www.thegaylewintersteam.com Open in urlscan Pro
2606:4700::6812:9f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thegaylewintersteam.com/
Effective URL:
https://www.thegaylewintersteam.com/
Submission: On August 11 via automatic, source certstream-suspicious (August 11th 2024, 7:18:53 pm UTC) — Scanned from DE

Summary HTTP 72 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6812:9f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thegaylewintersteam.com.
TLS certificate: Issued by WE1 on August 11th 2024. Valid for: 3 months.

This is the only time www.thegaylewintersteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700::68... 2606:4700::6812:9f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
5	2600:9000:223... 2600:9000:223c:6400:1a:4e43:6c40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
30	3.85.173.131 3.85.173.131	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.204.66.199 34.204.66.199	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
72	14

18 2606:4700::6812:9f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thegaylewintersteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thegaylewintersteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223c:6400:1a:4e43:6c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

widgetbe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 3.85.173.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-173-131.compute-1.amazonaws.com

api.curaytor.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:f8cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.66.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-66-199.compute-1.amazonaws.com

d.cookiemon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	curaytor.io api.curaytor.io — Cisco Umbrella Rank: 965334	5 MB
18	thegaylewintersteam.com 1 redirects thegaylewintersteam.com www.thegaylewintersteam.com	257 KB
5	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1314	25 KB
5	widgetbe.com widgetbe.com — Cisco Umbrella Rank: 209407	275 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 1178 p.typekit.net — Cisco Umbrella Rank: 1499	73 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	141 KB
2	cookiemon.io d.cookiemon.io	296 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	151 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	198 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
1	gstatic.com fonts.gstatic.com	50 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	932 B
72	13

	Domain	Requested by
30	api.curaytor.io	www.thegaylewintersteam.com
17	www.thegaylewintersteam.com	www.thegaylewintersteam.com
5	unpkg.com	2 redirects www.thegaylewintersteam.com
5	widgetbe.com	www.thegaylewintersteam.com widgetbe.com
3	use.fontawesome.com	www.thegaylewintersteam.com use.fontawesome.com
3	use.typekit.net	www.thegaylewintersteam.com use.typekit.net
2	d.cookiemon.io	www.thegaylewintersteam.com
2	connect.facebook.net	www.thegaylewintersteam.com
2	www.googletagmanager.com	www.thegaylewintersteam.com www.googletagmanager.com
1	www.facebook.com	www.thegaylewintersteam.com
1	p.typekit.net	use.typekit.net
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.thegaylewintersteam.com
1	thegaylewintersteam.com	1 redirects
72	15

This site contains links to these domains. Also see Links.

Domain
search.thegaylewintersteam.com
www.facebook.com
www.linkedin.com
www.instagram.com
bostonagentmagazine.com
www.curaytor.com

Subject Issuer	Validity	Valid
thegaylewintersteam.com WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
widgetbe.com Amazon RSA 2048 M01	`2023-10-05` - `2024-11-03`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
api.curaytor.io E5	`2024-08-07` - `2024-11-05`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.cookiemon.io Amazon RSA 2048 M03	`2024-06-19` - `2025-07-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.thegaylewintersteam.com/
Frame ID: EC98F8B516A9C9D782DAD0CE44AA2E15
Requests: 69 HTTP requests in this frame

Frame: https://widgetbe.com/widget
Frame ID: 8008E4F958144DBB0901241CCC2BD47C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gayle Winters & Co. | Home Page

Page URL History Show full URLs

https://thegaylewintersteam.com/ HTTP 301
https://www.thegaylewintersteam.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

72
Requests

97 %
HTTPS

86 %
IPv6

13
Domains

15
Subdomains

14
IPs

2
Countries

6242 kB
Transfer

8613 kB
Size

7
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://search.thegaylewintersteam.com/listing
Title: Search

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/mortgage-calculator
Title: Mortgage Calculator

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/featured-listings
Title: Featured Listings

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/sold-listing
Title: Sold Properties

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gaylewintersrealestate/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/gayle-winters-ceo-realtor-565b0314/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gaylewintersrealestate/

Search URL Search Domain Scan URL

URL: https://bostonagentmagazine.com/whos-who-2023/gayle-winters-2/
Title: Read the Full Article

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Winchester%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=12&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Lexington%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=11&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Arlington%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=13&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Melrose%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=13&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Wellesley%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=12&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Medford%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=12&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Bedford%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=11&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Lynnfield%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=12&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Saugus%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=12&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Burlington%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=12&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://search.thegaylewintersteam.com/listing?condition=%7B%22location%22%3A%7B%22city%22%3A%5B%22Weston%2C%20MA%22%5D%7D%7D&uiConfig=%7B%7D&zoom=12&page=1
Title: Search Homes

Search URL Search Domain Scan URL

URL: https://www.curaytor.com/?utm_source=thegaylewintersteam.com&utm_content=footer
Title: curaytor-horizontal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thegaylewintersteam.com/ HTTP 301
https://www.thegaylewintersteam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://unpkg.com/flickity@2/dist/flickity.min.css HTTP 302
https://unpkg.com/flickity@2.3.0/dist/flickity.min.css

