www.winterfest.co.nz Open in urlscan Pro
2606:4700:3035::ac43:c794 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://winterfest.co.nz/
Effective URL:
https://www.winterfest.co.nz/
Submission: On August 21 via api (August 21st 2023, 9:54:54 pm UTC) from US — Scanned from US

Summary HTTP 52 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3035::ac43:c794, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.winterfest.co.nz.
TLS certificate: Issued by E1 on August 7th 2023. Valid for: 3 months.

This is the only time www.winterfest.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700:303... 2606:4700:3035::ac43:c794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:141b:13:... 2600:141b:13::17d7:82b1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1400:900... 2600:1400:9000::687e:74b1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:804::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::2016	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
52	17

16 2606:4700:3035::ac43:c794 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

winterfest.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.winterfest.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:141b:13::17d7:82b1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74b1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2006 (Montreal, Canada)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2016 (Montreal, Canada)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	winterfest.co.nz 1 redirects winterfest.co.nz www.winterfest.co.nz	2 MB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	982 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 637 p.typekit.net — Cisco Umbrella Rank: 805	137 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 285	31 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 122 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 347	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	35 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 118	65 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 195 www.google.com — Cisco Umbrella Rank: 3	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	135 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 234	2 KB
52	12

	Domain	Requested by
15	www.winterfest.co.nz	www.winterfest.co.nz
8	www.youtube.com	www.winterfest.co.nz www.youtube.com
5	use.typekit.net	www.winterfest.co.nz use.typekit.net
4	jnn-pa.googleapis.com	www.youtube.com
3	cdnjs.cloudflare.com	www.winterfest.co.nz
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	i.ytimg.com	www.youtube.com www.winterfest.co.nz
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.winterfest.co.nz www.googletagmanager.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	winterfest.co.nz	1 redirects
52	18

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
premier.ticketek.co.nz
www.facebook.com
twitter.com
www.instagram.com
www.smokeylemon.com

Subject Issuer	Validity	Valid
winterfest.co.nz E1	`2023-08-07` - `2023-11-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.winterfest.co.nz/
Frame ID: 33C48ED86D4BD5A62B2D97521EA32626
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
Frame ID: 6318D34A50F549DB703844E3192F2710
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winterfest » Winter Fest

Page URL History Show full URLs

https://winterfest.co.nz/ HTTP 301
https://www.winterfest.co.nz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

18
Subdomains

17
IPs

2
Countries

3180 kB
Transfer

6373 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://premier.ticketek.co.nz/shows/Show.aspx?sh=TAFT2019
Title: Buy Tickets >

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winterfestnp

Search URL Search Domain Scan URL

URL: https://twitter.com/tafnz

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tafnz/

Search URL Search Domain Scan URL

URL: http://www.smokeylemon.com/
Title: Smokeylemon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://winterfest.co.nz/ HTTP 301
https://www.winterfest.co.nz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.winterfest.co.nz/
Redirect Chain

https://winterfest.co.nz/
https://www.winterfest.co.nz/

21 KB
6 KB

992ms
947ms

Document
text/html

2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2bbe52353923212284b2ca1057d43ec7c275f550b035fe1886d96ac7f0b4d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fa61da5db19c328-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 21:54:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1TSW8lW%2FtcUSJ4k4CZ06jCWN93UJBs%2B3ZXdZTbsev%2FlqTElBMWdyL8XUKXHZur6v7jaLiv%2BBfjovvymlp13Lvla%2BDPlm7R%2Fm%2BwtgSx%2FD%2FcZW8ohuUaPIr0h%2FDxn%2B2s%2Fq7FklRpIDL6URtpW2xZSRNEmPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Protocol

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fa61da0df52c328-EWR
content-type: text/html; charset=iso-8859-1
date: Mon, 21 Aug 2023 21:54:39 GMT
location: https://www.winterfest.co.nz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NOBT6aA2hamTJUIZzUNffO7ARjC1aRQ%2Bxo3z8F9H4rmt3Dy%2FTijUna1%2FlaR6Ho8cUFWKzmjPex8EjNvwmqZxy42VIyGYhkNX7RHuRIPl%2BXp2Db4djKSlzUOsbeHvAKjxwcRJEXNiUlVslhXHm4n"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
www.winterfest.co.nz/themes/sl-bootstrap/dist/css/ 301 KB
50 KB 1757ms
1755ms Stylesheet
text/css 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/css/style.css?m=1558561560
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7415039f59079ca60c9e043d354a2525f48d3d105040f6d85c6276fda97f70b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 May 2019 21:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anOLNLfcKFH15iLxN6%2FN0y6yx2xrFb6dy1dE0AMs4X%2FP4UK7WUR9FHOGTEuleVPFkkwB6DVpcjWQnzcp5myYoGB4pvPw57rgD1eSYncKjsZJsBNOjHRLOkge18Q3O00m16SWt%2ByPEoJh%2FecptcrNFmQynw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7fa61dabef98c328-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 54ms
11ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5881169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCNeRRtl2%2BtLBLOlwTXhU2u%2F1N3rI1c6k94kMKijU9JjqZU56hNxdIjJXAKCyRaXVwhLazp1zgafHpRMdpdyQxX8nCwCZSCnHDewEBeLAsHOesbHWNGS06Mhjsx6XhZSkDiXoxwRMq1p9AC9X1MZ52ki"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fa61dac1edb17d9-EWR
expires: Sat, 10 Aug 2024 21:54:40 GMT

