-cache-status: hit
expires: Thu, 19 Nov 1981 08:52:00 GMT
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/html; charset=UTF-8
server: nginx
x-upstream: CNDCFE3

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 113ms
53ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727075671205102&ev=PageView&dl=https%3A%2F%2Fwww.winstar.com%2F&rl=&if=false&ts=1731964219478&sw=1600&sh=1200&v=next&r=stable&a=wordpress-6.6.2-3.0.16&ec=0&o=12318&eid=ob3_plugin-set_5f45401b6fa76b937238d2899c51f18ac5dea8ddaa1c942392ac09e4a6b6e24a&fbp=fb.1.1731964219476.98681693945207380&cs_est=true&ler=empty&cdl=API_unavailable&it=1731964219229&coo=false&rqm=GET

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4510, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 295ms
235ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=727075671205102&ev=PageView&dl=https%3A%2F%2Fwww.winstar.com%2F&rl=&if=false&ts=1731964219478&sw=1600&sh=1200&v=next&r=stable&a=wordpress-6.6.2-3.0.16&ec=0&o=12318&eid=ob3_plugin-set_5f45401b6fa76b937238d2899c51f18ac5dea8ddaa1c942392ac09e4a6b6e24a&fbp=fb.1.1731964219476.98681693945207380&cs_est=true&ler=empty&cdl=API_unavailable&it=1731964219229&coo=false&rqm=FGET

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438729678862835604"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: SbGM7hQYCmwOsZYOHYU2gWpKwGwFS0PvqezvClmRlXi9o45fa5cEMSLqnJRtXIHxLRIeSTkmL7Qv+n14+xc0sw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438729678862835604", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=23, mss=1232, tbw=4878, tp=13, tpl=0, uplat=179, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 winstar-promotion-gaming-new-member-promotion-primary-480x360.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2020/05/ 117 KB
117 KB 96ms
94ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2020/05/winstar-promotion-gaming-new-member-promotion-primary-480x360.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a91f9b62a99493d2ff6429e5174a63d42286a19b67baa04b18f4e642a4ccfdec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5ece9086-1d231"
age: 54688
expires: Wed, 18 Dec 2024 05:58:51 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: IbkUFTfrEYSC7itTnjD57II_uFcHePPoOM3ze6wMLibLEVjMuw-nFw==
date: Mon, 18 Nov 2024 05:58:51 GMT
content-type: image/png
last-modified: Wed, 27 May 2020 16:08:38 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119345
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 Winstar_LOL_Dero-17-scaled-480x320.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/06/ 25 KB
25 KB 210ms
207ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/06/Winstar_LOL_Dero-17-scaled-480x320.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b9dffeb08d2f8204f636035288f8908aea1d56707cf3c51efeee7be2ce98f21e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67378878-6224"
age: 15933
expires: Wed, 18 Dec 2024 16:44:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: yY8SH9ZY4JvGeISLqIZz6vLlwVnDwDgdiajwgiGZO7XLcdYjvUZHlg==
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 17:44:24 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25124
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 winstar-promotion-gaming-new-member-promotion-background-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2020/05/ 6 KB
6 KB 100ms
97ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2020/05/winstar-promotion-gaming-new-member-promotion-background-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f951f880831ace597004629f44a6b9e0444c38c1e8174f6e8d6914db5da0adfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "618c3673-16f2"
age: 54688
expires: Wed, 18 Dec 2024 05:58:51 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 8MqpbxzeQlryAUuT8Eh4JoZCkJ7ovmKsr6IKOW7erQjwbL_O7YE94Q==
date: Mon, 18 Nov 2024 05:58:51 GMT
content-type: image/jpeg
last-modified: Wed, 10 Nov 2021 21:15:31 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5874
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 winstar-promotion-gaming-new-member-promotion-background-480x270.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2020/05/ 3 KB
3 KB 101ms
98ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2020/05/winstar-promotion-gaming-new-member-promotion-background-480x270.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ba591f4ca26632b96864fd28ceeb44cd86ede34037270d4bc1ec28ec84add616

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "618c3674-aaa"
age: 60840
expires: Wed, 18 Dec 2024 04:16:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: vyYYfKCOvblXRyhdg-Rk-I7nLb-dfoxyv4idES7hZkPTblZRJ3uy1g==
date: Mon, 18 Nov 2024 04:16:19 GMT
content-type: image/jpeg
last-modified: Wed, 10 Nov 2021 21:15:32 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2730
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-spa-web-A-1920x1080-1.01-AT-4-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/09/ 59 KB
59 KB 242ms
239ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/09/cndc-ws-spa-web-A-1920x1080-1.01-AT-4-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6e0fa38e2375e82145cbc55ff7beb5fa8492f5d7b0f764caf0ec851810db5dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "6508778e-eb97"
age: 46176
expires: Wed, 18 Dec 2024 08:20:43 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: j2yTyyEzNbNVuRA1jKUsawTLuqAB5VulLkBv_DiU9ebrwlppYMWSZQ==
date: Mon, 18 Nov 2024 08:20:43 GMT
content-type: image/jpeg
last-modified: Mon, 18 Sep 2023 16:15:10 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60311
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-spa-web-A-1920x1080-1.01-AT-4-480x270.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/09/ 27 KB
28 KB 211ms
209ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/09/cndc-ws-spa-web-A-1920x1080-1.01-AT-4-480x270.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 65dc83e6a16c709c6426bb5ba8e408cdb0d31bfdd6a04e901e4ae537984257e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "6508778f-6d17"
age: 63919
expires: Wed, 18 Dec 2024 03:25:00 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: x0sRZJHMSAJ2cAvizDnEef6H2z5yNqM336MX-9kMmYAXQ8Ige6naSA==
date: Mon, 18 Nov 2024 03:25:00 GMT
content-type: image/jpeg
last-modified: Mon, 18 Sep 2023 16:15:11 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27927
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-nov24-drinkft-3olivemichelob-RV-1.00_web-768x432.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/10/ 425 KB
426 KB 102ms
101ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/10/cndc-ws-nov24-drinkft-3olivemichelob-RV-1.00_web-768x432.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f30efa2fa110db1f22af5d5a306cba6a3f4954d9295d5fe4b21bc2d824e2c18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253a9e-6a553"
age: 38889
expires: Wed, 18 Dec 2024 10:22:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: _Fi1lNenbQ4NuZC28PDiiXaWW1QEuqosI7mEFhXkBLKSJ5J1KcMnWA==
date: Mon, 18 Nov 2024 10:22:10 GMT
content-type: image/png
last-modified: Fri, 01 Nov 2024 20:31:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 435539
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-nov24-drinkft-3olivemichelob-RV-1.00_web-480x270.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/10/ 172 KB
173 KB 214ms
212ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/10/cndc-ws-nov24-drinkft-3olivemichelob-RV-1.00_web-480x270.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3dbfd9ceb00487694621ba11af851f03a325c16646e6b318270a47f173b2f94a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253aa1-2b01a"
age: 54687
expires: Wed, 18 Dec 2024 05:58:52 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 7mW0co9D18gWSCOvjsY_jD3QE59m-KGG_G78ugmrO2ldEZzK27YemQ==
date: Mon, 18 Nov 2024 05:58:52 GMT
content-type: image/png
last-modified: Fri, 01 Nov 2024 20:31:29 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176154
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-spa-web-A-1920x1080-1.01-AT-2-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/ 59 KB
59 KB 224ms
222ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/cndc-ws-spa-web-A-1920x1080-1.01-AT-2-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6e0fa38e2375e82145cbc55ff7beb5fa8492f5d7b0f764caf0ec851810db5dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "673392d0-eb97"
age: 59978
expires: Wed, 18 Dec 2024 04:30:41 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: w9gTOgaGuTSaguuiNMoMEuEciFkbEVgrOAy4wsjVRv6v1FXrecSyzQ==
date: Mon, 18 Nov 2024 04:30:41 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 17:39:28 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60311
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-spa-web-A-1920x1080-1.01-AT-2-480x270.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/ 27 KB
28 KB 241ms
239ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/cndc-ws-spa-web-A-1920x1080-1.01-AT-2-480x270.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 65dc83e6a16c709c6426bb5ba8e408cdb0d31bfdd6a04e901e4ae537984257e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "673392d1-6d17"
age: 63955
expires: Wed, 18 Dec 2024 03:24:24 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: gqcr6eMZQqDfnbq0itSEfNfrWUYFDwd1HDdgMHyZblnGgSvtNMyIeA==
date: Mon, 18 Nov 2024 03:24:24 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 17:39:29 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27927
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-cascades-mainbar-web-1920x1080-1.01-AT-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/ 68 KB
68 KB 221ms
220ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/cndc-ws-cascades-mainbar-web-1920x1080-1.01-AT-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5e8637c79b6a05bd176bd2e38df34d44763877482a2dd94e4bd520c6ef53f806

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66fad44d-10fd9"
age: 54686
expires: Wed, 18 Dec 2024 05:58:53 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: sOtwB1wLdNyLrXJwE-sPxWPkddx19z2F_-JyAmZ2GPscDEm5C9jSOQ==
date: Mon, 18 Nov 2024 05:58:53 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 16:39:41 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69593
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-cascades-mainbar-web-1920x1080-1.01-AT-480x270.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/ 30 KB
31 KB 242ms
241ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/cndc-ws-cascades-mainbar-web-1920x1080-1.01-AT-480x270.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3efda7c045d318cb91b575c5874c57669e2d3b04a4b642fba025c668daf964be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66fad44d-7838"
age: 54685
expires: Wed, 18 Dec 2024 05:58:53 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: tVcVuhG0wsJ75S6NzswHl98meWWjvYDYQZnK7_-vmHOOCPXDVjyeMA==
date: Mon, 18 Nov 2024 05:58:53 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 16:39:41 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30776
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 union-mesa-table-768x454.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2022/11/ 77 KB
77 KB 242ms
241ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2022/11/union-mesa-table-768x454.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3eba9618671886ce8adffe743790cd484ea9bcb076d0025668a0f9e57160ebcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66e45a6c-133ea"
age: 54687
expires: Wed, 18 Dec 2024 05:58:52 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: D2TUof-7Eib-S567JfHSu39DFuLL71xxdUJQYoNOjItXr4mC3rgxIg==
date: Mon, 18 Nov 2024 05:58:52 GMT
content-type: image/jpeg
last-modified: Fri, 13 Sep 2024 15:29:48 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78826
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 union-mesa-table-480x284.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2022/11/ 38 KB
39 KB 244ms
243ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2022/11/union-mesa-table-480x284.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e78e9975a25252a4e765ea29e4f77de9d1f9c0f8d004b11c81b712d256049980

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66e45a6c-9852"
age: 54687
expires: Wed, 18 Dec 2024 05:58:52 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: KM5p89tbl3jwJLX5r41HM2_haRVEGFoas85GtHrgQ28UhDNg3OiUlw==
date: Mon, 18 Nov 2024 05:58:52 GMT
content-type: image/jpeg
last-modified: Fri, 13 Sep 2024 15:29:48 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38994
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 winstar-promotions-ameneties-onyx-boutique-background-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/ 6 KB
6 KB 242ms
241ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/winstar-promotions-ameneties-onyx-boutique-background-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1fc11f1b18e7de7d8cbd36a2e3692719f1904644061a7433674ef9d3b435b267

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5cbf11fc-16f0"
age: 60839
expires: Wed, 18 Dec 2024 04:16:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: XYJtJ_5X5pExpdnbl65g-WJ89nr2L_PGo2jKLM4LuNxfvLR7oM0ygw==
date: Mon, 18 Nov 2024 04:16:19 GMT
content-type: image/jpeg
last-modified: Tue, 23 Apr 2019 13:24:12 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5872
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 winstar-promotions-ameneties-onyx-boutique-background-480x270.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/ 3 KB
3 KB 265ms
264ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/winstar-promotions-ameneties-onyx-boutique-background-480x270.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2f3a976e85a614d9eced5733ffe3246bcbbcf1d73eaed8f944ee25bec8d6e7c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5cbf11fd-aa8"
age: 54686
expires: Wed, 18 Dec 2024 05:58:53 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: TSPK1a9mkKzkwjZQav4KQ1-M1O-qpxs7QLD-4Mw3YYEL9NBWpy3WVQ==
date: Mon, 18 Nov 2024 05:58:53 GMT
content-type: image/jpeg
last-modified: Tue, 23 Apr 2019 13:24:13 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2728
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

POST
H3 200 collect
www.google.com/ccm/ 0
0 118ms
112ms Ping
text/plain 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.winstar.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=710903385.1731964220&auid=1024092750.1731964220&npa=1&gtm=45He4be0v79432195za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&tft=1731964219528&tfd=1558&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 437 KB
135 KB 129ms
115ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffdc56218f476b919fd90102670fed974062a62a82c2969d1a553132e8b75d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 21:10:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 138280
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 78ms
64ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-6820846&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1722bc07834f22873c8bc49975c86b752733ee99e7fbe4b376d36a21acaeff5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 18 Nov 2024 21:10:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84430
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 389ms
37ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
age: 6012
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 21:30:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 19:30:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 82ms
71ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10388130&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad4460ea944e0bd34215af487a69830a04a1017bc88cf0d9c748c697a68673d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 18 Nov 2024 21:10:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84463
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 288 KB
99 KB 123ms
112ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-991190777&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9889aa6a9477516700cc3185c25aec599983fb9ea4e3318c0eece65179e1414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 18 Nov 2024 21:10:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101037
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 loader.js Show response
www.gstatic.com/wcm/ 6 KB
2 KB 57ms
55ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: br
age: 532
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 22:01:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:01:27 GMT
last-modified: Wed, 20 Mar 2024 23:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 2133
x-xss-protection: 0
server: sffe

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/ 32 B
577 B 290ms
153ms Script
text/javascript 18.245.46.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calltrk.com/companies/462026401/824dd3a064b023b35582/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-112.fra56.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-request-id: 935d38ad-e61d-4ecb-b401-8168b63fcac2
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: d51gcERqp3YXUl0zNMGjLrOMEtm9hGhyUWTT1jt4vNpOaxOv8aPyJA==
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.011841
x-frame-options: SAMEORIGIN
cache-control: max-age=3600, public
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 ab3010c44069f62a66a4882fcd391e60.cloudfront.net (CloudFront)
content-length: 32
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9

GET
H2 200 4132260.js Show response
js.hs-scripts.com/ 1 KB
0 5ms
5ms Script
application/javascript 2606:4700::6810:8dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/4132260.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88f0ffb33869f774a62a54e526b6f25bb713e2ce04f6d980fbc784dec705f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 21:11:49 GMT
date: Mon, 18 Nov 2024 21:10:19 GMT
x-hubspot-correlation-id: 24f2e8b7-738b-4afa-b571-bd670e9c08bc
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Mon, 18 Nov 2024 21:10:19 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e4af251aca99769-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 593
server: cloudflare