Request Chain 66

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js HTTP 302
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thegaylewintersteam.com/
Redirect Chain

https://thegaylewintersteam.com/
https://www.thegaylewintersteam.com/

126 KB
27 KB

643ms
628ms

Document
text/html

2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0edfbfcd5b7ce9331f9b953bb3b05d338cdebfed3357b884e8e6d37db31af3b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors managestage.thegaylewintersteam.com manage.thegaylewintersteam.com base.curaytor.com base-staging.curaytor.io;
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	"allow-from base-staging.curaytor.io"
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8b1a92ca3b409153-FRA
content-encoding: gzip
content-security-policy: frame-ancestors managestage.thegaylewintersteam.com manage.thegaylewintersteam.com base.curaytor.com base-staging.curaytor.io;
content-type: text/html;charset=UTF-8
date: Sun, 11 Aug 2024 19:18:46 GMT
server: cloudflare
strict-transport-security: max-age=15769000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: "allow-from base-staging.curaytor.io"
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
cf-ray: 8b1a92c9ba719153-FRA
content-length: 167
content-type: text/html
date: Sun, 11 Aug 2024 19:18:46 GMT
expires: Sun, 11 Aug 2024 20:18:46 GMT
location: https://www.thegaylewintersteam.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 273 KB
96 KB 62ms
33ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTSBT8JG

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6f3f2c9b2280ca7340bb0885868b2b25a597e7017505e0451c509594a013689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97376
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Aug 2024 19:18:46 GMT

GET
H2 200 agent Show response
widgetbe.com/ 78 KB
78 KB 404ms
375ms Script
application/javascript 2600:9000:223c:6400:1a:4e43:6c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/agent
Requested by: Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6400:1a:4e43:6c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: 486e20e257e5489757d50fd9233cdf7554b1dc619349544d90738162fbfda136

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/8.1.29
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: h2D7uAbRFdDENes-C48cFt0P7UyRzdJUueOhE3bXtHYQ0OCHANE-Xw==
expires: Mon, 11 Aug 2025 19:18:47 GMT

GET
H2 200 rzw4rhq.css
use.typekit.net/ 19 KB
2 KB 495ms
437ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/rzw4rhq.css

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5241e7ce54aa2b2ba653a11802e37dbc319efb493b21aa656e9d9cfbffd0b3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sun, 11 Aug 2024 19:18:47 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1692

GET
H2 200 css
fonts.googleapis.com/ 4 KB
932 B 46ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=big-freight-pro%3A300%2C400%2C500%2C700%7CWork+Sans%3A300%2C400%2C500%2C700&subset=latin-ext,latin-ext

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

252a06f376ec96a161197bddaa86da347d9cf29c96d88d13e4df6e00ae557eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Aug 2024 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 19:18:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Aug 2024 19:18:46 GMT

GET
H2 200 GW_Logo_Email_Black.png
api.curaytor.io/sites/3040/media/2497440/ 5 KB
5 KB 567ms
357ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497440/GW_Logo_Email_Black.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

93772c4dbede8e1f157a802a89d3bab8a30713cc9d5270ca4dc33497b9886679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 GW_Logo_Email_Light.png
api.curaytor.io/sites/3040/media/2497442/ 5 KB
5 KB 482ms
273ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497442/GW_Logo_Email_Light.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b9ee2a8f8595383330b54e281d24313815bd2b287dea69910d6c053221c266a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 GW_Logo_Email_Black.png
api.curaytor.io/sites/3040/media/2510242/ 5 KB
5 KB 565ms
356ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2510242/GW_Logo_Email_Black.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

93772c4dbede8e1f157a802a89d3bab8a30713cc9d5270ca4dc33497b9886679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 GW_Logo_Email_Light.png
api.curaytor.io/sites/3040/media/2510244/ 5 KB
5 KB 473ms
265ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2510244/GW_Logo_Email_Light.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b9ee2a8f8595383330b54e281d24313815bd2b287dea69910d6c053221c266a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 Frame%2011%20(3).jpg
api.curaytor.io/sites/3040/media/2514284/ 378 KB
379 KB 572ms
364ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2514284/Frame%2011%20(3).jpg?w=851

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fafb4753c068700ef5d9dc36af0031438383cd7c358410b24b75615f0dee90f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 Group%20645.png
api.curaytor.io/sites/3040/media/2497496/ 768 KB
769 KB 657ms
448ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497496/Group%20645.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

415b79d06d08db69e7bfcc32866ce4e0b85b63912676feb688aac84fe533afff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 google%20smol.png
api.curaytor.io/sites/3040/media/2496175/ 11 KB
11 KB 632ms
630ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2496175/google%20smol.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4253fd061ed62a52788e0fbe03ef36d6abf0a1e02b2d759ce66847958bcfd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 google%20smol.png
api.curaytor.io/sites/3040/media/2496176/ 11 KB
11 KB 631ms
629ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2496176/google%20smol.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4253fd061ed62a52788e0fbe03ef36d6abf0a1e02b2d759ce66847958bcfd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 google%20smol.png
api.curaytor.io/sites/3040/media/2496182/ 11 KB
11 KB 632ms
630ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2496182/google%20smol.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4253fd061ed62a52788e0fbe03ef36d6abf0a1e02b2d759ce66847958bcfd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 GW3.mp4
api.curaytor.io/sites/3040/media/2542304/ 117 KB
0 1355ms
1353ms Media
video/mp4 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.curaytor.io/sites/3040/media/2542304/GW3.mp4

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
last-modified: 2024-01-19T13:18:19+00:00
server: nginx
x-frame-options: SAMEORIGIN
content-type: video/mp4
content-disposition: attachment; filename=GW3.mp4
accept-ranges: bytes
content-length: 1131447
x-xss-protection: 1; mode=block

GET
H2 200 Frame%2011%20(4).png
api.curaytor.io/sites/3040/media/2503724/ 881 KB
882 KB 726ms
724ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2503724/Frame%2011%20(4).png?w=851