GET
H2 200 lha2exq.css
use.typekit.net/ 9 KB
1 KB 311ms
83ms Stylesheet
text/css 2600:141b:13::17d7:82b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lha2exq.css

Requested by

Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0b7c622d83c1aea4b65cb3fb343eec69be6d880b106726fed2cd27d6fc0ec9c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 21 Aug 2023 21:54:40 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1067

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
50 KB 121ms
61ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TG8T9WK

Requested by

Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5a6344d11b123e18e9c63cc039eaa5688087fecfd3d6df21bea3f58256b532c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 21:54:40 GMT

GET
H2 200 NjGC1kD1KIQ Show response
www.youtube.com/embed/ Frame 6318 79 KB
33 KB 193ms
135ms Document
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Requested by

Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddd502a813cbc8177bfe33477f69e259fbb9f4b59435edf6fbe7353fdee97abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winterfest.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 21:54:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 big-logo-v3__ScaleMaxHeightWzQ1MF0.png
www.winterfest.co.nz/assets/Uploads/Logos/images/dfb0c6a350/ 318 KB
319 KB 2720ms
2715ms Image
image/png 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/Uploads/Logos/images/dfb0c6a350/big-logo-v3__ScaleMaxHeightWzQ1MF0.png
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8c4a3bcd7c4ac7b437a5267fba4e16d3a7e9594bfe8eccb121060a4dcb1acb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:43 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2019 03:43:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMGw%2FnhQzHJ%2BuHFxmoQ8zuEkiGCtckODFFzCeTu%2FJ4zayHXInDf3tipMpOOu5oqqQwq%2FNWIBxo0KkK1F3PGe4jv37UNNPcpN0Y53cLBfPJaAjp9aww2xjPrQiiLBBzzZRf8wsQCSa5Qhr9CV%2BMvKOxDydw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58b4c328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 325467

GET
H2 200 Still-Life-with-Chickens-edited__FocusFillWzUxMCwzMTAsInkiLDIxXQ.jpg
www.winterfest.co.nz/assets/shows/9d2e5e721a/ 37 KB
37 KB 1421ms
1416ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/shows/9d2e5e721a/Still-Life-with-Chickens-edited__FocusFillWzUxMCwzMTAsInkiLDIxXQ.jpg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24ecc1d9ce36f6945dfac09a1c1d983349a743bea724331b924dbd2b438f0d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2019 23:28:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42YSV%2FNYAJY%2BBZ6HZtIm%2BfYoIoIadzUw15F%2F%2Bm20ItZ1N%2BciCkknGajr9P56I0UlZTCc58kl4TLWM9opY5UpYT7LUH7nwDJYFEMoZ34McxPvwgz6G7xY0FuPAZvP1rSc5cugKbQlgun0jpJO8b0ZwWq7gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58b6c328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 37859

GET
H2 200 WF19-thumbnail-510x300px_A-Funny-Thing-Happened__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
www.winterfest.co.nz/assets/shows/a4c1c706f1/ 52 KB
53 KB 1107ms
1103ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/shows/a4c1c706f1/WF19-thumbnail-510x300px_A-Funny-Thing-Happened__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8bf594e1cb3d2eab55cfa4f85cc14e2a26524e38e09fdccd058b88369741333

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2019 03:43:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7u2NV3HHpszXiEz7UUv3NVg9r6IAs65GZbZCwpeSY1e%2F2lHkMdzYpCtnQvPRylBkdbuMkPFrNsEBaMoi3qonVz4ePemtzKVCKqf7xd4bIjZegSD9kHDrcpP7A1HC%2ByQm77bnaVDNi8UYhBgNTI572kZH%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58b7c328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 53635