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/ 32 B
578 B 260ms
148ms Script
text/javascript 18.245.46.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/979344130/cc344f703b96b30ff97c/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-63.fra56.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-request-id: 3b977d73-4ac0-4843-9588-f51e7df0d01d
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: nl3gNoWY0UdN_8l9p5JVFBQCQZGulTMO9NsaE7JW2jkYZimrjQVmbQ==
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.006439
x-frame-options: SAMEORIGIN
cache-control: max-age=3600, public
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
content-length: 32
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9

GET
H/1.1 200
OK flip.js Show response
tracker.adreadyclick.com/ 16 KB
6 KB 199ms
48ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.adreadyclick.com/flip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c90dffaa0f249869c9d88706df1539e60bfa12ed2749f4ece718f417acc356d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1699445765
x-goog-hash: crc32c=3+sOxg==, md5=j/2dXWe2LkmPSBwhL1DhLw==
CF-Cache-Status: HIT
etag: W/"8ffd9d5d67b62e498f481c212f50e12f"
Age: 2396
Content-Encoding: zstd
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MINU%2FUjLDif0QlMMSQCLOb8NvAaVrO5KIkFHVRGqlnk7fUIpY5sEnEJfGiwAGlqb3ekyPOLohhrTaaLCAKbmOgq4BTxanxKJc7e8nPANMgQYmhe7oKBRegd3BcL2wX6P1DlC3TPs1izSaKy%2BdcFvYyC6QemM5Ro%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Mon, 18 Nov 2024 21:10:01 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 16829
server-timing: cfL4;desc="?proto=TCP&rtt=39442&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3311&recv_bytes=2284&delivery_rate=103848&cwnd=252&unsent_bytes=0&cid=85adc798b7f4dd01&ts=69&x=0"
Date: Mon, 18 Nov 2024 21:10:19 GMT
Content-Type: application/javascript
last-modified: Wed, 08 Nov 2023 12:16:08 GMT
Vary: Accept-Encoding
x-guploader-uploadid: AHmUCY31cDa_RY65RKsQhj4OxkPFylV3T1oezxWsxwSIdBvIGPK8EsuRoUlQQ3JjG8k_mEyiBW4
Transfer-Encoding: chunked
Cache-Control: public, max-age=86400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
Connection: keep-alive
CF-RAY: 8e4af255de30d2db-FRA
x-goog-generation: 1699445767880174
Server: cloudflare

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 311ms
167ms Script
application/javascript 23.213.161.204
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNJL47RC77UC27SBQ8SG&lib=ttq
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2479b20bc07f8a06050d460b542afe3cd6d25ae2807b347bae4cc55bc15495c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires: Mon, 18 Nov 2024 21:10:19 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=7, inner; dur=3
x-cache: TCP_MISS from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: beafdbd.393b1375
x-tt-trace-host: 01c2468924648e9ed2eca39fac3ce3cb394172096491e8706197229aa4b6eb7d611fa9ee57bfc33caf9d517208d207e1cca9f62d53bfc4a4a85904f01502d01208ae879c06988691d1656d1e18b3e3ccf960c5f79ec8ca6370b1ea3e6c272b18832b0c0295f886bb8448212eabed048a9b
x-origin-response-time: 7,23.220.105.76
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24111821101985ED04987F82E6CBBC6A-5A1119BA385892B8-00
content-length: 2317
x-parent-response-time: 114,23.213.160.211
x-tt-logid: 2024111821101985ED04987F82E6CBBC6A
server: nginx

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 155ms
39ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"407149e43d6d6f4c2458e9179af5b3a2"
Age: 32572
Connection: keep-alive
Via: 1.1 07ddb29e6fb6e0d7584320febca423a6.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: kKKUrRz_uwEhxTkvZ_Yo2VqF7k3fc2Hx0xAQIdYEeF2kIZwPvN6OjQ==
Date: Mon, 18 Nov 2024 12:07:28 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 16:18:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=3773&pg=hm
https://tag.yieldoptimizer.com/ps/ps?tc=497016045&t=s&p=3773&pg=hm

1 KB
2 KB

61ms
59ms

Script
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=497016045&t=s&p=3773&pg=hm
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 444ee466ca3d5f9fc1c54b1befb23f2cdda4d9b201941ab48f97fc94178fbef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 1197
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: text/javascript;charset=ISO-8859-1
server: Apache-Coyote/1.1

Redirect headers

cache-control: no-cache
location: https://tag.yieldoptimizer.com/ps/ps?tc=497016045&t=s&p=3773&pg=hm
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
server: Apache-Coyote/1.1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 1B89 0
0 195ms
76ms Document
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.winstar.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTP9H29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 320669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Nov 2024 04:05:50 GMT
expires: Sat, 15 Nov 2025 04:05:50 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_360ph.m3u8 Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 783 B
1 KB 48ms
44ms XHR
application/x-mpegurl 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_360ph.m3u8
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4913954eadd5c2378d1551766b1df2aa1320f85f69b732bd4c79e8e9b1332fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "3ef49eb3da56c5f00b639a820c1f4521"
age: 840629
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 639iMZ8M2qlOZ0yRyuIMoe-7mapUxkxrOZvawtFsgU_PKXqp7_NOLQ==
date: Sat, 09 Nov 2024 03:39:50 GMT
content-type: application/x-mpegURL
last-modified: Fri, 21 Feb 2020 18:31:29 GMT
vary: Origin
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 783
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1020 B 286ms
267ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=4132260&currentUrl=https%3A%2F%2Fwww.winstar.com%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 0574d0c9-f407-46c5-96d0-7548cdf786b6
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnoJuk8GwgY7zVrzHcItegh6A2uuI3qe7P%2FA2GprNcjNe%2FlJ9cwZnBIe47HnrR6ynCQeKTIZWfFElR3ieodnETM2qEB0NwVG108WhqZVxULcQGTZN%2BK7kBnnnAlqRBae1U7SysWkcKR8MSGDZGMpTfzDcqkhuUZko38%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Mon, 18 Nov 2024 21:10:19 GMT
x-hubspot-correlation-id: 0574d0c9-f407-46c5-96d0-7548cdf786b6
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-26w66
x-envoy-upstream-service-time: 10
access-control-allow-credentials: true
cf-ray: 8e4af2550f39bbbb-FRA
access-control-allow-origin: https://www.winstar.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET 1ccced0e-0a7e-4d59-a63f-541363ceea13
https://www.winstar.com/ Frame 0
0

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_360ph00000.ts Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 1 MB
1 MB 83ms
75ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_360ph00000.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd033c241b9f60155a79712ce2551e747dddd607eec399564d66488735bc0c76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "cc066f6ff44aa4a85bf6d7fb1f2678eb"
age: 1919593
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: n1O0U9FZdPm8xKvDigwRgBzE_xue1mTZhgj8o64LcXnCvWbL_A-zrQ==
date: Sun, 27 Oct 2024 15:57:07 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:30 GMT
vary: Origin
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 1217488
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H3 200 call-tracking_9.js Show response
www.gstatic.com/call-tracking/ 62 KB
20 KB 77ms
74ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_9.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-encoding: br
age: 310639
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 06:53:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:53:00 GMT
last-modified: Mon, 22 Jan 2024 22:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges: bytes
content-length: 20777
x-xss-protection: 0
server: sffe

GET
H2

200

activityi;dc_pre=CNr248Dl5okDFU-4_Qcd4JsmRA;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
6820846.fls.doubleclick.net/ Frame 8D70
Redirect Chain

https://6820846.fls.doubleclick.net/activityi;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
https://6820846.fls.doubleclick.net/activityi;dc_pre=CNr248Dl5okDFU-4_Qcd4JsmRA;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=...

0
0

57ms
56ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6820846.fls.doubleclick.net/activityi;dc_pre=CNr248Dl5okDFU-4_Qcd4JsmRA;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181627262z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-6820846&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Mon, 18 Nov 2024 21:10:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6820846.fls.doubleclick.net/activityi;dc_pre=CNr248Dl5okDFU-4_Qcd4JsmRA;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181627262z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;...
ad.doubleclick.net/ 0
23 B 147ms
82ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=6820846;type=winss0;cat=winst0;ord=482078676512;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1031914617;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181627262z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17838745345627649342"}],"aggregatable_trigger_data":[{"filters":[{"14":["7286109"]}],"key_piece":"0x78b3f90389d23540","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x9e449720b2241f32","not_filters":{"14":["7286109"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"5729621742282618292","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17838745345627649342","filters":[{"14":["7286109"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17838745345627649342","filters":[{"14":["7286109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17838745345627649342","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17838745345627649342","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["6820846"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/991190777/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&dma=1&dma_cps=syphamo&npa=1&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&dma=1&dma_cps=syphamo

80 B
110 B

133ms
48ms

XHR
application/json

142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&dma=1&dma_cps=syphamo

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 87
date: Mon, 18 Nov 2024 21:10:20 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

Redirect headers

location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006226317&cl=YFybCOLchfABEPm90dgD&dma=1&dma_cps=syphamo
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.winstar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2

200

activityi;dc_pre=CImh5sDl5okDFcuo_QcdS-c2Eg;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
10388130.fls.doubleclick.net/ Frame E310
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CImh5sDl5okDFcuo_QcdS-c2Eg;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;ua...

0
0

62ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CImh5sDl5okDFcuo_QcdS-c2Eg;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10388130&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Mon, 18 Nov 2024 21:10:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CImh5sDl5okDFcuo_QcdS-c2Eg;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPGb5sDl5okDFZeS_QcdZvsH5w;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
10388130.fls.doubleclick.net/ Frame CAA5
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CPGb5sDl5okDFZeS_QcdZvsH5w;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;...

0
0

58ms
58ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CPGb5sDl5okDFZeS_QcdZvsH5w;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10388130&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Mon, 18 Nov 2024 21:10:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CPGb5sDl5okDFZeS_QcdZvsH5w;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJ-j5sDl5okDFda4_QcdwaIgMg;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
10388130.fls.doubleclick.net/ Frame FBAB
Redirect Chain

https://10388130.fls.doubleclick.net/activityi;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ-j5sDl5okDFda4_QcdwaIgMg;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945...

0
0

66ms
65ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ-j5sDl5okDFda4_QcdwaIgMg;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10388130&l=dataLayer&cx=c&gtm=45He4be0v79432195za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 372
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Mon, 18 Nov 2024 21:10:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 21:10:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10388130.fls.doubleclick.net/activityi;dc_pre=CJ-j5sDl5okDFda4_QcdwaIgMg;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
ad.doubleclick.net/ 0
23 B 89ms
81ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10388130;type=pagev0;cat=homep0;ord=5152652988797;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=804441865;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"5735203051372019779"}],"aggregatable_trigger_data":[{"filters":[{"14":["10449915"]}],"key_piece":"0x77010afc9f3fc39c","source_keys":["12","13","14","15","16","17","18","19","20","21","27811452","27811453","27811454","27811455","628630896","628630897","628630898","628630899"]},{"key_piece":"0x798c1f53e7bd593e","not_filters":{"14":["10449915"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","27811452","27811453","27811454","27811455","628630896","628630897","628630898","628630899"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"27811452":34,"27811453":34,"27811454":34,"27811455":3345,"628630896":32,"628630897":32,"628630898":32,"628630899":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"603284135039772385","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5735203051372019779","filters":[{"14":["10449915"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5735203051372019779","filters":[{"14":["10449915"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5735203051372019779","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5735203051372019779","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10388130"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 activity;register_conversion=1;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 0
23 B 91ms
83ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10388130;type=place0;cat=place0;ord=1;num=4213663718875;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1692775676;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"18129476138681261325"}],"aggregatable_trigger_data":[{"filters":[{"14":["10862812"]}],"key_piece":"0xe82b91427e4e7baa","source_keys":["12","13","14","15","16","17","18","19","20","21","27811452","27811453","27811454","27811455","628630896","628630897","628630898","628630899"]},{"key_piece":"0xb5297aeb061a9fb2","not_filters":{"14":["10862812"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","27811452","27811453","27811454","27811455","628630896","628630897","628630898","628630899"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"27811452":34,"27811453":34,"27811454":34,"27811455":3345,"628630896":32,"628630897":32,"628630898":32,"628630899":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"13669144278988983155","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"18129476138681261325","filters":[{"14":["10862812"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"18129476138681261325","filters":[{"14":["10862812"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"18129476138681261325","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"18129476138681261325","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10388130"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 activity;register_conversion=1;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
ad.doubleclick.net/ 0
23 B 91ms
83ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10388130;type=newpl0;cat=place00;ord=1;num=9434956468157;npa=1;auiddc=1024092750.1731964220;ps=1;pcor=1420684945;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4be0v9181772829z879432195za201zb79432195;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855;epver=2;~oref=https%3A%2F%2Fwww.winstar.com%2F?

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9375419793205214993"}],"aggregatable_trigger_data":[{"filters":[{"14":["11184128"]}],"key_piece":"0x16de4c341321b332","source_keys":["12","13","14","15","16","17","18","19","20","21","27811452","27811453","27811454","27811455","628630896","628630897","628630898","628630899"]},{"key_piece":"0x81cbac84083a228b","not_filters":{"14":["11184128"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","27811452","27811453","27811454","27811455","628630896","628630897","628630898","628630899"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"27811452":34,"27811453":34,"27811454":34,"27811455":3345,"628630896":32,"628630897":32,"628630898":32,"628630899":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"17190351862255038073","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9375419793205214993","filters":[{"14":["11184128"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9375419793205214993","filters":[{"14":["11184128"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9375419793205214993","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9375419793205214993","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10388130"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

POST
H3 200 991190777
google.com/pagead/form-data/ 0
0 148ms
62ms Ping
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/991190777?gtm=45be4be0pfv879034727z879432195za201zb79432195&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&npa=1&frm=0&pscdl=noapi&auid=1024092750.1731964220&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-991190777&l=dataLayer&cx=c&gtm=45He4be0v79432195za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

POST
H3 204 991190777
google.com/ccm/form-data/ 0
20 B 147ms
62ms Ping
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/991190777?gtm=45be4be0pfv879034727z879432195za201zb79432195&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&npa=1&frm=0&pscdl=noapi&auid=1024092750.1731964220&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-991190777&l=dataLayer&cx=c&gtm=45He4be0v79432195za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winstar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 147ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1LWDFVQ2YJ&gtm=45je4be0v876134144z879432195za200zb79432195&_p=1731964219054&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=784854515.1731964220&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731964220&sct=1&seg=0&dl=https%3A%2F%2Fwww.winstar.com%2F&dt=Welcome%20to%20WinStar%20%7C%20The%20World%27s%20Biggest%20Casino&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2111
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c&gtm=45He4be0v79432195za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winstar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 157ms
47ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1LWDFVQ2YJ&cid=784854515.1731964220&gtm=45je4be0v876134144z879432195za200zb79432195&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c&gtm=45He4be0v79432195za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winstar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 141ms
45ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M62JR698ND&gtm=45je4be0v876134144z879432195za200zb79432195&_p=1731964219054&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=784854515.1731964220&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731964220&sct=1&seg=0&dl=https%3A%2F%2Fwww.winstar.com%2F&dt=Welcome%20to%20WinStar%20%7C%20The%20World%27s%20Biggest%20Casino&en=page_view&_fv=1&_ss=1&tfd=2122
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LWDFVQ2YJ&l=dataLayer&cx=c&gtm=45He4be0v79432195za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winstar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 171ms
82ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1LWDFVQ2YJ&cid=784854515.1731964220&gtm=45je4be0v876134144z879432195za200zb79432195&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=1819130942