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a3ca7cadfdd350c41524b081c23edabef07ddcb14472f71c972f318d42e05c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 Group%20634%20(1).png
api.curaytor.io/sites/3040/media/2496300/ 2 KB
2 KB 640ms
638ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2496300/Group%20634%20(1).png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c2ccba82763e38105ff805a9aa2c9512edcb966066b267b25e6a4dcb1c8bf435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 GW_Logo_Cobranding_Black.png
api.curaytor.io/sites/3040/media/2497444/ 30 KB
31 KB 734ms
733ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497444/GW_Logo_Cobranding_Black.png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b72449742bc007ee790ccada113f9de86473e5e2cfa323b0552aabdca7f7d73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 MLSEqualHousing%20(1).png
api.curaytor.io/sites/3040/media/2497445/ 47 KB
48 KB 734ms
732ms Image
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497445/MLSEqualHousing%20(1).png

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6b40a821d4c7cd6df52216febc76195951b65d052403196329bfd6e7dcac6b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 email-decode.min.js Show response
www.thegaylewintersteam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
813 B 14ms
14ms Script
application/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Aug 2024 10:19:48 GMT
server: cloudflare
etag: W/"66b1f8c4-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8b1a92ced9aa9153-FRA
expires: Tue, 13 Aug 2024 19:18:46 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 257ms
190ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://www.thegaylewintersteam.com/
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zs1vH%2BCQoQov8XYpvTz5m2qCR8ptkEYSUPA0geyvYAp%2B%2BfkLyom9XZRuz%2BgNyPQ5fI%2BZXhpk%2Fs5YDoHp3AbFkc533oWp2hzCqKPbHiYm6FXBRSM%2F4PLlXKI4kM2bMy%2BXKMCHUdikU1kGU%2BEfIu0gRxYj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8b1a92cf39139b25-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 webcomponents-loader.js Show response
unpkg.com/@webcomponents/webcomponentsjs@2.3.0/ 6 KB
3 KB 99ms
31ms Script
application/javascript 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@webcomponents/webcomponentsjs@2.3.0/webcomponents-loader.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:46 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13055177
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWBNGYMEGMAA9RSJMES3ZNP-fra
server: cloudflare
etag: "1880-H4v9FAixcISxaA2WDUSbG+KgJzQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1a92cf3c929f46-FRA

GET
H2 200 bundle.47b2cfa8c86452ffdcdb.js Show response
www.thegaylewintersteam.com/assets/js/ 91 KB
28 KB 445ms
444ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e15c448e01c8668af4a7a236fcfdd499ca158f9b04cb3341b373012e529bce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:39:25 GMT
server: cloudflare
etag: "16c4f-61f1c3ac4755d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92ced9af9153-FRA
content-length: 28172
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3KD3SXLY2X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTSBT8JG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb260affb0bed1fbb8857b06bb7bfb95c6066a7f807e8aec29c953d707d9e56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Aug 2024 19:18:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 34ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 11 Aug 2024 19:18:46 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 4FH3W8dPyP72B+Z93wMfatHQRcwAR06fQDN4JIb9HY+cdMKp37iwq6/UXDJVr8NyICh0hZSAb7Lw2VVXbY7bfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 49ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3KD3SXLY2X&gtm=45je4880v9171099010z89171095686za200zb9171095686&_p=1723403926761&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2132169109.1723403927&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723403926&sct=1&seg=0&dl=https%3A%2F%2Fwww.thegaylewintersteam.com%2F&dt=Gayle%20Winters%20%26%20Co.%20%7C%20Home%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=981
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3SXLY2X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 19:18:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thegaylewintersteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Hero%20(12).jpg
api.curaytor.io/sites/3040/media/2514287/ 363 KB
364 KB 910ms
908ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2514287/Hero%20(12).jpg

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6572e8d1823cd721ecaf2e48a56bed3da219e95712031774b53d9ab4d1419de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 bailey-alexander-Aq8ljLz12gk-unsplash.jpg
api.curaytor.io/sites/3040/media/2497500/ 28 KB
29 KB 1016ms
1015ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497500/bailey-alexander-Aq8ljLz12gk-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0ea2b27654ee6e06d3e4d486b8a1eea4f568c5bbdbc072dcc7b6ea0a80e078cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 sidekix-media-KRjDLU5j1K8-unsplash.jpg
api.curaytor.io/sites/3040/media/2502183/ 58 KB
58 KB 1608ms
1606ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2502183/sidekix-media-KRjDLU5j1K8-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