GET
H2 200 WF19-thumbnail-510x300px_An-Iliad__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
www.winterfest.co.nz/assets/shows/0f6a1cc7e3/ 37 KB
37 KB 875ms
871ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/shows/0f6a1cc7e3/WF19-thumbnail-510x300px_An-Iliad__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbb354c58323320d9769a15dd21f1ba962740d61bee5c97c842072f9dcd41a68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2019 03:43:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMWZ6TU%2F7BxlhcYyzTyXi27EOZgN9NRXJsXclrknfnZ%2BiPNsgzHbPA%2FxM46zap6gOnkzb452D%2Bt%2B8Ihl18OzNTFHkO6qvUts90KWgE6egVdAu5HO3cd0f9vj%2BRPatfx04Uo2HxhXRnNtXzwJ6P9T8zMrnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58b9c328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 37430

GET
H2 200 WF19-thumbnail-510x300px_Trash-Test-Dummies__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
www.winterfest.co.nz/assets/shows/thumbnails/d9d6f60a0e/ 69 KB
69 KB 1088ms
1084ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/shows/thumbnails/d9d6f60a0e/WF19-thumbnail-510x300px_Trash-Test-Dummies__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 097062d3ff5eba5ed298e482e9b7f6d5782f6a8fc91c6952270e07200efb0c48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
cf-cache-status: MISS
last-modified: Sun, 26 May 2019 23:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUuyRR3Gs3GKnk3Kkyfxf8IWl6KXGMtM8XewacLGobon0ET1F7TfoQZ8Tg%2BCIkqh79riiX1N%2F4oWKUtBVhG0HZvfnp0jstXKLVxhpzmrNih4Na8PkOnOjWVZnogezUJ%2B0IM%2BVAFb6eDxk9aoy92s61qJkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58bac328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 70284

GET
H2 200 Onepu-2019__FocusFillWzUxMCwzMTAsInkiLDE1XQ.jpg
www.winterfest.co.nz/assets/shows/thumbnails/0ce0bb8cf1/ 25 KB
25 KB 883ms
880ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/shows/thumbnails/0ce0bb8cf1/Onepu-2019__FocusFillWzUxMCwzMTAsInkiLDE1XQ.jpg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ac254acd70676479e68125aae00ae184fa2c0c1ea830603147325fce1d065b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
cf-cache-status: MISS
last-modified: Fri, 31 May 2019 04:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUqViyj7QS4hUSUjwGV9gno611p1R5OAoQxtUGkn%2B7ZD7UtYY0B%2BWRj%2BzWdwtmIBb4DsCTEEhLv4w9a%2F8k88G4OCD7D53p1Bi5g8%2FIA%2FKqpjbEPLwMLWVR4cPEnZismPZFY5wt9bOduzHzsVYMdRym%2FiHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58bcc328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 25107

GET
H2 200 WF19-thumbnail-510x300px_Watching-Paint-Dry__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
www.winterfest.co.nz/assets/shows/74ddf624bc/ 46 KB
46 KB 2714ms
2711ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/shows/74ddf624bc/WF19-thumbnail-510x300px_Watching-Paint-Dry__FocusFillWzQ5NCwzMDAsIngiLDhd.jpg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9602367091ff1ba7d02fab831fc6b5416226ec9f968172c3f6260bfd1eab2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:43 GMT
cf-cache-status: MISS
last-modified: Thu, 23 May 2019 03:43:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM5pycLKvKp1jHg64Fx2lPf8jBoXur3g4fbAkfb30DPohgXVNg2MnhrwT%2BrUA5B8a7ptvV2%2BcW1%2FoTSv0fTnACmYUNl73KBFYT6tzbW8Tf%2BkNuDYOvQSjIGHjaVqoYmiXtggEbEMVSCnNw4kYCxV0NyoNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58bdc328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 46665

GET
H2 200 Richard-Wolfe-Crickey.jpeg
www.winterfest.co.nz/assets/274d1289e0/ 133 KB
134 KB 1108ms
1105ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/274d1289e0/Richard-Wolfe-Crickey.jpeg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58fb5c73b344c416b5827c8dc3feaa1ad7f15174aa56f2066341b769259e8fc4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 04:03:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebEmeq%2FH1F62P%2BGKAhsF9O%2F40iPcY2Fe0HQXYtA64CSo4COju4puOQZyEUNJseqjzLhvRyPfeItQkO3vCqNoma%2Bgq8Qb5UgNXE9hiiNEJOo13Q9aqBZ5Ghs%2Bd5skPeGmFgRr2wUKXJlEjNK%2FcN7hPZEFVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58bec328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 136587