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 18 Nov 2024 21:10:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 livechats Show response
api.talkdeskapp.com/2019-11/pas/ 2 KB
2 KB 459ms
143ms XHR
application/json 107.20.220.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.talkdeskapp.com/2019-11/pas/livechats?touchpoint_value=7b640afb98de4e79a428f7ad5ec1aef9

Requested by

Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.220.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-220-14.compute-1.amazonaws.com

Software

Resource Hash

739593e55e25f30010e3a7f4d1e65411c1497f01de72b11b1d31c418dc8222c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.winstar.com/

Response headers

x-ratelimit-replenish-rate: 25
x-permitted-cross-domain-policies: none
x-ratelimit-requested-tokens: 1
x-content-type-options: nosniff
traceresponse: 00-d3898e90870a62cb8901ce9e95c85755-a6f4159a3997d308-00
x-ratelimit-burst-capacity: 30
server-timing: dtSInfo;desc="1", dtTao;desc="1"
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
strict-transport-security: max-age=631138519
content-security-policy: default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'
timing-allow-origin: *
x-td-provider-region: us-east-1
referrer-policy: no-referrer
x-download-options: noopen
x-ratelimit-remaining: 29
access-control-allow-origin: *
content-length: 1555
x-xss-protection: 1 ; mode=block

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f6e62aa22f40cd018e825002800e502fede0003adb92cdecd4cf48cd3c340ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
421 B 52ms
51ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1340769849&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winstar.com%2F&ul=de-de&de=UTF-8&dt=Welcome%20to%20WinStar%20%7C%20The%20World%27s%20Biggest%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1350229998&gjid=225866769&cid=784854515.1731964220&tid=UA-28262588-1&_gid=756463677.1731964220&_slc=1&gtm=45He4be0n81TTP9H29v79432195za200&cd2=1731964219532.v8a15lca&cd3=2024-11-18T22%3A10%3A19.532%2B01%3A00&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&npa=1&z=447339202

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.winstar.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.winstar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
361 B 50ms
50ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28262588-1&cid=784854515.1731964220&jid=1350229998&gjid=225866769&_gid=756463677.1731964220&npa=1&_u=YCDAiEABBAAAAGAAI~&z=1535773452

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.winstar.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 21:10:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://www.winstar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 main.MWFhYzI4NzhlMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 349 KB
97 KB 71ms
71ms Script
application/javascript 23.213.161.204
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNJL47RC77UC27SBQ8SG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c19d35d3ab541478af2ee769d2a306f12cd47c94ecfb3dbc5c319218cf6d369b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-241115050238807ACC6FD1C9A315C00C-716CD50F67749F4D-00
content-length: 98381
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241115050238807ACC6FD1C9A315C00C
server: nginx
x-akamai-request-id: 393b18bc
x-tt-trace-host: 0122b94b1a210e219ef53b5772918bd9cab47e17892a907ca0f4a929e9d6ea567f8a1e9f83ffd4229ace09938072f99750a7b23a418a620fb441c237082ebc91c7b7c5b6a50bdee9d9382e7db34867c6b0d001ad860ccc15d5aa237201c7525b71

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
926 B 267ms
200ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-robots-tag: none
x-request-id: c8c80f94-48aa-4441-8c15-446c1e87f66c
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 18 Nov 2024 21:10:20 GMT
x-hubspot-correlation-id: c8c80f94-48aa-4441-8c15-446c1e87f66c
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Mon, 18 Nov 2024 21:10:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-7srgp
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e4af259397ae519-TXL
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 178ms
53ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxOTQ4OTM3MTk1NQ&google_sc&gdpr=&gdpr_consent=&

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Mon, 18 Nov 2024 21:10:20 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 195ms
51ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1&gdpr=&gdpr_consent=&
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-length: 70
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: image/gif
server: Kestrel

GET
H2 451 394499.gif
idsync.rlcdn.com/ 0
98 B 191ms
47ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3019489371955&gdpr=&gdpr_consent=&
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 18 Nov 2024 21:10:20 GMT

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ 0
388 B 165ms
56ms Image
text/plain 35.241.54.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxOTQ4OTM3MTk1NXwxNzMxOTY0MjIwMDQx&gdpr=&gdpr_consent=&
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.54.161 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 0
date: Mon, 18 Nov 2024 21:10:19 GMT
server: Apache-Coyote/1.1

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3488204682239319137

43 B
61 B

102ms
101ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3488204682239319137
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 43
date: Mon, 18 Nov 2024 21:10:19 GMT
content-type: image/gif
server: Apache-Coyote/1.1

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3488204682239319137
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Mon, 18 Nov 2024 21:10:20 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3019489371955&gdpr=&gdprconsent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3019489371955&gdpr=&gdprconsent=

42 B
717 B

80ms
68ms

Image
image/gif

108.129.16.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3019489371955&gdpr=&gdprconsent=

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Server

108.129.16.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-129-16-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v069-04131632d.edge-irl1.demdex.com 4 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: gyfV6ighS3c=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3019489371955&gdpr=&gdprconsent=
dcs: dcs-prod-irl1-2-v069-09b470f5a.edge-irl1.demdex.com 0 ms
pragma: no-cache
x-tid: L3cIWIFrRgY=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 18 Nov 2024 21:10:20 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adara&gdpr=&gdpr_consent=&
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=adOgesjGVWdT0yjU-qKkd1D_B30

43 B
61 B

52ms
47ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=adOgesjGVWdT0yjU-qKkd1D_B30
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 43
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: image/gif
server: Apache-Coyote/1.1

Redirect headers

Location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=adOgesjGVWdT0yjU-qKkd1D_B30
Content-Length: 110
Date: Mon, 18 Nov 2024 21:10:20 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58700/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADARA&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=

0
108 B

103ms
96ms

Image
text/html

2a00:1288:80:807::1
YAHOO-DEB Yahoo-U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=

Requested by

Host: www.winstar.com
URL: https://www.winstar.com/

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Mon, 18 Nov 2024 21:10:20 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA&gdpr=&gdpr_consent=
content-length: 257
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: text/html
content-language: en
server: ATS

GET
H/1.1 200
OK validate Show response
pixelconnector.adready.com/ 297 B
645 B 519ms
382ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/validate?id=94820ea4-dcf0-4edb-8324-04ea01d34e0e

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c31908f05e8f95bbe4e2f1c7545336fe63e25a575144117af9c65853c301b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

Transfer-Encoding: chunked
strict-transport-security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Connection: keep-alive
CF-RAY: 8e4af25a4845e517-TXL
access-control-allow-origin: https://www.winstar.com
Date: Mon, 18 Nov 2024 21:10:20 GMT
Content-Type: application/json
vary: Origin
Server: cloudflare

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph.m3u8 Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 791 B
1 KB 41ms
40ms XHR
application/x-mpegurl 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph.m3u8
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 950eae574dbbb0d163b7eb249c078b0398475f327b78eb61c7c5b9226742d23b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "6cd996344f11fb0f482329923fc430d9"
age: 113743
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: l-Ca5_-Wy-sBhiPZvlW0YtBlI6hZsKRguKrDu43i_l_aO5N6VpyLfQ==
date: Sun, 17 Nov 2024 13:34:38 GMT
content-type: application/x-mpegURL
last-modified: Fri, 21 Feb 2020 18:31:20 GMT
vary: Origin,accept-encoding
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 791
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 72ms
63ms Script
application/javascript 23.213.161.204
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2411150502344C84833BC081771CDD1C-54246974437423C8-00
content-length: 39467
date: Mon, 18 Nov 2024 21:10:20 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411150502344C84833BC081771CDD1C
server: nginx
x-akamai-request-id: 393b1c0d
x-tt-trace-host: 0166f0d94abdb193a407caaf2bb0277e0f8b8b5ec22d281c984db4e8c0e12826503e8345f3ea71f3b50970f8e22c3b2ae045323b3b5d23072fdc54e7b750176cee720fbd2ddc85fc388c9dc15fec6e223c096d53136cdb7b0e64177ab5f89aadb2

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
876 B 187ms
185ms Ping
text/plain 23.213.161.204
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.winstar.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-201.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Mon, 18 Nov 2024 21:10:20 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=23, inner; dur=19
x-cache: TCP_MISS from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Mon, 18 Nov 2024 21:10:20 GMT
x-akamai-request-id: 1196aae4.393b1c43
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01c2468924648e9ed2eca39fac3ce3cb394172096491e8706197229aa4b6eb7d61866c81b4088e3bebdb0a5f97b57218227cc8a1e867d678b45556e49223df2eea33093a030908be80b003d8d2ac3a5e88651d5815e11e70e4c3bcec3a4f5a046944b3a08c783276ef7ebf0949f63f79f9
x-origin-response-time: 23,23.48.100.201
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24111821102022F42A089BEC2FDE605F-3BD6897234DB6E0B-00
content-length: 0
x-parent-response-time: 111,23.213.160.211
x-tt-logid: 2024111821102022F42A089BEC2FDE605F
server: nginx

POST
H2 200 logs Show response
wyv31614.live.dynatrace.com/api/v2/otlp/v1/ 0
475 B 159ms
155ms XHR
application/x-protobuf 34.226.79.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wyv31614.live.dynatrace.com/api/v2/otlp/v1/logs

Requested by

Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.226.79.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-79-35.compute-1.amazonaws.com

Software

ruxit gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Authorization: Api-Token dt0c01.45YL64WCC2NSWQTUO4G4ZACS.O2XQGLDUXQHAS5KZXS65CI3FYVGWKL6V3TLWFAK27WO4M4F7XE452V7U3CABRL4Y
Referer: https://www.winstar.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-protobuf
Content-Type: application/x-protobuf

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
x-robots-tag: noindex
access-control-expose-headers: *
cache-control: no-store, no-cache
content-encoding: gzip
pragma: no-cache
x-oneagent-js-injection: true
access-control-allow-origin: https://www.winstar.com
content-length: 20
date: Mon, 18 Nov 2024 21:10:21 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
server: ruxit gateway

GET
H2 200 516.talkdeskchatsdk.js Show response
talkdeskchatsdk.talkdeskapp.com/ 780 KB
226 KB 49ms
33ms Script
application/x-javascript 2600:9000:275d:8400:9:7301:d4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://talkdeskchatsdk.talkdeskapp.com/516.talkdeskchatsdk.js
Requested by: Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8400:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d327c8a798df685947457af0d7183705ed2405da975ab8e3db3cae83c19dd726

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
content-encoding: gzip
etag: W/"29efe0977d96ac1da82ca7e4da4c4f4d"
x-amz-version-id: 16RLzZQnT0TTuEQcJlmG4NAbUibFMrKW
age: 200
via: 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Sg1aljIs20MjJQ5YE3ZnM_bkUD03P0wjLISvToGVMU6brnlbaycl0w==
date: Mon, 18 Nov 2024 21:07:11 GMT
content-type: application/x-javascript
last-modified: Tue, 22 Oct 2024 03:38:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H2 200 123.talkdeskchatsdk.js Show response
talkdeskchatsdk.talkdeskapp.com/ 53 KB
12 KB 166ms
150ms Script
application/x-javascript 2600:9000:275d:8400:9:7301:d4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://talkdeskchatsdk.talkdeskapp.com/123.talkdeskchatsdk.js
Requested by: Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:8400:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7435f591f1deab97d8e688f12765056d72466f4b49211b12b1f94e3b52bc6317

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
content-encoding: gzip
etag: W/"be336b65500c8a9ccc28f12ea44d9b9e"
x-amz-version-id: 6jZzpGb4IH2vwHF6Ezye3IqcQygugxXY
age: 218
via: 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 346nnpsjONXon-pLZW1CwfYQgS8bYoN6pCEKE7vOnXBdQnIiRHkTew==
date: Mon, 18 Nov 2024 21:06:51 GMT
content-type: application/x-javascript
last-modified: Tue, 22 Oct 2024 03:38:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 logs
wyv31614.live.dynatrace.com/api/v2/otlp/v1/ Frame 0
0 589ms
292ms Preflight
text/plain 34.226.79.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wyv31614.live.dynatrace.com/api/v2/otlp/v1/logs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.226.79.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-79-35.compute-1.amazonaws.com

Software

ruxit gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.winstar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,POST,DELETE,PUT
access-control-allow-origin: https://www.winstar.com
access-control-max-age: 1800
allow: POST,OPTIONS
cache-control: no-store, no-cache
content-encoding: gzip
content-length: 33
content-type: text/plain
date: Mon, 18 Nov 2024 21:10:21 GMT
pragma: no-cache
server: ruxit gateway
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 cndc-ws-spa-web-A-1920x1080-1.01-AT-2-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/ 59 KB
0 0ms
0ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/cndc-ws-spa-web-A-1920x1080-1.01-AT-2-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6e0fa38e2375e82145cbc55ff7beb5fa8492f5d7b0f764caf0ec851810db5dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "673392d0-eb97"
age: 59978
expires: Wed, 18 Dec 2024 04:30:41 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: w9gTOgaGuTSaguuiNMoMEuEciFkbEVgrOAy4wsjVRv6v1FXrecSyzQ==
date: Mon, 18 Nov 2024 04:30:41 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 17:39:28 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60311
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cndc-ws-cascades-mainbar-web-1920x1080-1.01-AT-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/ 68 KB
0 0ms
0ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/05/cndc-ws-cascades-mainbar-web-1920x1080-1.01-AT-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5e8637c79b6a05bd176bd2e38df34d44763877482a2dd94e4bd520c6ef53f806

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66fad44d-10fd9"
age: 54686
expires: Wed, 18 Dec 2024 05:58:53 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: sOtwB1wLdNyLrXJwE-sPxWPkddx19z2F_-JyAmZ2GPscDEm5C9jSOQ==
date: Mon, 18 Nov 2024 05:58:53 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 16:39:41 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69593
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
875 B 268ms
187ms Ping
text/plain 23.213.161.204
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.winstar.com/

Response headers

x-cache-remote: TCP_MISS from a23-52-15-49.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Mon, 18 Nov 2024 21:10:21 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=52, inner; dur=48
x-cache: TCP_MISS from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Mon, 18 Nov 2024 21:10:21 GMT
x-akamai-request-id: 443af747.393b2024
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01c2468924648e9ed2eca39fac3ce3cb394172096491e8706197229aa4b6eb7d61dafe66eb2799bde08f21aebab53f9627ab61ad3b518c43317d43130c4817ced3aac76587e7fb464611b8704c87a9be07d3a08cdb0ffdf56b4531d8cc101f03052898a91ebdef0c9df32c35ede9196362
x-origin-response-time: 52,23.52.15.49
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241118211020E0F2B155AEDB4ECD8707-67BDDBB06681B3A1-00
content-length: 0
x-parent-response-time: 137,23.213.160.211
x-tt-logid: 20241118211020E0F2B155AEDB4ECD8707
server: nginx