77b8a9d105b67cd506623a3c2cf834a4158bea503b0ef06de67745bfa5b1f0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 spacejoy-GKTal6gI4P0-unsplash.jpg
api.curaytor.io/sites/3040/media/2497506/ 40 KB
40 KB 1364ms
1363ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497506/spacejoy-GKTal6gI4P0-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d80f90bfa8acb8de9e869c20f772eaedab3e2c0e465ae3bb7aebd7f5bd35001b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 spacejoy-trG8989WjFA-unsplash.jpg
api.curaytor.io/sites/3040/media/2497515/ 35 KB
36 KB 1102ms
1101ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497515/spacejoy-trG8989WjFA-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cdbad7a141f815307b43a0371bbc041af149f02def798fce0c61cb6c63b5146c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 sidekix-media-l_M3usPiEuM-unsplash.jpg
api.curaytor.io/sites/3040/media/2497516/ 32 KB
32 KB 1100ms
1099ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2497516/sidekix-media-l_M3usPiEuM-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5dbfa4f6bc222375247f9d63a09e0a2964fa93aa3c5bb14b32013f231307fdd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 mk-s-tJs-FvXiuKg-unsplash%20(1).jpg
api.curaytor.io/sites/3040/media/2496287/ 47 KB
47 KB 1102ms
1101ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2496287/mk-s-tJs-FvXiuKg-unsplash%20(1).jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8e2c49ebfb3d75cad2ec0d49537e81d76bab9d6c53ed7e3f72248038c0f271f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 origin%20(15)-min.jpg
api.curaytor.io/sites/3040/media/2502185/ 34 KB
35 KB 1300ms
1299ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2502185/origin%20(15)-min.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2327c4258f224f5fb901e6bcb1c1b1a274cd6dbe0ec21d53031c6382cdfb064a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 spacejoy-ucCsSBzYBQQ-unsplash.jpg
api.curaytor.io/sites/3040/media/2502187/ 62 KB
62 KB 1505ms
1504ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2502187/spacejoy-ucCsSBzYBQQ-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

38fdc991fb2c43ffed69dea4ae55dd76c478dc3d607676d1f9caf13a42563c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 bailey-alexander-antlPQPVcjo-unsplash.jpg
api.curaytor.io/sites/3040/media/2496296/ 26 KB
26 KB 1410ms
1409ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2496296/bailey-alexander-antlPQPVcjo-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b1057ccdea6bc21f9a4a4a8f69a619b9359437f336869db32b9dac30f36e4bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 collov-home-design-HxRvdKHVAYY-unsplash.jpg
api.curaytor.io/sites/3040/media/2502189/ 44 KB
44 KB 634ms
631ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2502189/collov-home-design-HxRvdKHVAYY-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9c9173c7009a78a16cab9b6f4dfa799c2ed8592da790f187a5ece54f9cf5ec22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 collov-home-design-mYuJL_srlRE-unsplash.jpg
api.curaytor.io/sites/3040/media/2502197/ 51 KB
52 KB 911ms
909ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2502197/collov-home-design-mYuJL_srlRE-unsplash.jpg?w=350&h=400

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1b23f077407753e22da4474cb4856d43e163541bd11920b26ec2b128e9f74832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 origin%20(3)-min%20(1).jpg
api.curaytor.io/sites/3040/media/2514283/ 954 KB
956 KB 641ms
639ms Image
image/jpeg 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.curaytor.io/sites/3040/media/2514283/origin%20(3)-min%20(1).jpg

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9df80a190e90fa7adb6ee3abb6d5838fa428395db54d90ec23b87baae10fa15c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 Gotham-Bold_0.otf
www.thegaylewintersteam.com/assets/fonts/ 21 KB
15 KB 367ms
366ms Font
font/otf 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/fonts/Gotham-Bold_0.otf

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 28 May 2024 12:02:51 GMT
server: cloudflare
etag: "53a0-6198269cc6dd3-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/otf
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92cfcaf09153-FRA
content-length: 15204
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 Gotham-Medium.otf
www.thegaylewintersteam.com/assets/fonts/ 156 KB
75 KB 426ms
425ms Font
font/otf 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/fonts/Gotham-Medium.otf

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc397773a547218b8c334f9a40ea8e58f55198fab6095b103e598634fe273450

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 28 May 2024 12:00:58 GMT
server: cloudflare
etag: "2706c-6198263106e77-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 8b1a92cfcaf69153-FRA
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 38ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=big-freight-pro%3A300%2C400%2C500%2C700%7CWork+Sans%3A300%2C400%2C500%2C700&subset=latin-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 09:27:53 GMT
x-content-type-options: nosniff
age: 381054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 09:27:53 GMT

GET
H2 200 Gotham-MediumItalic.otf
www.thegaylewintersteam.com/assets/fonts/ 163 KB
80 KB 465ms
465ms Font
font/otf 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/fonts/Gotham-MediumItalic.otf

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df742bb6f39ebb10e3e7df3750bbf95b143f3c0b48656d5779075a4070c7d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 28 May 2024 12:00:58 GMT
server: cloudflare
etag: "28be0-619826310acf8-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 8b1a92cfcafa9153-FRA
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 64ms
14ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=rzw4rhq&ht=tk&f=13441.13442.13443.13444.18480.18481.18482.18483.18492.18493.18494.18495.25682.25683.25684.25685.37543.37546.44348.44349.44354.44355.44360.44361.44366.44367&a=87113823&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rzw4rhq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx
etag: "6649f74c-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

POST
H3 200 config Show response
widgetbe.com/ 243 B
616 B 148ms
134ms XHR
application/json 2600:9000:223c:6400:1a:4e43:6c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/config
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:6400:1a:4e43:6c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: a47e9455de78597e7a240db6522791f9a6d17dc8c168e3e989dc6ac538c3d488

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/8.1.29
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: Czp8gICyofp9aj2Y6KTupfobA_6L-Lv8yhZZ3l7UVFCyIq2--XzAkw==

GET
H2 200 l
use.typekit.net/af/c3941c/00000000000000007735c13d/30/ 41 KB
41 KB 56ms
16ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c3941c/00000000000000007735c13d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rzw4rhq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 27c72d5ee04a9aa9bd3500e33ed1232360459b17ea5e6706cadbeffa9888345e

Request headers

Referer: https://use.typekit.net/rzw4rhq.css
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
server: nginx
etag: "eceb1ca9b8fce30aff3429e545b2294022ca45fb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 41880