GET
H2 200 union-mesa-table-768x454.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2022/11/ 77 KB
0 27ms
27ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2022/11/union-mesa-table-768x454.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3eba9618671886ce8adffe743790cd484ea9bcb076d0025668a0f9e57160ebcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66e45a6c-133ea"
age: 54687
expires: Wed, 18 Dec 2024 05:58:52 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: D2TUof-7Eib-S567JfHSu39DFuLL71xxdUJQYoNOjItXr4mC3rgxIg==
date: Mon, 18 Nov 2024 05:58:52 GMT
content-type: image/jpeg
last-modified: Fri, 13 Sep 2024 15:29:48 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78826
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

POST
H/1.1 200
OK update Show response
pixelconnector.adready.com/ 22 B
362 B 176ms
174ms XHR
application/json 104.18.5.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.adready.com/update?s=flip.js

Requested by

Host: tracker.adreadyclick.com
URL: https://tracker.adreadyclick.com/flip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.5.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.winstar.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
CF-Cache-Status: DYNAMIC
Connection: keep-alive
CF-RAY: 8e4af25cb9ffe517-TXL
access-control-allow-origin: https://www.winstar.com
Content-Length: 22
Date: Mon, 18 Nov 2024 21:10:21 GMT
Content-Type: application/json
vary: Origin
Server: cloudflare

GET
H2 200 pixie
ib.adnxs.com/ 42 B
224 B 163ms
45ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?pi=27b8aa9e-1972-418a-964d-ddf84b9f950e&e=PageView&script=0
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 42
date: Mon, 18 Nov 2024 21:10:21 GMT
content-type: image/gif
server: nginx/1.23.4
x-proxy-origin: 80.255.7.125; 80.255.7.125; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

GET
H2 200 winstar-promotions-ameneties-onyx-boutique-background-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/ 6 KB
0 0ms
0ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/winstar-promotions-ameneties-onyx-boutique-background-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1fc11f1b18e7de7d8cbd36a2e3692719f1904644061a7433674ef9d3b435b267

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5cbf11fc-16f0"
age: 60839
expires: Wed, 18 Dec 2024 04:16:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: XYJtJ_5X5pExpdnbl65g-WJ89nr2L_PGo2jKLM4LuNxfvLR7oM0ygw==
date: Mon, 18 Nov 2024 04:16:19 GMT
content-type: image/jpeg
last-modified: Tue, 23 Apr 2019 13:24:12 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5872
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 sms.svg
qa-cdn-talkdesk.talkdeskdev.com/cdn-assets/latest/talkdesk/product/app-icons/ 583 B
997 B 166ms
43ms Image
image/svg+xml 2600:9000:275b:9e00:e:6b13:2100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa-cdn-talkdesk.talkdeskdev.com/cdn-assets/latest/talkdesk/product/app-icons/sms.svg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:9e00:e:6b13:2100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e1ec1c8c6a0bd614d2c5cda283630e1dc34b4231d04aa2b304a8aee90d7db5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

vary: accept-encoding
x-amz-version-id: GovQ5Pokh0_5f_g6KmPyN0RTxyEo4kPm
etag: "3a2568cf1161f07bfc06982f0cb65e1e"
age: 1
via: 1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 583
x-amz-cf-id: 3-UbkJGvnka2FX0cTWBBHM1aBZ7PvtPhuh1XIpCEH34u22EOABGEpw==
date: Mon, 18 Nov 2024 21:10:21 GMT
content-type: image/svg+xml
last-modified: Wed, 13 Nov 2024 09:20:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256

GET
H2 200 winstar-promotions-ameneties-onyx-boutique-primary-480x270.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/ 10 KB
11 KB 40ms
39ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/04/winstar-promotions-ameneties-onyx-boutique-primary-480x270.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1d170a0c6614510d8ffab190d4d2bd3e72b5a5089fd1fafaf6881899a772f406

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5cbf11f7-291d"
age: 60841
expires: Wed, 18 Dec 2024 04:16:20 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: kWwuOGXVuMmzNlPQQOCLiO6F-G2Jo_464FTsajxW1aoa8djVtCDn1Q==
date: Mon, 18 Nov 2024 04:16:20 GMT
content-type: image/png
last-modified: Tue, 23 Apr 2019 13:24:07 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10525
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00000.ts Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 5 MB
5 MB 41ms
40ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00000.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 416d5fe7994fb54f5713fef2b8929438dc5199b443d57bb3d3ee27ca36576906

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "86ad7a8dd50006e09250d58394871c9b"
age: 87102
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: qFP0HK2Mtvrvo_vqhPT0QslvVzWbakll9Seg2FFEZC_WIczWKP-OQQ==
date: Sun, 17 Nov 2024 20:58:40 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:20 GMT
vary: Origin,accept-encoding
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 5215496
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 Q4_2024.WS_.EVERI_.SHARKWEEK.WEB_.1920x1080-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/ 62 KB
62 KB 41ms
39ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/Q4_2024.WS_.EVERI_.SHARKWEEK.WEB_.1920x1080-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b95427d76ba446b96bc831149d9a0945962bf53fb71cac45b0c14ea1dc53c1b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253ad2-f650"
age: 54687
expires: Wed, 18 Dec 2024 05:58:54 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: zeHCAS7PbrhGCLZVOrZ8gYMB7ukTF9z7rjathEFldboMwNGFXyVgRA==
date: Mon, 18 Nov 2024 05:58:54 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 20:32:18 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 63056
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 Q4_2024.WS_.GCG_.DOUBLEEASYMONEY.WEB_.1920x1080-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/ 58 KB
59 KB 50ms
25ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/Q4_2024.WS_.GCG_.DOUBLEEASYMONEY.WEB_.1920x1080-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6fcce168e744ff2bf6f123eca7e410c9a95c6f74a67f90f86400a86a4a1a51ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253ad3-e8ea"
age: 54686
expires: Wed, 18 Dec 2024 05:58:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: iU8YS6Q6ORYqObWVLZYy1F6K2YvvTPXQYNOCaymuixwBIztjQX9QWg==
date: Mon, 18 Nov 2024 05:58:55 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 20:32:19 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59626
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 Q4_2024.WS_.GCG_.MARVELOUSMOUSE.WEB_.1920x1080-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/ 81 KB
82 KB 102ms
98ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/Q4_2024.WS_.GCG_.MARVELOUSMOUSE.WEB_.1920x1080-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b7140334ca9693c19824ddf3a5796076843bc4037435e6de5b453da3500bac30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253ad5-144f9"
age: 38889
expires: Wed, 18 Dec 2024 10:22:12 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: cgy8BKX1vQR2eC8lQPDGkNu6JZIaBt15y8lFQqj9nzGIVnIbFA2-Og==
date: Mon, 18 Nov 2024 10:22:12 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 20:32:21 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83193
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 Q4_2024.WS_.VGT_.HUNTFORNEPTUNESGOLD.WEB_.1920x1080-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/ 103 KB
104 KB 40ms
39ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/Q4_2024.WS_.VGT_.HUNTFORNEPTUNESGOLD.WEB_.1920x1080-768x432.jpg
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c87adb9a6fd596da709ab56b947cf7d41c7397e723553158235fc49cdc90c082

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67253ad6-19d8f"
age: 54687
expires: Wed, 18 Dec 2024 05:58:54 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: QRNb19PtVNW31WTpp8POG6uJPwlICJpP8px7-57qb_OcpYswtvHrNg==
date: Mon, 18 Nov 2024 05:58:54 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 20:32:22 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 105871
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 WS-24-LOL-SarahBrightman-notext-web-1920x1080-1.00-CR-768x432.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/05/ 680 KB
682 KB 46ms
45ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/05/WS-24-LOL-SarahBrightman-notext-web-1920x1080-1.00-CR-768x432.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 891d7eb01d106413f45ab4e6bc5761eed8a95f6dee783444be27d037e06bd24a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67168fa0-aa186"
age: 55487
expires: Wed, 18 Dec 2024 05:45:34 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: MrQoj-8fVJBGXHyZd8aOwwigd7LBR5PKiq37-hEHwbaX4D-J9k2ahg==
date: Mon, 18 Nov 2024 05:45:34 GMT
content-type: image/png
last-modified: Mon, 21 Oct 2024 17:30:08 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 696710
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 WS-25-LOL-johnlegend-notext-1920x1080-1.01-DH-768x432.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/10/ 397 KB
398 KB 41ms
40ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/10/WS-25-LOL-johnlegend-notext-1920x1080-1.01-DH-768x432.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 483648369bd614ef32a9988bb29da0edda62b695087e34304b5d7437b7127146

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "672bc11a-632b9"
age: 55486
expires: Wed, 18 Dec 2024 05:45:35 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 7Bfjw3LXkACw4o_Ed5fMzFGIqSnLpjmGVDqZHkVTl4TpnITgq6mmFA==
date: Mon, 18 Nov 2024 05:45:35 GMT
content-type: image/png
last-modified: Wed, 06 Nov 2024 19:18:50 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 406201
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 WS-24-LOL-MarenMorris-notext-1.01-CR-web-1920x1080-1-768x432.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/ 309 KB
310 KB 44ms
44ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/07/WS-24-LOL-MarenMorris-notext-1.01-CR-web-1920x1080-1-768x432.png
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 868a4aadfbef7a07d77ab92576fe5d77a3fd0458ed2610a104f330013566ad79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "672bc11e-4d482"
age: 54686
expires: Wed, 18 Dec 2024 05:58:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 4LDvuzHc1VXakq5V0ag5LOtqlQW9421SrXwGNrM5QghiPAwAt-Ho_g==
date: Mon, 18 Nov 2024 05:58:55 GMT
content-type: image/png
last-modified: Wed, 06 Nov 2024 19:18:54 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 316546
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 264ms
168ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=4132260&ct=standard-page&rcu=https%3A%2F%2Fwww.winstar.com%2F&pu=https%3A%2F%2Fwww.winstar.com%2F&t=Welcome+to+WinStar+%7C+The+World%27s+Biggest+Casino&cts=1731964222198&vi=313d54cf0b142e204aeb5cf994e53c8c&nc=true&u=40036989.313d54cf0b142e204aeb5cf994e53c8c.1731964222196.1731964222196.1731964222196.1&b=40036989.1.1731964222196&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

x-robots-tag: none
x-request-id: fe91f878-daa4-4592-bfaf-2d4247fb83d9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RZHwAater%2B7ChGCRvzWl1KXb5DowC2%2FsdunTwe18jRadOpTipR7wYouCzsKCGGXf2MLfq%2FufIUvA%2FWZKrkfUHtF5p2AWuo4t1%2Bob%2BsoQ8jV17cz%2Buf0vswDWrjsQYmSAd04J37V5FYlqzzhnUBds"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Mon, 18 Nov 2024 21:10:22 GMT
x-hubspot-correlation-id: fe91f878-daa4-4592-bfaf-2d4247fb83d9
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-px578
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8e4af2657ffd9f16-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 WS-24-LOL-PepeAguilar-notext-web-1920x1080-1.00-CR-768x432.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/08/ 602 KB
603 KB 45ms
44ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/08/WS-24-LOL-PepeAguilar-notext-web-1920x1080-1.00-CR-768x432.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8052e8a74f8e5a80696396fc21ef98da9c99de3e41aa4c12b34eb4b911115046

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66d1dd1b-968d4"
age: 45165
expires: Wed, 18 Dec 2024 08:37:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: mLUNtjK3GsHHHGUy5sFs5GXCqtk9st9hE9lQqwKcvlc0nJYCoF10Hw==
date: Mon, 18 Nov 2024 08:37:37 GMT
content-type: image/png
last-modified: Fri, 30 Aug 2024 14:54:19 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 616660
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 up
insight.adsrvr.org/track/ Frame 1A58 0
0 491ms
354ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=qrxks9s&ref=https%3A%2F%2Fwww.winstar.com%2F&upid=2i8akai&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.winstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Mon, 18 Nov 2024 21:10:22 GMT
server: Kestrel

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00001.ts Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 6 MB
6 MB 89ms
88ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00001.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38ec723a6daf9cbdd3fe95231509a8d0589ea305778c2c73583f2204de3d1031

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "70a2acd9397affe389c87d9a67d9880b"
age: 754140
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: sNTapRjgmlBoGslDYi9E8jDmOm2b9W2UVxFMcM4fLpn5bqPPMA5xzQ==
date: Sun, 10 Nov 2024 03:41:23 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:20 GMT
vary: Origin
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 6643168
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 favicon.ico
dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/site-icons/ 15 KB
15 KB 508ms
508ms Other
image/x-icon 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/themes/chickasaw/images/site-icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 78dd53f3f3c9f06e940ee51312dec76b559ce5415080298450919fcce53b5a63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "64aff778-3aee"
age: 46178
expires: Wed, 18 Dec 2024 08:20:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: VFOM7Nt1ruxCLlhnGWMI1jnucX3e5nypJh1f08ALX8kqNBs3MRiy2w==
date: Mon, 18 Nov 2024 21:10:22 GMT
content-type: image/x-icon
last-modified: Thu, 13 Jul 2023 13:09:12 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15086
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 184ms
62ms Script
text/javascript 2600:9000:26e8:8600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.winstar.com
URL: https://www.winstar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 2116
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 4c8gR_anS6iGwCm3JG5EpFbdMXkT1_Z3IQ4bCOUUIOnXOEynvPnHKg==
Date: Mon, 18 Nov 2024 20:35:07 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA56-P10
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
757 B

83ms
40ms

Script
application/javascript

2600:9000:26e8:8600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:26e8:8600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 55975
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: G-US4BmZ51wduuCKxDwBFYd39qaYDfkHSx8BryWFmzlHO386gWTZFA==
Date: Mon, 18 Nov 2024 05:37:26 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA56-P10
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

Redirect headers

Access-Control-Max-Age: 600
Age: 21851
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: tneM7FRKLb1dWT3Zw8FGHSLDaMO6_cR4eLC7J-ZAk4tiE-RrJ11aBw==
Date: Mon, 18 Nov 2024 15:06:10 GMT
Content-Type: application/xml
Access-Control-Allow-Headers: *
Location: https://s.adroll.com/j/pre/index.js
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA56-P10
Server: AmazonS3

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/ 0
810 B 85ms
43ms Script
text/javascript 2600:9000:26e8:8600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2EXMERFAKVBCLKX2AY3NF3/7ZRMIDZ2LRERNAC3ZKZ5LF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: R3LQAHWd1xhh3w5o26KVA33J8KgFaund
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2955
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: yvzufMuNYsyqHt0QES96hEFjmHgqi6jUJFPb8L1L00XQKI93i65-Xw==
Date: Mon, 18 Nov 2024 20:21:08 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Sat, 16 Nov 2024 11:37:50 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA56-P10
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 2EXMERFAKVBCLKX2AY3NF3 Show response
d.adroll.com/consent/check/ 538 B
631 B 242ms
73ms Script
application/javascript 2a05:d018:cc3:fe05:7044:d421:e9fa:3958
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2EXMERFAKVBCLKX2AY3NF3?flg=1&pv=14197644168.150703&arrfrr=https%3A%2F%2Fwww.winstar.com%2F&_s=15778e37107fb9c8b84a612d1704953a&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:7044:d421:e9fa:3958 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b339efd714ecdbd4c06540705e7aafcba2621c2a09dbb9c9e272b03e091b3ecb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

content-length: 538
date: Mon, 18 Nov 2024 21:10:22 GMT
content-type: application/javascript
server: nginx/1.22.1

GET
H2 200 homepage-xxlarge-768x533.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/ 41 KB
42 KB 232ms
231ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/homepage-xxlarge-768x533.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f064ded335f20b48d9e91d104fef0a07db1935644acadd3aa03d83bf9cf62a25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
etag: "66437522-a4b7"
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 21:10:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 42167
x-amz-cf-id: mchKtDyY9sB0GYX_uR4lrssmhX3avlod2tgVmXkmWlx4xlDEAVoXYQ==
date: Mon, 18 Nov 2024 21:10:22 GMT
content-type: image/jpeg
last-modified: Tue, 14 May 2024 14:28:50 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8

GET
H2 200 homepage-xxlarge-480x333.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/ 18 KB
19 KB 236ms
235ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/homepage-xxlarge-480x333.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 15c6eb10976874b9a320ce26dc649b87ade0e52defb7b59714df782c0bed25c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
etag: "66437523-4879"
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 21:10:23 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
content-length: 18553
x-amz-cf-id: Hzz97BxtWVpEK0MIDRMRaspKq7UCIO739No8vSDVExhUsywckCOi3A==
date: Mon, 18 Nov 2024 21:10:23 GMT
content-type: image/jpeg
last-modified: Tue, 14 May 2024 14:28:51 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8
vary: Accept-Encoding

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00002.ts Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 5 MB
5 MB 43ms
42ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00002.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0464a7847be442c0e57f90a9ad3fbccdd170c8ac76443a9e321b68a917ae5854

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "ea6c26ad75190dad5658f200e8a7115a"
age: 91616
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 5qabFz-_N5UovKGGBVcvJ1iD679G6289XNoA9Nca6wpW0bR7I3sJaQ==
date: Sun, 17 Nov 2024 19:43:28 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:20 GMT
vary: Origin,accept-encoding
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 4826148
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 SeatGeek-Logo-Stacked-Primary-1920x1080-3-768x339.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/ 16 KB
17 KB 246ms
245ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/04/SeatGeek-Logo-Stacked-Primary-1920x1080-3-768x339.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61a9069f1cfcbe07e2b02b3d08ebd3ebb27af6b083ef4ee8a3937db45c976efb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

cache-control: max-age=2592000, public, no-transform
etag: "66437521-4087"
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
expires: Wed, 18 Dec 2024 21:10:23 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 16519
x-amz-cf-id: NlX6SqoTZtUtV-8SSIz-ey8PWtB0p4cfZjUZlRKXVl2v87sTTHT-4Q==
date: Mon, 18 Nov 2024 21:10:23 GMT
content-type: image/png
last-modified: Tue, 14 May 2024 14:28:49 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P8

GET
H2 200 winstar-dining-mickey-mantles-00-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/ 76 KB
77 KB 48ms
48ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/08/winstar-dining-mickey-mantles-00-768x432.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bad6e62bb00735f8c646ed27f05d1fea5024a1aa7060125c08fc17faef8de024

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "65c4ebc3-13167"
age: 61152
expires: Wed, 18 Dec 2024 04:11:11 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 3AUGkdlvOMOD59O_IPdMTCEvJcUW7PPrxmZ4sU1sGLOx78G_8jUqdA==
date: Mon, 18 Nov 2024 04:11:11 GMT
content-type: image/jpeg
last-modified: Thu, 08 Feb 2024 14:57:07 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78183
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 winstar-gaming-roulette-07-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/08/ 55 KB
56 KB 76ms
42ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/08/winstar-gaming-roulette-07-768x432.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5a584d6e5fd456dff4d4022b1ab465304701248f9091b6734220d8d040b4b979

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "6579e003-dc10"
age: 43219
expires: Wed, 18 Dec 2024 09:10:05 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: TuCukI9NRAwUAyqUOr0htAhDftHlbgJOSh5jG7Fa6IOWc6VWrEe_TA==
date: Mon, 18 Nov 2024 09:10:05 GMT
content-type: image/jpeg
last-modified: Wed, 13 Dec 2023 16:46:59 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56336
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 winstar-ammenities-golf-and-recreation-winstar-golf-club-04-768x432.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/02/ 64 KB
65 KB 44ms
42ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/02/winstar-ammenities-golf-and-recreation-winstar-golf-club-04-768x432.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b8ed5c641f85d1de46f32bb3e43603c06b5ebd0e354acedf1b7a9d39b469c45d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "66aa83af-1005a"
age: 61087
expires: Wed, 18 Dec 2024 04:12:17 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: NzZYpR7VMIRIj2xvTdFU2bRBdEVGSgb33fSyV9ZhdL8VXYWWgaHFyA==
date: Mon, 18 Nov 2024 04:12:17 GMT
content-type: image/jpeg
last-modified: Wed, 31 Jul 2024 18:34:23 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65626
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-adagamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 45ms
45ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-adagamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ba51a474e5d660c43316a015ae9ae74ceebb7fc9ba6b74bfca5f1184a04bf6ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-fd4"
age: 61471
expires: Wed, 18 Dec 2024 04:05:53 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: timaBoHuG17ii0jMIXgnbZx6F1onMp7En4_AuOFhRsNgrgRufHHgLQ==
date: Mon, 18 Nov 2024 04:05:53 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4052
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00003.ts Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 5 MB
5 MB 44ms
44ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00003.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03a4a68729ffc6ef8b6d0ef2958f8e0a77ca3e6d45d29fe0c79a0ece4e27ae30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "d1c3234b01a846d1be2d634446755f4f"
age: 113746
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 6EV3xWM7mlAwsqmCIrn-29ARJlGNwnUhLGmz45a0r2gDdcQ2y5kJVw==
date: Sun, 17 Nov 2024 13:34:39 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:21 GMT
vary: Origin,accept-encoding
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 5370596
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 logo-theartesianhotel.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 47ms
47ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theartesianhotel.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c6403d94b772acfb45a7caf6537bdcf3e98af27b4be76b120b5575ea212d3739

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df697-ca9"
age: 46180
expires: Wed, 18 Dec 2024 08:20:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: egQhlSZraL0Cn6GZM9eaZzl2Uo2Pr9DGIE4H1QGjk1YZx2b998O6gw==
date: Mon, 18 Nov 2024 08:20:44 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:27 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3241
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-blackgoldcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 47ms
46ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-blackgoldcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c15786285ba0667a0ef68b90870bd9a9fffeeef3420bc2a40eae3e1d03b4537c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-dfa"
age: 56148
expires: Wed, 18 Dec 2024 05:34:36 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: tin6IvzdxphiECCAqt6sSTOMl075pw7s77C-sD596NTxOEtiXv3LEA==
date: Mon, 18 Nov 2024 05:34:36 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3578
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-bordercasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 477ms
476ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-bordercasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4567edfd8bc0ab6bf15dc711d50b5b824229f4fac6d93af1783989fc83090f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d25"
age: 46180
expires: Wed, 18 Dec 2024 08:20:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: bOy0_fBfVR9mIwlbpcHqBB_MipCB4u5bYmyaHHmXXZXhBWNEhslv6A==
date: Mon, 18 Nov 2024 08:20:44 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3365
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-chickasawtravelstop.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
3 KB 41ms
41ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chickasawtravelstop.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 41da77e99ce20356956eda28208e4c9717a04360ce5172391277f7d456b8d28f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-b03"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: ILB9om4s7qfYm3I_eBAsfUWgAEfLGoK3Lfw-x54qH8n4u3JkY_X8lw==
date: Mon, 18 Nov 2024 08:20:45 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2819
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-chisholmtrailcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
3 KB 38ms
38ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chisholmtrailcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 066adf1f3d9d490a730c12cfea2ae35f40057353c9fe193643e2eb30ba13e456

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-bfa"
age: 56149
expires: Wed, 18 Dec 2024 05:34:36 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 3Up3lVGczk3zn-cVUiXxKwS2jmIiDrhX57W9WwEut1_30FWnD4SyjA==
date: Mon, 18 Nov 2024 05:34:36 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3066
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00004.ts Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 5 MB
5 MB 48ms
47ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00004.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 636f8c02f38ce13ac4df9c0bdd433d56d5f04013f5eb3afe35045825381c7f45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "79c41501c0049d3f2017775a3c02445c"
age: 3187
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: GkB1wIWkkHDhgptYo2m-bDHQn8huzNsEdJLp6NMhkUOxR4pcil4XiQ==
date: Mon, 18 Nov 2024 21:10:25 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:21 GMT
vary: Origin,accept-encoding
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 5084648
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 logo-goldmountaincasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
5 KB 42ms
42ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldmountaincasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 86bdd63a4e04be3802dd72ce6cf38c2b0bb571b0b2efa59370e96566f2c64b6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-12ad"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: r2psisWWI77j0JDzL0qI3MAEBCg9ylp06yQWjhpeJR0_1W0nL-ju9w==
date: Mon, 18 Nov 2024 08:20:45 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4781
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-goldsbygamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
5 KB 41ms
40ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldsbygamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7417cf0ced331f273313912449912c946fa76612af11c6b0a0c494b40f0c1a92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-136a"
age: 55487
expires: Wed, 18 Dec 2024 05:45:38 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: E-pGBWHaSS_k_ViYe3FSAIWSBF9o_QcEg8XxAd3csfKuGzSOa9QaDQ==
date: Mon, 18 Nov 2024 05:45:38 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4970
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-jetstreamcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 50ms
50ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-jetstreamcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f27791ce35bfbad21f1bc95b938236f1b2ae11d21da0824f267314ada9258be0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d9e"
age: 56148
expires: Wed, 18 Dec 2024 05:34:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 24FHKf3sVFw5xzPK93p4vud93ZqUd9dWryoWYyPzWP0d6HlLB_JO5g==
date: Mon, 18 Nov 2024 05:34:37 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3486
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 LakecrestWScolor-240x96.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/03/ 7 KB
7 KB 48ms
48ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/03/LakecrestWScolor-240x96.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ecb60f5fcf6a82cbd546013c3d4c25b0e28ca75a361ef89c0d026079cec5f349

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "65e8b6fa-1a7e"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: WbwBhA5gWNX2fQWMp43R6gDybCOJfb3sM_ZbwGcqeyAHkMSgQIjsZA==
date: Mon, 18 Nov 2024 21:10:25 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2024 18:33:30 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6782
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-madillgamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
5 KB 41ms
40ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-madillgamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 85b59840ab6433a38b9902a055593233909e71ac97e48eb36fc392d0605d2b98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-1386"
age: 56148
expires: Wed, 18 Dec 2024 05:34:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: dQmxASCgB8h8S95QEH3c1xTGBpVMHx1QMSj_Co-J_ho2ocVFejP4AA==
date: Mon, 18 Nov 2024 05:34:37 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4998
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 megastar-winstar.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/ 3 KB
4 KB 44ms
43ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/megastar-winstar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3de9de632a3e6f2e22017bc5d232014a93f6fe2f7d9ec263380bc974b0fb5db3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5d309115-d7a"
age: 61471
expires: Wed, 18 Dec 2024 04:05:54 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: IyfoJ9CNEvxoapXAu_F5PBrKkHFJ56rOJ9ynQBpPRA_HrvU94uwqkg==
date: Mon, 18 Nov 2024 04:05:54 GMT
content-type: image/png
last-modified: Thu, 18 Jul 2019 15:32:37 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3450
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-newcastlecasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
4 KB 51ms
49ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-newcastlecasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cc6c4b5e28b2032cbe3f5643ecf372843204c5496728977e88a6fbe0a3477df0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d53"
age: 56147
expires: Wed, 18 Dec 2024 05:34:38 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: TKnQJ636J06NHt5YTvo-pEQ0BRlkJEpDh1hkxuLrB33FMxOJxdNQ2A==
date: Mon, 18 Nov 2024 05:34:38 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3411
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-theriverstarcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
3 KB 41ms
41ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theriverstarcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 79dda662f0e1d9941f6e37abfd88e1e9d47a47a22e7af02d8eaf0e559b4aae26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-b41"
age: 46179
expires: Wed, 18 Dec 2024 08:20:46 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jccRDKUbouMOULOvJujQQXISz5dJ7RO9cWTND9oJhm-DzVFVTcFLqw==
date: Mon, 18 Nov 2024 08:20:46 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2881
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-riverwindcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 43ms
39ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-riverwindcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5815853f5d6a34adb512d6dea6ef7c8c623e079d1843f0780ef61a633cc9723f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-f22"
age: 55486
expires: Wed, 18 Dec 2024 05:45:39 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 4vizJmxQItSyXVAbYnbFGobkuG5YReWHRFSAi_GBopBZoRaqRRT0Qw==
date: Mon, 18 Nov 2024 05:45:39 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3874
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-saltcreekcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 50ms
41ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-saltcreekcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b12813845fa48ed49b4e80cf1b9e5c4c1f4c0714e9b8770ae4b7fc4c2983614e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-eb3"
age: 46179
expires: Wed, 18 Dec 2024 08:20:46 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 51zQ0XZ-taS-gMc0cR9-kFeZrks18nWKrSrzJpVjcy_MgAm_Y_WPpQ==
date: Mon, 18 Nov 2024 08:20:46 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3763
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-texomacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 58ms
58ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-texomacasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 19429578595e34b23b9a41784baeaa33ba8961779dd7ebcf6b25d52931f355a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-e4d"
age: 61471
expires: Wed, 18 Dec 2024 04:05:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: VLk_uv7CMLMM3olq8_pdM6nMFSwXndCivBCLFltRzK67FlOpJ8PE9g==
date: Mon, 18 Nov 2024 04:05:55 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3661
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00005.ts Show response
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 4 MB
4 MB 41ms
41ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00005.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f35df47c56d1ad927700e98fcf11ddb56426bf7bf7cc280983f6240a8ef0b52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "fac6e674724092ebc54c2a5bc360302c"
age: 2314954
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 7f4plcGNTvEAGKZDXu_k8yA3cO6hBOmFh8dXz-05HPpZncSIXMGfbw==
date: Wed, 23 Oct 2024 02:07:53 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:21 GMT
vary: Origin
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 4626680
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 logo-treasurevalleycasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
5 KB 42ms
41ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-treasurevalleycasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fa4eb0e1a1938615f6ffdbc6d387b8d0122b6b88bf8e50e5445b96f647d17e68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-1158"
age: 70627
expires: Wed, 18 Dec 2024 01:33:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: YHDhaoL2VfBfsFGg9sEDnbl-V1e18WM1UbTdb5nOQ1IgywYf7IRgIA==
date: Mon, 18 Nov 2024 01:33:19 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4440
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-washitacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
4 KB 53ms
44ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-washitacasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 29f7dd2a5efb522e57fc8f249d1b49ec594412d3231aee685b75761073335658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-f42"
age: 61470
expires: Wed, 18 Dec 2024 04:05:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jLjCFubMmaHs5SbrbzCKJfdM64nUMc4NW024ZhCQoWtWd5hlZE4hug==
date: Mon, 18 Nov 2024 04:05:56 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3906
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 WBh-WS-240x183.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/06/ 11 KB
11 KB 44ms
42ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2023/06/WBh-WS-240x183.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: acf4ba02af066484e6bbcf8973331efb2898aafb56f2990b27ded9bf406424d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "6499da18-2a17"
age: 68645
expires: Wed, 18 Dec 2024 02:06:21 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: LFii65yMwks0N_SR9f0Ore0GspR81J1AV7str1hPrbku2XHXhRSrvA==
date: Mon, 18 Nov 2024 21:10:26 GMT
content-type: image/png
last-modified: Mon, 26 Jun 2023 18:34:00 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10775
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-adagamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 3ms
3ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-adagamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ba51a474e5d660c43316a015ae9ae74ceebb7fc9ba6b74bfca5f1184a04bf6ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-fd4"
age: 61471
expires: Wed, 18 Dec 2024 04:05:53 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: timaBoHuG17ii0jMIXgnbZx6F1onMp7En4_AuOFhRsNgrgRufHHgLQ==
date: Mon, 18 Nov 2024 04:05:53 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4052
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-theartesianhotel.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 1ms
1ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theartesianhotel.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c6403d94b772acfb45a7caf6537bdcf3e98af27b4be76b120b5575ea212d3739