GET
H2 200 l
use.typekit.net/af/650441/000000000000000077359f96/30/ 30 KB
30 KB 54ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/650441/000000000000000077359f96/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rzw4rhq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a29bd28623630b2f573a62ea55880f6762120f081305f5b4d4dfa7db343d0a9b

Request headers

Referer: https://use.typekit.net/rzw4rhq.css
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
server: nginx
etag: "030ee7d57ca9eb85f7e0fd158eea209071f0e328"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30280

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 319 KB
91 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8c37aa1e6cfe02ad22420c8c2608fdc43e0a7993d75e019082b30f137e9fd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Aug 2024 19:18:47 GMT
content-md5: rfK4+jiOmke5ByPZmR9Etw==
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 92995
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=64, mss=1328, tbw=64419, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: ryNs4S4e7lXuVb3fAGoy7Wcjw8uqR8GvOMIz4k1PUGhRNPBwSsq7dn5dHb/QLMRch7qkKvtkYPTSO54cGl5cfg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 97523df55b40acbdf82851c4fcd9e3bc
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "82d2d0fb38c978f406f82d2d243835c8"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 11 Aug 2024 19:30:12 GMT

GET
H2 200 index.js Show response
www.thegaylewintersteam.com/assets/lib/green/ 76 KB
25 KB 462ms
461ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/lib/green/index.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6db28eab3579f740f0fa03002cf885ef888cfaed423f0d5f3ca7e81f0a25e297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 28 May 2024 12:01:02 GMT
server: cloudflare
etag: "12f87-6198263464447-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d1fe0d9153-FRA
content-length: 25194
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 45.bundle.b001ea08cc68c84e7182.js Show response
www.thegaylewintersteam.com/assets/js/ 212 B
260 B 296ms
296ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/45.bundle.b001ea08cc68c84e7182.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd88b922b75e321c43680f2dfbf984c93b404c0847e4d0fe07457e0f1f0b6875

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:39:25 GMT
server: cloudflare
etag: "d4-61f1c3abf646f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d1fe199153-FRA
content-length: 177
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 43.bundle.921cc87bcddaa3117cfd.js Show response
www.thegaylewintersteam.com/assets/js/ 309 B
321 B 351ms
351ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/43.bundle.921cc87bcddaa3117cfd.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7f3f33d7614786829ec324f3cae45a4d7994025208d572da13a589366804c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:39:25 GMT
server: cloudflare
etag: "135-61f1c3abe6a6d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d1fe1a9153-FRA
content-length: 237
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 34.bundle.2927e417fe4236f8ebbc.js Show response
www.thegaylewintersteam.com/assets/js/ 678 B
442 B 303ms
302ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/34.bundle.2927e417fe4236f8ebbc.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4ef19e253450f8f2eed1ec1651a0292f1b17151ad809facc89d1dc51229af14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:39:25 GMT
server: cloudflare
etag: "2a6-61f1c3ab9597f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d21e369153-FRA
content-length: 358
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 11.bundle.c0db64f711eb6d2a5999.js Show response
www.thegaylewintersteam.com/assets/js/ 1 KB
569 B 295ms
295ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/11.bundle.c0db64f711eb6d2a5999.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb36c622677371f776999068501c14ea3aec97c8dd3bcecfbd7a995c89d27761

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:39:44 GMT
server: cloudflare
etag: "484-61f1c3be3c0d9-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d33fc19153-FRA
content-length: 462
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 10.bundle.44830ba2f3da78f0fcec.js Show response
www.thegaylewintersteam.com/assets/js/ 2 KB
951 B 300ms
300ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/10.bundle.44830ba2f3da78f0fcec.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f82406270be860adaa1bff0a62d27d488786bcb03df63dccf7a7147945ec1179

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:40:03 GMT
server: cloudflare
etag: "91d-61f1c3d074c87-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d3a84a9153-FRA
content-length: 844
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 15.bundle.cd692dc48d0faba005be.js Show response
www.thegaylewintersteam.com/assets/js/ 1 KB
720 B 423ms
422ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/15.bundle.cd692dc48d0faba005be.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a5e4011f8264ac8edefafbee4c166c2c74c8718ad84bbc041dee96aa313c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 18:39:44 GMT
server: cloudflare
etag: "474-61f1c3be5d41b-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d3d8859153-FRA
content-length: 599
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:48 GMT

GET
H2 200 19.bundle.eec6133f11140713e3a6.js Show response
www.thegaylewintersteam.com/assets/js/ 1 KB
662 B 742ms
741ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/19.bundle.eec6133f11140713e3a6.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86aa9bd5302b0ce85124dfe89785af947f317182d044ea673f39417fe7889918

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2024 18:39:24 GMT
server: cloudflare
etag: "503-61f1c3ab06087-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d3f8c39153-FRA
content-length: 555
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:48 GMT

GET
H2 200 30.bundle.dd6ffeec29e7475d1f22.js Show response
www.thegaylewintersteam.com/assets/js/ 338 B
374 B 298ms
297ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/30.bundle.dd6ffeec29e7475d1f22.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c53a1275062ff946bd07bac47447a736d541f1e1f3d3cea0ab6d4b82d8407b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:40:04 GMT
server: cloudflare
etag: "152-61f1c3d12a6e2-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d438fb9153-FRA
content-length: 245
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:47 GMT

GET
H2 200 8.bundle.511d96ab443e0b7d6bba.js Show response
www.thegaylewintersteam.com/assets/js/ 2 KB
1 KB 303ms
302ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/8.bundle.511d96ab443e0b7d6bba.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23dc748dc244136eb5606d23ad19d8b87837d4a98a06a810fc91eb641c1e11f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:39:46 GMT
server: cloudflare
etag: "910-61f1c3bf9b9eb-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d4ea459153-FRA
content-length: 1018
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:48 GMT