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df697-ca9"
age: 46180
expires: Wed, 18 Dec 2024 08:20:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: egQhlSZraL0Cn6GZM9eaZzl2Uo2Pr9DGIE4H1QGjk1YZx2b998O6gw==
date: Mon, 18 Nov 2024 08:20:44 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:27 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3241
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-blackgoldcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 1ms
1ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-blackgoldcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c15786285ba0667a0ef68b90870bd9a9fffeeef3420bc2a40eae3e1d03b4537c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-dfa"
age: 56148
expires: Wed, 18 Dec 2024 05:34:36 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: tin6IvzdxphiECCAqt6sSTOMl075pw7s77C-sD596NTxOEtiXv3LEA==
date: Mon, 18 Nov 2024 05:34:36 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3578
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-bordercasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-bordercasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4567edfd8bc0ab6bf15dc711d50b5b824229f4fac6d93af1783989fc83090f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d25"
age: 46180
expires: Wed, 18 Dec 2024 08:20:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: bOy0_fBfVR9mIwlbpcHqBB_MipCB4u5bYmyaHHmXXZXhBWNEhslv6A==
date: Mon, 18 Nov 2024 08:20:44 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3365
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-chickasawtravelstop.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chickasawtravelstop.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 41da77e99ce20356956eda28208e4c9717a04360ce5172391277f7d456b8d28f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-b03"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: ILB9om4s7qfYm3I_eBAsfUWgAEfLGoK3Lfw-x54qH8n4u3JkY_X8lw==
date: Mon, 18 Nov 2024 08:20:45 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2819
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-chisholmtrailcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chisholmtrailcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 066adf1f3d9d490a730c12cfea2ae35f40057353c9fe193643e2eb30ba13e456

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-bfa"
age: 56149
expires: Wed, 18 Dec 2024 05:34:36 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 3Up3lVGczk3zn-cVUiXxKwS2jmIiDrhX57W9WwEut1_30FWnD4SyjA==
date: Mon, 18 Nov 2024 05:34:36 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3066
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-goldmountaincasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldmountaincasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 86bdd63a4e04be3802dd72ce6cf38c2b0bb571b0b2efa59370e96566f2c64b6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-12ad"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: r2psisWWI77j0JDzL0qI3MAEBCg9ylp06yQWjhpeJR0_1W0nL-ju9w==
date: Mon, 18 Nov 2024 08:20:45 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4781
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-goldsbygamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldsbygamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7417cf0ced331f273313912449912c946fa76612af11c6b0a0c494b40f0c1a92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-136a"
age: 55487
expires: Wed, 18 Dec 2024 05:45:38 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: E-pGBWHaSS_k_ViYe3FSAIWSBF9o_QcEg8XxAd3csfKuGzSOa9QaDQ==
date: Mon, 18 Nov 2024 05:45:38 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4970
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-jetstreamcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-jetstreamcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f27791ce35bfbad21f1bc95b938236f1b2ae11d21da0824f267314ada9258be0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d9e"
age: 56148
expires: Wed, 18 Dec 2024 05:34:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 24FHKf3sVFw5xzPK93p4vud93ZqUd9dWryoWYyPzWP0d6HlLB_JO5g==
date: Mon, 18 Nov 2024 05:34:37 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3486
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 LakecrestWScolor-240x96.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/03/ 7 KB
0 3ms
3ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/03/LakecrestWScolor-240x96.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ecb60f5fcf6a82cbd546013c3d4c25b0e28ca75a361ef89c0d026079cec5f349

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "65e8b6fa-1a7e"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: WbwBhA5gWNX2fQWMp43R6gDybCOJfb3sM_ZbwGcqeyAHkMSgQIjsZA==
date: Mon, 18 Nov 2024 21:10:25 GMT
content-type: image/png
last-modified: Wed, 06 Mar 2024 18:33:30 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6782
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-madillgamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
0 1ms
1ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-madillgamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 85b59840ab6433a38b9902a055593233909e71ac97e48eb36fc392d0605d2b98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-1386"
age: 56148
expires: Wed, 18 Dec 2024 05:34:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: dQmxASCgB8h8S95QEH3c1xTGBpVMHx1QMSj_Co-J_ho2ocVFejP4AA==
date: Mon, 18 Nov 2024 05:34:37 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4998
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 megastar-winstar.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/ 3 KB
0 1ms
1ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/megastar-winstar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3de9de632a3e6f2e22017bc5d232014a93f6fe2f7d9ec263380bc974b0fb5db3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5d309115-d7a"
age: 61471
expires: Wed, 18 Dec 2024 04:05:54 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: IyfoJ9CNEvxoapXAu_F5PBrKkHFJ56rOJ9ynQBpPRA_HrvU94uwqkg==
date: Mon, 18 Nov 2024 04:05:54 GMT
content-type: image/png
last-modified: Thu, 18 Jul 2019 15:32:37 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3450
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-newcastlecasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-newcastlecasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cc6c4b5e28b2032cbe3f5643ecf372843204c5496728977e88a6fbe0a3477df0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d53"
age: 56147
expires: Wed, 18 Dec 2024 05:34:38 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: TKnQJ636J06NHt5YTvo-pEQ0BRlkJEpDh1hkxuLrB33FMxOJxdNQ2A==
date: Mon, 18 Nov 2024 05:34:38 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3411
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-theriverstarcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 18ms
17ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theriverstarcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 79dda662f0e1d9941f6e37abfd88e1e9d47a47a22e7af02d8eaf0e559b4aae26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-b41"
age: 46179
expires: Wed, 18 Dec 2024 08:20:46 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jccRDKUbouMOULOvJujQQXISz5dJ7RO9cWTND9oJhm-DzVFVTcFLqw==
date: Mon, 18 Nov 2024 08:20:46 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2881
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00006.ts
d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/ 601 KB
0 82ms
43ms XHR
video/mp2t 2600:9000:2644:da00:1c:394e:64c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1awx0lut659jn.cloudfront.net/assets/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4/cgw-180924-websitebackplate-homepage-17-cgw-259-rv4_1080ph00006.ts
Requested by: Host: dkr2rmsityotp.cloudfront.net
URL: https://dkr2rmsityotp.cloudfront.net/wp-content/plugins/am-video-api/includes/js/am-video-player.js?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:da00:1c:394e:64c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "fdea30fbbbea7fbd0938a9428aabc7a5"
age: 626067
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: F-i-wxlTdnBW2mQnAfUT-hb4KJJ_JRRyZr8IgmFXlVB5DzV-KZIr7w==
date: Mon, 11 Nov 2024 15:16:01 GMT
content-type: video/MP2T
last-modified: Fri, 21 Feb 2020 18:31:20 GMT
vary: Origin
access-control-allow-credentials: true
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: https://www.winstar.com
content-length: 3632160
x-amz-cf-pop: FRA60-P6
server: AmazonS3

GET
H2 200 logo-riverwindcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 5ms
5ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-riverwindcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5815853f5d6a34adb512d6dea6ef7c8c623e079d1843f0780ef61a633cc9723f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-f22"
age: 55486
expires: Wed, 18 Dec 2024 05:45:39 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 4vizJmxQItSyXVAbYnbFGobkuG5YReWHRFSAi_GBopBZoRaqRRT0Qw==
date: Mon, 18 Nov 2024 05:45:39 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3874
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-saltcreekcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-saltcreekcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b12813845fa48ed49b4e80cf1b9e5c4c1f4c0714e9b8770ae4b7fc4c2983614e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-eb3"
age: 46179
expires: Wed, 18 Dec 2024 08:20:46 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 51zQ0XZ-taS-gMc0cR9-kFeZrks18nWKrSrzJpVjcy_MgAm_Y_WPpQ==
date: Mon, 18 Nov 2024 08:20:46 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3763
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-texomacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-texomacasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 19429578595e34b23b9a41784baeaa33ba8961779dd7ebcf6b25d52931f355a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-e4d"
age: 61471
expires: Wed, 18 Dec 2024 04:05:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: VLk_uv7CMLMM3olq8_pdM6nMFSwXndCivBCLFltRzK67FlOpJ8PE9g==
date: Mon, 18 Nov 2024 04:05:55 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3661
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-treasurevalleycasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 1ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-treasurevalleycasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fa4eb0e1a1938615f6ffdbc6d387b8d0122b6b88bf8e50e5445b96f647d17e68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-1158"
age: 70627
expires: Wed, 18 Dec 2024 01:33:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: YHDhaoL2VfBfsFGg9sEDnbl-V1e18WM1UbTdb5nOQ1IgywYf7IRgIA==
date: Mon, 18 Nov 2024 01:33:19 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4440
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-washitacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-washitacasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 29f7dd2a5efb522e57fc8f249d1b49ec594412d3231aee685b75761073335658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-f42"
age: 61470
expires: Wed, 18 Dec 2024 04:05:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jLjCFubMmaHs5SbrbzCKJfdM64nUMc4NW024ZhCQoWtWd5hlZE4hug==
date: Mon, 18 Nov 2024 04:05:56 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3906
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-adagamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-adagamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ba51a474e5d660c43316a015ae9ae74ceebb7fc9ba6b74bfca5f1184a04bf6ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-fd4"
age: 61471
expires: Wed, 18 Dec 2024 04:05:53 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: timaBoHuG17ii0jMIXgnbZx6F1onMp7En4_AuOFhRsNgrgRufHHgLQ==
date: Mon, 18 Nov 2024 04:05:53 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4052
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-theartesianhotel.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theartesianhotel.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c6403d94b772acfb45a7caf6537bdcf3e98af27b4be76b120b5575ea212d3739

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df697-ca9"
age: 46180
expires: Wed, 18 Dec 2024 08:20:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: egQhlSZraL0Cn6GZM9eaZzl2Uo2Pr9DGIE4H1QGjk1YZx2b998O6gw==
date: Mon, 18 Nov 2024 08:20:44 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:27 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3241
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-blackgoldcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-blackgoldcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c15786285ba0667a0ef68b90870bd9a9fffeeef3420bc2a40eae3e1d03b4537c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-dfa"
age: 56148
expires: Wed, 18 Dec 2024 05:34:36 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: tin6IvzdxphiECCAqt6sSTOMl075pw7s77C-sD596NTxOEtiXv3LEA==
date: Mon, 18 Nov 2024 05:34:36 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3578
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-bordercasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-bordercasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4567edfd8bc0ab6bf15dc711d50b5b824229f4fac6d93af1783989fc83090f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d25"
age: 46180
expires: Wed, 18 Dec 2024 08:20:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: bOy0_fBfVR9mIwlbpcHqBB_MipCB4u5bYmyaHHmXXZXhBWNEhslv6A==
date: Mon, 18 Nov 2024 08:20:44 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3365
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-chickasawtravelstop.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chickasawtravelstop.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 41da77e99ce20356956eda28208e4c9717a04360ce5172391277f7d456b8d28f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-b03"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: ILB9om4s7qfYm3I_eBAsfUWgAEfLGoK3Lfw-x54qH8n4u3JkY_X8lw==
date: Mon, 18 Nov 2024 08:20:45 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2819
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-chisholmtrailcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-chisholmtrailcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 066adf1f3d9d490a730c12cfea2ae35f40057353c9fe193643e2eb30ba13e456