GET
H2 200 31.bundle.458eb4cbf6d0280b077c.js Show response
www.thegaylewintersteam.com/assets/js/ 422 B
411 B 308ms
308ms Script
text/javascript 2606:4700::6812:9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thegaylewintersteam.com/assets/js/31.bundle.458eb4cbf6d0280b077c.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1b5f091d60894368aebabffb2bcea686bb3140090610ceab9871760949eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
strict-transport-security: max-age=15769000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 07 Aug 2024 18:39:45 GMT
server: cloudflare
etag: "1a6-61f1c3bef0b82-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b1a92d51a759153-FRA
content-length: 302
x-xss-protection: 1; mode=block
expires: Sun, 11 Aug 2024 23:18:48 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 66 KB
66 KB 216ms
215ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBPCreOQfHJupDR%2BQgAlaCmqxParC9%2FFOhA4no%2FW%2F42RlNj%2FMeNyzbHgXye34JLFZJH2U4F6ItXVZEAp8mIvGW4AnazRa%2BZPFQWi7AQIGMcIJuW%2BJaUGVE3L5yzzhXkYWftEobyPRBzIAzOGVHruNtqC"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8b1a92d21c879b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 67400

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 64 KB
64 KB 248ms
247ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "48461ea4e797c9774dabb4a0440d2f56"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FZ2Z2Nv553Go%2B8iQFssWiT8EKV2AAP9Ps4KoIKf0ofkoyvLb%2BVAnDpMSyLV4BHbLcHDSaCiqyIwPtUh%2FBMzLruYrUAyyehAyUSFA%2Bs8gWq4Utu7EWRLSMJkEhxUAjIu0wl7%2FaWtXl1obyfThVYBM5tz"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8b1a92d21c889b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65316

GET
H2 200 widget Show response
widgetbe.com/ Frame 8008 173 KB
174 KB 378ms
377ms Script
application/javascript 2600:9000:223c:6400:1a:4e43:6c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/widget
Requested by: Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6400:1a:4e43:6c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: 27f1c653fa57efb0f78386773681eae6bc3fedc7daadc1f0d52ba00af9c67705

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/8.1.29
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: xqq8TZ1iyTlVEyGfCvSKyN9swu5ymvkjvU8uVf-d3RtQry3uH13I4A==
expires: Mon, 11 Aug 2025 19:18:47 GMT

POST
H3 200 pages Show response
widgetbe.com/ 0
391 B 329ms
327ms XHR
text/html 2600:9000:223c:6400:1a:4e43:6c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/pages
Requested by: Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:6400:1a:4e43:6c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29 / PHP/8.1.29
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Aug 2024 19:18:47 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/8.1.29
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/8.1.29
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: 2hRxJped44J-qb_6Ex_vSQbyNupL--JcVYqLLUnypQRG8quaJNv7uA==

OPTIONS
H2 200 t2
d.cookiemon.io/com.cookiemon.media/ Frame 0
0 329ms
93ms Preflight 34.204.66.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://d.cookiemon.io/com.cookiemon.media/t2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.66.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-66-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thegaylewintersteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.thegaylewintersteam.com
access-control-max-age: 600
content-length: 0
date: Sun, 11 Aug 2024 19:18:48 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 t2 Show response
d.cookiemon.io/com.cookiemon.media/ 2 B
296 B 289ms
95ms XHR
text/plain 34.204.66.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://d.cookiemon.io/com.cookiemon.media/t2

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.66.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-66-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.thegaylewintersteam.com
date: Sun, 11 Aug 2024 19:18:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
server: nginx
content-length: 2

GET
H3 200 proximanova-regular-webfont.woff2
widgetbe.com/fonts/ Frame 8008 21 KB
22 KB 11ms
11ms Font
font/woff2 2600:9000:223c:6400:1a:4e43:6c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/fonts/proximanova-regular-webfont.woff2
Requested by: Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:6400:1a:4e43:6c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23 /
Resource Hash: b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795

Request headers

Referer: https://www.thegaylewintersteam.com/
Origin: https://www.thegaylewintersteam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 19:34:00 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
age: 4491888
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 21700
last-modified: Tue, 02 Apr 2024 01:17:30 GMT
server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/8.1.23
etag: "54c4-61512deb4aab9"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: B_KCtYl6UjZUWRbS6jkPOk4QPg_XhxbPGn6AOvvAC7SDuS9gjoPT_A==
expires: Fri, 20 Jun 2025 19:34:00 GMT

GET
H2

200

flickity.min.css
unpkg.com/flickity@2.3.0/dist/
Redirect Chain

https://unpkg.com/flickity@2/dist/flickity.min.css
https://unpkg.com/flickity@2.3.0/dist/flickity.min.css

2 KB
909 B

21ms
21ms

Stylesheet
text/css

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/flickity@2.3.0/dist/flickity.min.css

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3375928
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J1WTGVE6NRA8BRW36G9NGBM9-fra
server: cloudflare
etag: "705-iG4rBnn9uZ8eW5XLtZHjveGiMLs"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1a92d6aaee9f46-FRA

Redirect headers

date: Sun, 11 Aug 2024 19:18:48 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J51DM077R74H23P7PQ3WCTB2-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 459
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /flickity@2.3.0/dist/flickity.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8b1a92d68a8d9f46-FRA