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-bfa"
age: 56149
expires: Wed, 18 Dec 2024 05:34:36 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 3Up3lVGczk3zn-cVUiXxKwS2jmIiDrhX57W9WwEut1_30FWnD4SyjA==
date: Mon, 18 Nov 2024 05:34:36 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3066
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-goldmountaincasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldmountaincasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 86bdd63a4e04be3802dd72ce6cf38c2b0bb571b0b2efa59370e96566f2c64b6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-12ad"
age: 46180
expires: Wed, 18 Dec 2024 08:20:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: r2psisWWI77j0JDzL0qI3MAEBCg9ylp06yQWjhpeJR0_1W0nL-ju9w==
date: Mon, 18 Nov 2024 08:20:45 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4781
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-goldsbygamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-goldsbygamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7417cf0ced331f273313912449912c946fa76612af11c6b0a0c494b40f0c1a92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-136a"
age: 55487
expires: Wed, 18 Dec 2024 05:45:38 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: E-pGBWHaSS_k_ViYe3FSAIWSBF9o_QcEg8XxAd3csfKuGzSOa9QaDQ==
date: Mon, 18 Nov 2024 05:45:38 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4970
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-jetstreamcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-jetstreamcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f27791ce35bfbad21f1bc95b938236f1b2ae11d21da0824f267314ada9258be0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d9e"
age: 56148
expires: Wed, 18 Dec 2024 05:34:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 24FHKf3sVFw5xzPK93p4vud93ZqUd9dWryoWYyPzWP0d6HlLB_JO5g==
date: Mon, 18 Nov 2024 05:34:37 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3486
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-madillgamingcenter.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 5 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-madillgamingcenter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 85b59840ab6433a38b9902a055593233909e71ac97e48eb36fc392d0605d2b98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-1386"
age: 56148
expires: Wed, 18 Dec 2024 05:34:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: dQmxASCgB8h8S95QEH3c1xTGBpVMHx1QMSj_Co-J_ho2ocVFejP4AA==
date: Mon, 18 Nov 2024 05:34:37 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4998
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 megastar-winstar.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2019/07/megastar-winstar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3de9de632a3e6f2e22017bc5d232014a93f6fe2f7d9ec263380bc974b0fb5db3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5d309115-d7a"
age: 61471
expires: Wed, 18 Dec 2024 04:05:54 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: IyfoJ9CNEvxoapXAu_F5PBrKkHFJ56rOJ9ynQBpPRA_HrvU94uwqkg==
date: Mon, 18 Nov 2024 04:05:54 GMT
content-type: image/png
last-modified: Thu, 18 Jul 2019 15:32:37 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3450
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-newcastlecasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-newcastlecasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cc6c4b5e28b2032cbe3f5643ecf372843204c5496728977e88a6fbe0a3477df0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-d53"
age: 56147
expires: Wed, 18 Dec 2024 05:34:38 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: TKnQJ636J06NHt5YTvo-pEQ0BRlkJEpDh1hkxuLrB33FMxOJxdNQ2A==
date: Mon, 18 Nov 2024 05:34:38 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3411
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-theriverstarcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 3 KB
0 1ms
1ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-theriverstarcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 79dda662f0e1d9941f6e37abfd88e1e9d47a47a22e7af02d8eaf0e559b4aae26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-b41"
age: 46179
expires: Wed, 18 Dec 2024 08:20:46 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jccRDKUbouMOULOvJujQQXISz5dJ7RO9cWTND9oJhm-DzVFVTcFLqw==
date: Mon, 18 Nov 2024 08:20:46 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2881
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-riverwindcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 1ms
1ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-riverwindcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5815853f5d6a34adb512d6dea6ef7c8c623e079d1843f0780ef61a633cc9723f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-f22"
age: 55486
expires: Wed, 18 Dec 2024 05:45:39 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 4vizJmxQItSyXVAbYnbFGobkuG5YReWHRFSAi_GBopBZoRaqRRT0Qw==
date: Mon, 18 Nov 2024 05:45:39 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3874
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-saltcreekcasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-saltcreekcasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b12813845fa48ed49b4e80cf1b9e5c4c1f4c0714e9b8770ae4b7fc4c2983614e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-eb3"
age: 46179
expires: Wed, 18 Dec 2024 08:20:46 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 51zQ0XZ-taS-gMc0cR9-kFeZrks18nWKrSrzJpVjcy_MgAm_Y_WPpQ==
date: Mon, 18 Nov 2024 08:20:46 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3763
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-texomacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-texomacasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 19429578595e34b23b9a41784baeaa33ba8961779dd7ebcf6b25d52931f355a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-e4d"
age: 61471
expires: Wed, 18 Dec 2024 04:05:55 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: VLk_uv7CMLMM3olq8_pdM6nMFSwXndCivBCLFltRzK67FlOpJ8PE9g==
date: Mon, 18 Nov 2024 04:05:55 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3661
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-treasurevalleycasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-treasurevalleycasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fa4eb0e1a1938615f6ffdbc6d387b8d0122b6b88bf8e50e5445b96f647d17e68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-1158"
age: 70627
expires: Wed, 18 Dec 2024 01:33:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: YHDhaoL2VfBfsFGg9sEDnbl-V1e18WM1UbTdb5nOQ1IgywYf7IRgIA==
date: Mon, 18 Nov 2024 01:33:19 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4440
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-washitacasino.png
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/ 4 KB
0 0ms
0ms Image
image/png 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2018/07/logo-washitacasino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 29f7dd2a5efb522e57fc8f249d1b49ec594412d3231aee685b75761073335658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "5b6df696-f42"
age: 61470
expires: Wed, 18 Dec 2024 04:05:56 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jLjCFubMmaHs5SbrbzCKJfdM64nUMc4NW024ZhCQoWtWd5hlZE4hug==
date: Mon, 18 Nov 2024 04:05:56 GMT
content-type: image/png
last-modified: Fri, 10 Aug 2018 20:33:26 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3906
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 Winstar_LOL_Dero-17-scaled-768x512.jpg
dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/06/ 54 KB
0 0ms
0ms Image
image/jpeg 2600:9000:266e:e400:6:ec6d:cb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkr2rmsityotp.cloudfront.net/wp-content/uploads/2024/06/Winstar_LOL_Dero-17-scaled-768x512.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:6:ec6d:cb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5271ed90abfbf9de2d1fd715b63157067d1a57212687a749a3bf63c81288ed07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winstar.com/

Response headers

etag: "67378877-d6ca"
age: 60840
expires: Wed, 18 Dec 2024 04:16:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: fEJ8FGwAaKGzPmR5Nz90ebFOujVh1Tz2J0ARh7eICC_3X79Ve7-Adw==
date: Mon, 18 Nov 2024 04:16:19 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 17:44:23 GMT
vary: Accept-Encoding
cache-control: max-age=2592000, public, no-transform
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54986
x-amz-cf-pop: FRA56-P8
server: nginx/1.18.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.winstar.com
URL: blob:https://www.winstar.com/2383779d-ea9f-4acc-8f68-eaaacf1dd691

Domain: www.winstar.com
URL: blob:https://www.winstar.com/fa5404fe-e732-4163-9cd3-bdcc2272947c

Domain: www.winstar.com
URL: blob:https://www.winstar.com/f3f1a522-b616-40e7-878e-3709fd954339

Domain: www.winstar.com
URL: blob:https://www.winstar.com/1ccced0e-0a7e-4d59-a63f-541363ceea13