GET
H2

200

flickity.pkgd.min.js Show response
unpkg.com/flickity@2.3.0/dist/
Redirect Chain

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

56 KB
21 KB

22ms
22ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13051126
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFH7MZ399VJM7JSAWRQ0W7-fra
server: cloudflare
etag: "e136-ppFLVfsImDkhRKQGmGrAD36fhGA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1a92d6aaf09f46-FRA

Redirect headers

date: Sun, 11 Aug 2024 19:18:48 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J51DX3A3WK2QNYHZ7BHE31WC-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 161
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /flickity@2.3.0/dist/flickity.pkgd.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8b1a92d68a919f46-FRA

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 45ms
29ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=3257546341212510&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.thegaylewintersteam.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/assets/js/bundle.47b2cfa8c86452ffdcdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
x-fb-server-load: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401963510507650999", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2771, tp=-1, tpl=-1, uplat=21, ullat=0
pragma: no-cache
x-fb-debug: O7TEmnJ+mFqaAND8hj1Zb8GFS5YSQE1lVKvRlczLbYbfAgvind5XqhAqTZezBnIsYA6M3n17TVBK3Aj1EwiKRA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401963510507650999"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thegaylewintersteam.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 GW3.mp4
api.curaytor.io/sites/3040/media/2542304/ 1 MB
1 MB 383ms
382ms Media
video/mp4 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.curaytor.io/sites/3040/media/2542304/GW3.mp4

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1ef130b1d9eb52b07e808ef350a72decbc95d32566b1886308f0779cf6ec3e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=1114112-

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
last-modified: 2024-01-19T13:18:19+00:00
server: nginx
x-frame-options: SAMEORIGIN
content-type: video/mp4
content-disposition: attachment; filename=GW3.mp4
accept-ranges: bytes
content-length: 1131447
x-xss-protection: 1; mode=block

GET
H2 206
Partial Content GW3.mp4
api.curaytor.io/sites/3040/media/2542304/ 1009 KB
0 0ms
0ms Media
video/mp4 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.curaytor.io/sites/3040/media/2542304/GW3.mp4

Requested by

Host: www.thegaylewintersteam.com
URL: https://www.thegaylewintersteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c906508d4b727e6cfd8c778cd48a28f316235748e34d3b0dac409e219ba4704a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=98304-

Response headers

date: Sun, 11 Aug 2024 19:18:48 GMT
x-content-type-options: nosniff
last-modified: 2024-01-19T13:18:19+00:00
server: nginx
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 98304-1131446/1131447
content-disposition: attachment; filename=GW3.mp4
accept-ranges: bytes
Content-Length: 1033143
x-xss-protection: 1; mode=block