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winstar.com/	1970-01-21 03:15:40	Name: _fbp Value: fb.1.1731964219476.98681693945207380
.winstar.com/	1970-01-21 03:15:40	Name: _gcl_au Value: 1.1.1024092750.1731964220
www.winstar.com/	1970-01-21 09:51:04	Name: firsttimevisit Value: beentheredonethat
.yieldoptimizer.com/	1970-01-21 09:51:40	Name: cktst Value: 497016045
.tiktok.com/	1970-01-21 10:27:40	Name: _ttp Value: 2p2VaLn4Y9RLJoUqNzIecrPCajN
www.winstar.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: LhVo1iLEHNfStQ55aOSdEQOhOt11qB2SBnxj2Nt%2CgAJMF0dluMgDT0ZKPWOEweQt
.doubleclick.net/	1970-01-21 01:49:16	Name: ar_debug Value: 1
.yieldoptimizer.com/	1970-01-21 09:51:40	Name: ckid Value: 3019489371955
.yieldoptimizer.com/	1970-01-21 09:51:40	Name: ph Value: %7B%22p%22%3A%5B1025%2C1490%2C1203%2C1476%2C39%2C1305%2C1084%2C1022%5D%2C%22t%22%3A%5B139221%2C139221%2C139221%2C139221%2C139221%2C139221%2C139221%2C139221%5D%7D
.winstar.com/	1970-01-21 10:42:04	Name: _ga_1LWDFVQ2YJ Value: GS1.1.1731964220.1.0.1731964220.60.0.0
.winstar.com/	1970-01-21 10:42:04	Name: _ga_M62JR698ND Value: GS1.1.1731964220.1.0.1731964220.0.0.0
.doubleclick.net/	1970-01-21 05:25:16	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:27:40	Name: IDE Value: AHWqTUnj2UThPIljYNZyrqDVg7IUgn0NPZbo5QmB8wXn5sXbFP0J4IpkdHdq4jQHmhU
.winstar.com/	1970-01-21 10:42:04	Name: _ga Value: GA1.2.784854515.1731964220
.winstar.com/	1970-01-21 01:07:30	Name: _gid Value: GA1.2.756463677.1731964220
.winstar.com/	1970-01-21 01:06:04	Name: _dc_gtm_UA-28262588-1 Value: 1
www.winstar.com/	1969-12-31 23:59:59	Name: ga_events Value: %5B%7B%22clientId%22%3A%22784854515.1731964220%22%2C%22trackingId%22%3A%22UA-28262588-1%22%2C%22name%22%3A%22gtm2%22%7D%5D
www.winstar.com/	1969-12-31 23:59:59	Name: ga_gtm Value: %5B%7B%22clientId%22%3A%22784854515.1731964220%22%2C%22measurementId%22%3A%22G-1LWDFVQ2YJ%22%7D%5D
.simpli.fi/	1970-01-21 09:53:06	Name: suid Value: 77DB236DA87B49B0B17AFAA9E93BBF2D
tags.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id Value: s%3A0-c7161f75-ac2c-54f4-5f1c-9cc735444f6d.sNg3maRA7p6AhTfX3Ja3vLvXrBMsqJ%2F3ZBPaS%2BeNMj0
tags.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id-v2 Value: s%3AxxYfdawsVPRfHJzHNURPbVD_B30.ANjQBaIyjhxMsePHoSeLdIWApwgqupldQmq9kQpE%2BGs
tags.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id-v3 Value: s%3AAQAKIAwGMtGbYkRFqwk_nGvlrTsMj1JQMvkj5QgTbazGorFSEGcYBCC82u65BjABOgRntaa9QgR_dEpr.HHxjnvyeHHk%2FLgLUwspHqJuVhVz034WXxSy4K1bq1WU
.adaraanalytics.com/	1970-01-21 09:51:40	Name: ckid Value: 3019489371955
.adaraanalytics.com/	1970-01-21 09:51:40	Name: aackid Value: 3019489371955
.turn.com/	1970-01-21 05:25:16	Name: uid Value: 3488204682239319137
.winstar.com/	1970-01-21 10:27:40	Name: _tt_enable_cookie Value: 1
.winstar.com/	1970-01-21 10:27:40	Name: _ttp Value: jo515D0FOzvJJ8LZksOx6xy996x.tt.1
.hsforms.com/	1970-01-21 01:06:06	Name: __cf_bm Value: FRPRxvAGhMT.Ia2t8H3V7KoGI95J2a9U98LR4qKykcE-1731964220-1.0.1.1-L4QN6YiGZLX06.PDs4QY0x_qPt2SokIaJ23SzL92i_goUYhpiBdAyEgs2U59rO5xPyWmWogT.OKq4TGVvcJTTw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: B1Fwc0HGL_ukkKZzg3Qfav8JLI.bDqrs_HoueTiG73Q-1731964220518-0.0.1.1-604800000
.demdex.net/	1970-01-21 05:25:16	Name: demdex Value: 30492917472778840972139767135997893711
.dpm.demdex.net/	1970-01-21 05:25:16	Name: dpm Value: 30492917472778840972139767135997893711
sync.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id Value: s%3A0-69d3a07a-c8c6-5567-53d3-28d4faa2a477.3wNDLe6%2BwEIK0VaoOPF9hPjjgumuZBY1BRSFSTowUYM
.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id Value: s%3A0-69d3a07a-c8c6-5567-53d3-28d4faa2a477.3wNDLe6%2BwEIK0VaoOPF9hPjjgumuZBY1BRSFSTowUYM
sync.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id-v2 Value: s%3AadOgesjGVWdT0yjU-qKkd1D_B30.uW9V3JaAte8mRc4JbqSked%2FEny13bxsidsbnOf4cQPI
.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id-v2 Value: s%3AadOgesjGVWdT0yjU-qKkd1D_B30.uW9V3JaAte8mRc4JbqSked%2FEny13bxsidsbnOf4cQPI
sync.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id-v3 Value: s%3AAQAKIAwGMtGbYkRFqwk_nGvlrTsMj1JQMvkj5QgTbazGorFSENYBGAQgvNruuQYwAToEQiu0oEIEP_RUFA.30D0yaqFYaBB5c4E%2BJZpvo3wyw%2Bb1TLNj3k9%2BbBX2sQ
.srv.stackadapt.com/	1970-01-21 09:51:40	Name: sa-user-id-v3 Value: s%3AAQAKIAwGMtGbYkRFqwk_nGvlrTsMj1JQMvkj5QgTbazGorFSENYBGAQgvNruuQYwAToEQiu0oEIEP_RUFA.30D0yaqFYaBB5c4E%2BJZpvo3wyw%2Bb1TLNj3k9%2BbBX2sQ
.yieldoptimizer.com/	1970-01-21 09:51:40	Name: dph Value: %7B%22t%22%3A%5B139221%2C139221%2C139221%5D%2C%22dp%22%3A%5B8064%2C4889%2C3773%5D%7D
.adform.net/	1970-01-21 01:49:16	Name: C Value: 1
.adform.net/	1970-01-21 02:32:28	Name: uid Value: 7900945383852302913
.winstar.com/	1970-01-21 05:25:16	Name: __hstc Value: 40036989.313d54cf0b142e204aeb5cf994e53c8c.1731964222196.1731964222196.1731964222196.1
.winstar.com/	1970-01-21 05:25:16	Name: hubspotutk Value: 313d54cf0b142e204aeb5cf994e53c8c
.winstar.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.winstar.com/	1970-01-21 01:06:06	Name: __hssc Value: 40036989.1.1731964222196
.hubspot.com/	1970-01-21 01:06:06	Name: __cf_bm Value: ZBnsO6SiGHVOEfOng9lSAXSqg6krxyCJFQzwVfdAnFs-1731964222-1.0.1.1-gMWOqwfnXaY.TCqtDGAsqlLvlAGxjAuXfr8B2pVgUpNQZ9XnrlNaOtjDuY0037ZS0UF6KQSFE.qEKtvmuKuwgQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: KbramTkD2w..rHa8lfQ._BgMnnbdm9ocZWAFgkCygec-1731964222448-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-5b87198e85605739 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3019489371955&gdpr=&gdpr_consent=& Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10388130.fls.doubleclick.net
6820846.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
api.talkdeskapp.com
cdn.callrail.com
cdn.calltrk.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
cta-service-cms2.hubspot.com
d.adroll.com
d.turn.com
d1awx0lut659jn.cloudfront.net
dkr2rmsityotp.cloudfront.net
dpm.demdex.net
google.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hubspot.com
match.adsrvr.org
perf-na1.hsforms.com
pixelconnector.adready.com
qa-cdn-talkdesk.talkdeskdev.com
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
s7.addthis.com
stats.g.doubleclick.net
sync.srv.stackadapt.com
tag.adaraanalytics.com
tag.yieldoptimizer.com
talkdeskchatsdk.talkdeskapp.com
track.hubspot.com
tracker.adreadyclick.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.winstar.com
wyv31614.live.dynatrace.com
www.winstar.com
104.18.5.236
104.18.80.204
107.20.220.14
108.129.16.45
142.250.185.66
142.250.185.78
142.250.185.99
142.250.186.70
142.250.186.98
157.240.253.1
157.240.253.35
172.217.18.102
172.217.18.4
18.172.103.101
18.245.46.112
18.245.46.63
185.89.211.84
2.16.97.249
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:678:cb4:bbbb::13
216.58.212.131
23.213.161.204
2600:9000:2644:da00:1c:394e:64c0:21
2600:9000:266e:e400:6:ec6d:cb40:21
2600:9000:26e8:8600:6:9280:1080:93a1
2600:9000:275b:9e00:e:6b13:2100:93a1
2600:9000:275d:8400:9:7301:d4c0:93a1
2606:4700:4400::ac40:9310
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8dd1
2606:4700::6811:afc9
2a00:1288:80:807::1
2a00:1450:4001:800::200e
2a00:1450:4001:81c::2008
2a00:1450:400c:c00::9d
2a05:d018:cc3:fe05:7044:d421:e9fa:3958
2a06:98c1:3120::3
3.33.220.150
34.226.79.35
35.186.212.60
35.241.54.161
35.244.174.68
44.219.69.224
52.223.40.198
52.7.84.240
014da2c2fc006d274518c09e430d055e117efc0f76be195e24998dd0c8ea92f6
01ba0ea8fdbfdb6771a69fe9f211f66e2c74a344b8a1dc319d6c9b00e85a8b80
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
03a4a68729ffc6ef8b6d0ef2958f8e0a77ca3e6d45d29fe0c79a0ece4e27ae30
0464a7847be442c0e57f90a9ad3fbccdd170c8ac76443a9e321b68a917ae5854
066adf1f3d9d490a730c12cfea2ae35f40057353c9fe193643e2eb30ba13e456
06d94802face5823d4d9afb101dd44c940f796756a957146083ecf3582a1a57c
09148db51869a0004928641ad0237e112dd76220637425f6a49dab5fa364bd78
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c90dffaa0f249869c9d88706df1539e60bfa12ed2749f4ece718f417acc356d
0d6b33b87ffcc52f84fdbcdcc7536c9fadf39f8f37d05adc34d6db6cdb22bdfc
0e1ec1c8c6a0bd614d2c5cda283630e1dc34b4231d04aa2b304a8aee90d7db5d
15c6eb10976874b9a320ce26dc649b87ade0e52defb7b59714df782c0bed25c3
1722bc07834f22873c8bc49975c86b752733ee99e7fbe4b376d36a21acaeff5b
19429578595e34b23b9a41784baeaa33ba8961779dd7ebcf6b25d52931f355a4
1adb8f4ff0f589850abec6b8c7802e2d3439388ac02ca1634869a2642ca4386d
1c20e5c3fe30ec7c5dd2537ccda84257ea041eb80b9c347551a8c3e6a5455fa5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d170a0c6614510d8ffab190d4d2bd3e72b5a5089fd1fafaf6881899a772f406
1f35df47c56d1ad927700e98fcf11ddb56426bf7bf7cc280983f6240a8ef0b52
1fc11f1b18e7de7d8cbd36a2e3692719f1904644061a7433674ef9d3b435b267
2108ac60bc352011468c22c5405ad3d88912de0a4d76200e8869e7a4d7ff0e07
2479b20bc07f8a06050d460b542afe3cd6d25ae2807b347bae4cc55bc15495c8
26997b33ed89614fbebe09dd7ceb978dcd585dcd63500e60ed7caf3c9867669c
29f7dd2a5efb522e57fc8f249d1b49ec594412d3231aee685b75761073335658
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2f3a976e85a614d9eced5733ffe3246bcbbcf1d73eaed8f944ee25bec8d6e7c2
38ec723a6daf9cbdd3fe95231509a8d0589ea305778c2c73583f2204de3d1031
3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a
3a3dbaafa3a954d0904cb2bf9a86195b74c14994cc4cbeffd136664fe274a7c6
3dbfd9ceb00487694621ba11af851f03a325c16646e6b318270a47f173b2f94a
3de9de632a3e6f2e22017bc5d232014a93f6fe2f7d9ec263380bc974b0fb5db3
3e732b56ee037ec03322062dfd3460e2d4ae15e48b797045e3d52ed2b375938b
3eba9618671886ce8adffe743790cd484ea9bcb076d0025668a0f9e57160ebcc
3efda7c045d318cb91b575c5874c57669e2d3b04a4b642fba025c668daf964be
416d5fe7994fb54f5713fef2b8929438dc5199b443d57bb3d3ee27ca36576906
41da77e99ce20356956eda28208e4c9717a04360ce5172391277f7d456b8d28f
42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3
444ee466ca3d5f9fc1c54b1befb23f2cdda4d9b201941ab48f97fc94178fbef7
4493309b76de8b147bfd023d5c11a3148e101694f270a04444537eb658d25082
4567edfd8bc0ab6bf15dc711d50b5b824229f4fac6d93af1783989fc83090f1c
483648369bd614ef32a9988bb29da0edda62b695087e34304b5d7437b7127146
4a40fdd50fa2fa6991af1f9fb09e1d83a2b75f52c45bb2e949fa7adf17e066b8
4b0f8e09c7e0734669243c2c85360ad14f68cf1b8ef2ee476c56ddddbcf0df0d
4bd64cd22c1d8ece9cd8cf838f3c3e6c58fbcdc7dce6b4d71d13ca763c4207b2
4c31908f05e8f95bbe4e2f1c7545336fe63e25a575144117af9c65853c301b57
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f30efa2fa110db1f22af5d5a306cba6a3f4954d9295d5fe4b21bc2d824e2c18
5271ed90abfbf9de2d1fd715b63157067d1a57212687a749a3bf63c81288ed07
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52fdc524903bf82b78d5deabff63aa9860e60f1801f9aa4d7f2ba185b6783f43
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565be41b015066abca0a932cfb8748da75952ace8741964a4db6250947db1d95
578beea6ece8b5caf69b06cfce1832fa182e94fcacd1380c023d2fb0d8c7fe3f
5815853f5d6a34adb512d6dea6ef7c8c623e079d1843f0780ef61a633cc9723f
5a584d6e5fd456dff4d4022b1ab465304701248f9091b6734220d8d040b4b979
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5e8637c79b6a05bd176bd2e38df34d44763877482a2dd94e4bd520c6ef53f806
5e87be3a91b9765545950e0e5382c2232e1989eed7362afc7701c6ccff10fc80
5ef8fd059499d3331169f5dbbfbac1890f1c32df7a0e241e84db7c5f5f9cc362
5f4dd009bac3d340234903a4f8f7801f60861972dd29edfbd31b3656bcfeb3c5
61a9069f1cfcbe07e2b02b3d08ebd3ebb27af6b083ef4ee8a3937db45c976efb
636f8c02f38ce13ac4df9c0bdd433d56d5f04013f5eb3afe35045825381c7f45
65dc83e6a16c709c6426bb5ba8e408cdb0d31bfdd6a04e901e4ae537984257e7
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6853d729a67593739860d399dc73e21340de4f57bda79cc930f536e428967b4f
692617833abf8b47af4b814a8ae7f3a4629686ea61543b843992b45dc47e4847
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d41c3967be2609d77bcab64b36fff22ab9c60d939c4afdd08d8a55a4f7d225c
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
6fcce168e744ff2bf6f123eca7e410c9a95c6f74a67f90f86400a86a4a1a51ea
739593e55e25f30010e3a7f4d1e65411c1497f01de72b11b1d31c418dc8222c7
7417cf0ced331f273313912449912c946fa76612af11c6b0a0c494b40f0c1a92
7435f591f1deab97d8e688f12765056d72466f4b49211b12b1f94e3b52bc6317
78dd53f3f3c9f06e940ee51312dec76b559ce5415080298450919fcce53b5a63
790db0690aea8526789baad5093b2ed144b126b2ae72b89bfeb8e80c77695142
79dda662f0e1d9941f6e37abfd88e1e9d47a47a22e7af02d8eaf0e559b4aae26
7caf7d67f35ddb9f968ecd2614a5d1144b6bfff02d223c42ff6db748266a02fe
7f6e62aa22f40cd018e825002800e502fede0003adb92cdecd4cf48cd3c340ac
8052e8a74f8e5a80696396fc21ef98da9c99de3e41aa4c12b34eb4b911115046
81ae22dc9680379e1cc5fd07c05e54778d0b27b7f54b457c185cb7cab0076dd4
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
85b59840ab6433a38b9902a055593233909e71ac97e48eb36fc392d0605d2b98
868a4aadfbef7a07d77ab92576fe5d77a3fd0458ed2610a104f330013566ad79
86bdd63a4e04be3802dd72ce6cf38c2b0bb571b0b2efa59370e96566f2c64b6b
891d7eb01d106413f45ab4e6bc5761eed8a95f6dee783444be27d037e06bd24a
8b938761c37dc3d8b8d3154655d533b46c169b47841217e5c9db58dcb5de2d04
8c7dc74ebd37ab69d43e8f0427b04031e6c3bbba048c015c605d6dd90814c131
8d677c877ee196e63674af60b0b0efb884da667f034e2e7d5aba6fac671ee473
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91ed3916ddc6356d44ca000dd2b6411e35c3c8a7f5b3e9054f959ed0c8022565
950eae574dbbb0d163b7eb249c078b0398475f327b78eb61c7c5b9226742d23b
9b314496498a7981acb001c61520b307b3386689ac63049ef126f8c48e99cacb
a5b407261124be4904ddd07caa1cd783397a092c58205596a89fc67a85682ad4
a91f9b62a99493d2ff6429e5174a63d42286a19b67baa04b18f4e642a4ccfdec
aa0a0b71ca6d90b15f2d37d1392d5f221f9bf88f6cbe0cded1a525ecba7634bb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aab92c326a1bed55b744fc756d3d4b31148c8ee463ad0e69c65b73ad6b71692c
acf4ba02af066484e6bbcf8973331efb2898aafb56f2990b27ded9bf406424d7
ad4460ea944e0bd34215af487a69830a04a1017bc88cf0d9c748c697a68673d9
ade94b0a7e4417aaff64183516b645a79405d6557ee0c8f0a92e20ab71f4ea0b
af868596366f8adf5f4ea63ccedc8d589ad345f4ea52e10938017db993c8d6d0
b12813845fa48ed49b4e80cf1b9e5c4c1f4c0714e9b8770ae4b7fc4c2983614e
b339efd714ecdbd4c06540705e7aafcba2621c2a09dbb9c9e272b03e091b3ecb
b598e785100ff539e7d63577404d946c916484ae1bbecba17a77e021654ca1b9
b62000222840bacf8794dd992def0dc7e0a7a1f6070587b89476289111df8972
b6bfc3c9c83567e557e618e70d1c690d3ab20ffc8d2d72fd7280cb4994e54289
b7140334ca9693c19824ddf3a5796076843bc4037435e6de5b453da3500bac30
b795ece97224449967780313c67b1b224db511d0f93ff734f5ab9bbcc3da0bfa
b89abdec40ea33f0a1cf2b73329c9795f46316574335c6973664259682cf9be8
b8ed5c641f85d1de46f32bb3e43603c06b5ebd0e354acedf1b7a9d39b469c45d
b95427d76ba446b96bc831149d9a0945962bf53fb71cac45b0c14ea1dc53c1b1
b9dffeb08d2f8204f636035288f8908aea1d56707cf3c51efeee7be2ce98f21e
ba51a474e5d660c43316a015ae9ae74ceebb7fc9ba6b74bfca5f1184a04bf6ff
ba591f4ca26632b96864fd28ceeb44cd86ede34037270d4bc1ec28ec84add616
bad6e62bb00735f8c646ed27f05d1fea5024a1aa7060125c08fc17faef8de024
c15786285ba0667a0ef68b90870bd9a9fffeeef3420bc2a40eae3e1d03b4537c
c19d35d3ab541478af2ee769d2a306f12cd47c94ecfb3dbc5c319218cf6d369b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3423c7d9240cfc86239d89aaf6046d02aa6ea444c760010583223065ccb7ab9
c6403d94b772acfb45a7caf6537bdcf3e98af27b4be76b120b5575ea212d3739
c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6
c87adb9a6fd596da709ab56b947cf7d41c7397e723553158235fc49cdc90c082
c9113a1bdcfe16115abcc7c453812c94c6fa018fec8afe493a04bb8063a8491f
c9889aa6a9477516700cc3185c25aec599983fb9ea4e3318c0eece65179e1414
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc6c4b5e28b2032cbe3f5643ecf372843204c5496728977e88a6fbe0a3477df0
cd4aaa5ca156fd2e2663a27b8e288d8ed4a24fd55bfa7b1a0bc8027bbd43235d
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d24ecb7eb37b4d96efa8e02f34934dd12e13681ba55925824fc5b48107d3fa78
d327c8a798df685947457af0d7183705ed2405da975ab8e3db3cae83c19dd726
d3eeae2961426a7c7746bce046deb48181c3eb2db1a206b75d62b822dcd9d4ce
d4913954eadd5c2378d1551766b1df2aa1320f85f69b732bd4c79e8e9b1332fd
d76acb20f2c4e9d5a579589917001510d094418305c10b4b981e0a4318cf0790
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e075f2dceeef32beb0caf68935eeb12570ea42d733ba461ec6e88a83ed5760db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78e9975a25252a4e765ea29e4f77de9d1f9c0f8d004b11c81b712d256049980
eb210b6abc60e5bb93d2a62f6467a74e9c7ca917dbc43e64b9125c5f2af2224a
ecb60f5fcf6a82cbd546013c3d4c25b0e28ca75a361ef89c0d026079cec5f349
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f064ded335f20b48d9e91d104fef0a07db1935644acadd3aa03d83bf9cf62a25
f27791ce35bfbad21f1bc95b938236f1b2ae11d21da0824f267314ada9258be0
f59d86222a4388b32180ca2f63e7c1779386560d34431bc8e85d8e37b0aefbe5
f6e0fa38e2375e82145cbc55ff7beb5fa8492f5d7b0f764caf0ec851810db5dc
f88f0ffb33869f774a62a54e526b6f25bb713e2ce04f6d980fbc784dec705f34
f951f880831ace597004629f44a6b9e0444c38c1e8174f6e8d6914db5da0adfa
fa4eb0e1a1938615f6ffdbc6d387b8d0122b6b88bf8e50e5445b96f647d17e68
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fd033c241b9f60155a79712ce2551e747dddd607eec399564d66488735bc0c76
fd0a451cd75927c91d18c54f90255c1c79098085e2762b39e2cc19b1ac0466c7
ffdc56218f476b919fd90102670fed974062a62a82c2969d1a553132e8b75d62

www.winstar.com Open in urlscan Pro 52.7.84.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

232 Requests

95 %HTTPS

40 %IPv6

35 Domains

50 Subdomains

45 IPs

6 Countries

39133 kBTransfer

48596 kBSize

46 Cookies

31 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winstar.com Open in urlscan Pro
52.7.84.240 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

95 %
HTTPS

40 %
IPv6

35
Domains

50
Subdomains

45
IPs

6
Countries

39133 kB
Transfer

48596 kB
Size

46
Cookies

232 HTTP transactions
6 data transactions