GET
H2 200 favicon.png
api.curaytor.io/sites/3040/media/2496052/ 23 KB
23 KB 285ms
284ms Other
image/png 3.85.173.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.curaytor.io/sites/3040/media/2496052/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-173-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0ef1df2685de811aa47d34fb0053604aba40d6ab9ca4ce458f3d298abeb20673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thegaylewintersteam.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 19:18:49 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thegaylewintersteam.com/	1970-01-21 00:52:59	Name: _gcl_au Value: 1.1.260924253.1723403927
.thegaylewintersteam.com/	1970-01-21 08:19:23	Name: _ga_3KD3SXLY2X Value: GS1.1.1723403926.1.0.1723403926.0.0.0
.thegaylewintersteam.com/	1970-01-21 08:19:23	Name: _ga Value: GA1.1.2132169109.1723403927
.thegaylewintersteam.com/	1970-01-21 08:19:23	Name: WidgetTrackerCookie Value: 0e47ebb1-8d92-47df-9871-42e80be04251
.thegaylewintersteam.com/	1970-01-20 22:43:25	Name: _sp_ses.753b Value: *
.thegaylewintersteam.com/	1970-01-21 08:19:23	Name: _sp_id.753b Value: 17c3e640-3040-4df3-b21d-62115dd8c84b.1723403928.1.1723403928..4747a8f6-3f74-4e87-93b7-55aaeeb4403a..67909ffa-ac11-4693-9238-be1099eb484a.1723403927846.1
.cookiemon.io/	1970-01-21 07:28:59	Name: sp Value: 8c2d8d3b-33fb-4e00-b410-29b26cdeaee0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://widgetbe.com/agent Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors managestage.thegaylewintersteam.com manage.thegaylewintersteam.com base.curaytor.com base-staging.curaytor.io;
Strict-Transport-Security	max-age=15769000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	"allow-from base-staging.curaytor.io"
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.curaytor.io
connect.facebook.net
d.cookiemon.io
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
region1.google-analytics.com
thegaylewintersteam.com
unpkg.com
use.fontawesome.com
use.typekit.net
widgetbe.com
www.facebook.com
www.googletagmanager.com
www.thegaylewintersteam.com
2001:4860:4802:32::36
2600:9000:223c:6400:1a:4e43:6c40:93a1
2606:4700:3036::6815:1b98
2606:4700::6811:f8cb
2606:4700::6812:9f1
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::2008
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.85.173.131
34.204.66.199
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
0ea2b27654ee6e06d3e4d486b8a1eea4f568c5bbdbc072dcc7b6ea0a80e078cc
0ef1df2685de811aa47d34fb0053604aba40d6ab9ca4ce458f3d298abeb20673
1b23f077407753e22da4474cb4856d43e163541bd11920b26ec2b128e9f74832
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c53a1275062ff946bd07bac47447a736d541f1e1f3d3cea0ab6d4b82d8407b4
1e15c448e01c8668af4a7a236fcfdd499ca158f9b04cb3341b373012e529bce2
1ef130b1d9eb52b07e808ef350a72decbc95d32566b1886308f0779cf6ec3e4a
2327c4258f224f5fb901e6bcb1c1b1a274cd6dbe0ec21d53031c6382cdfb064a
23dc748dc244136eb5606d23ad19d8b87837d4a98a06a810fc91eb641c1e11f8
252a06f376ec96a161197bddaa86da347d9cf29c96d88d13e4df6e00ae557eeb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c72d5ee04a9aa9bd3500e33ed1232360459b17ea5e6706cadbeffa9888345e
27f1c653fa57efb0f78386773681eae6bc3fedc7daadc1f0d52ba00af9c67705
38fdc991fb2c43ffed69dea4ae55dd76c478dc3d607676d1f9caf13a42563c0d
3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2
415b79d06d08db69e7bfcc32866ce4e0b85b63912676feb688aac84fe533afff
486e20e257e5489757d50fd9233cdf7554b1dc619349544d90738162fbfda136
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
5241e7ce54aa2b2ba653a11802e37dbc319efb493b21aa656e9d9cfbffd0b3ef
58a5e4011f8264ac8edefafbee4c166c2c74c8718ad84bbc041dee96aa313c6b
5a7f3f33d7614786829ec324f3cae45a4d7994025208d572da13a589366804c8
5dbfa4f6bc222375247f9d63a09e0a2964fa93aa3c5bb14b32013f231307fdd4
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
6572e8d1823cd721ecaf2e48a56bed3da219e95712031774b53d9ab4d1419de6
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6b40a821d4c7cd6df52216febc76195951b65d052403196329bfd6e7dcac6b9c
6db28eab3579f740f0fa03002cf885ef888cfaed423f0d5f3ca7e81f0a25e297
77b8a9d105b67cd506623a3c2cf834a4158bea503b0ef06de67745bfa5b1f0e8
86aa9bd5302b0ce85124dfe89785af947f317182d044ea673f39417fe7889918
8df742bb6f39ebb10e3e7df3750bbf95b143f3c0b48656d5779075a4070c7d57
8e2c49ebfb3d75cad2ec0d49537e81d76bab9d6c53ed7e3f72248038c0f271f3
8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f
93772c4dbede8e1f157a802a89d3bab8a30713cc9d5270ca4dc33497b9886679
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
9c9173c7009a78a16cab9b6f4dfa799c2ed8592da790f187a5ece54f9cf5ec22
9df80a190e90fa7adb6ee3abb6d5838fa428395db54d90ec23b87baae10fa15c
9ea1b5f091d60894368aebabffb2bcea686bb3140090610ceab9871760949eb4
a29bd28623630b2f573a62ea55880f6762120f081305f5b4d4dfa7db343d0a9b
a3ca7cadfdd350c41524b081c23edabef07ddcb14472f71c972f318d42e05c28
a47e9455de78597e7a240db6522791f9a6d17dc8c168e3e989dc6ac538c3d488
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
b1057ccdea6bc21f9a4a4a8f69a619b9359437f336869db32b9dac30f36e4bf8
b72449742bc007ee790ccada113f9de86473e5e2cfa323b0552aabdca7f7d73b
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
b9ee2a8f8595383330b54e281d24313815bd2b287dea69910d6c053221c266a0
bb260affb0bed1fbb8857b06bb7bfb95c6066a7f807e8aec29c953d707d9e56c
bc397773a547218b8c334f9a40ea8e58f55198fab6095b103e598634fe273450
c0edfbfcd5b7ce9331f9b953bb3b05d338cdebfed3357b884e8e6d37db31af3b
c2ccba82763e38105ff805a9aa2c9512edcb966066b267b25e6a4dcb1c8bf435
c8c37aa1e6cfe02ad22420c8c2608fdc43e0a7993d75e019082b30f137e9fd5b
c906508d4b727e6cfd8c778cd48a28f316235748e34d3b0dac409e219ba4704a
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
cb36c622677371f776999068501c14ea3aec97c8dd3bcecfbd7a995c89d27761
cdbad7a141f815307b43a0371bbc041af149f02def798fce0c61cb6c63b5146c
d4253fd061ed62a52788e0fbe03ef36d6abf0a1e02b2d759ce66847958bcfd73
d4ef19e253450f8f2eed1ec1651a0292f1b17151ad809facc89d1dc51229af14
d80f90bfa8acb8de9e869c20f772eaedab3e2c0e465ae3bb7aebd7f5bd35001b
dd88b922b75e321c43680f2dfbf984c93b404c0847e4d0fe07457e0f1f0b6875
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6f3f2c9b2280ca7340bb0885868b2b25a597e7017505e0451c509594a013689
f82406270be860adaa1bff0a62d27d488786bcb03df63dccf7a7147945ec1179
fafb4753c068700ef5d9dc36af0031438383cd7c358410b24b75615f0dee90f1

www.thegaylewintersteam.com Open in urlscan Pro 2606:4700::6812:9f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

86 %IPv6

13 Domains

15 Subdomains

14 IPs

2 Countries

6242 kBTransfer

8613 kBSize

7 Cookies

20 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thegaylewintersteam.com Open in urlscan Pro
2606:4700::6812:9f1 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

86 %
IPv6

13
Domains

15
Subdomains

14
IPs

2
Countries

6242 kB
Transfer

8613 kB
Size

7
Cookies

72 HTTP transactions
0 data transactions