GET
H2 200 WF19-thumbnail-510x300px_David-Hastings.jpg
www.winterfest.co.nz/assets/19b01f9f80/ 46 KB
46 KB 1091ms
1089ms Image
image/jpeg 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/assets/19b01f9f80/WF19-thumbnail-510x300px_David-Hastings.jpg
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b0cda3a632394aee9e8254f942b93cb2ae52692de55174fb6096475e1d8dcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
cf-cache-status: MISS
last-modified: Wed, 29 May 2019 02:37:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS0qMePMVs06wPwxb7sKoSpLgTBvbGEhi4NQth7kw5Tsjj%2Fuq3wAMcPUjVwQ7HqL4CwnhDc1k7FDLCDJxwyW0jKDHZq04RVXUB9%2F9HGIwfHIySLjap4IOKX13GIvxqx6cMMaaaTyw1BGddOsetpZHZwVyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61dad58bfc328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 46609

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 21ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1056481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27501
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6b6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppMYt%2Fa2q9QP%2FWexD2ZPzNnOWS9gzG6Ne5NdaPlUdOzkKDVJVfxd2J1pwAhiR0JGg%2BV%2BGMRJkImnHF7wfcz2bIcm6Mj59yLFgXtVPCzFSvHtGQoKPsMtWKGrWByE8aA%2FFrfAIPRybS9P%2Fl4pA45BHBzk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fa61dad5fc917d9-EWR
expires: Sat, 10 Aug 2024 21:54:40 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 23ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9693772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wgq9nWKGYhiTXQcewBSzO3eMEAoWrfnMJnZ7IEfYBeXYetH1DjCz3TxxKJAyHjVsx597dMW8BP9YA6ZwOuIs8%2Bf%2BA4QbKS9wdbz59Z%2FyWlgpSga3tom1VZ4CJRKcMdPCNicMIklIkPM3ECWZh3BCmTUZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fa61dad5fca17d9-EWR
expires: Sat, 10 Aug 2024 21:54:40 GMT

GET
H2 200 main.js Show response
www.winterfest.co.nz/themes/sl-bootstrap/dist/js/ 164 KB
48 KB 1326ms
1324ms Script
application/javascript 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/js/main.js?m=1558561562
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f5b7229e8ac1aedc3988502da4bc5d5d4509254bdc1da1a8b5b026d2e34863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 May 2019 21:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ImxYo5G30PfvLNWYYyzgnpEW7Ibe6ii8FY9re2%2F3W44%2FsYc%2FcRLuLxKBt7pymyjedKaf7xDlJaj5zVmFvi8ImZF5iuE%2FnFEPOWywzyv3EmYyy36b91QUXjTTzMY8tGBWPZcOdjEn2SvUs2E%2BYaoC1odVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fa61dad58bbc328-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 23ms
5ms Stylesheet
text/css 2600:1400:9000::687e:74b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lha2exq&ht=tk&f=139.140.175.176.143.144.147.148.156.157.161.162&a=14827268&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lha2exq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:40 GMT
last-modified: Fri, 14 Jul 2023 12:38:36 GMT
server: nginx
etag: "64b141cc-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
4ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG8T9WK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 20:27:56 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5205
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 21 Aug 2023 22:27:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 83ms
82ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TP6PM96385&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG8T9WK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3543cebe90ac1017436bf6a9256dcefd5945c97a2aa97ead50fbbb4bcebdbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 21:54:41 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/f980f2a9/ Frame 6318 382 KB
48 KB 13ms
12ms Stylesheet
text/css 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f980f2a9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b54d16de682fdf843bd8c85e369ee6796f9a08525ae92b652925c46b74bdf5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49069
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 03:39:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Aug 2024 02:38:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6318 15 KB
16 KB 77ms
14ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:11:34 GMT
x-content-type-options: nosniff
age: 196987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 15:11:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6318 15 KB
15 KB 81ms
18ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 16:17:15 GMT
x-content-type-options: nosniff
age: 193046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 16:17:15 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/f980f2a9/www-embed-player.vflset/ Frame 6318 317 KB
95 KB 17ms
16ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f980f2a9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d94c4693e9d62e00be2252d7ddb23cfce0633803dd0efaefee0249549d48e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 16:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97242
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 03:39:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Aug 2024 16:51:03 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/ Frame 6318 2 MB
759 KB 21ms
20ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e180095b5375ccc6adb47d74780de7ff2f93955c22e3313ecaac34a89d42ac2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 776379
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 03:39:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Aug 2024 15:10:18 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 29ms
22ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=851634144&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winterfest.co.nz%2F&ul=en-us&de=UTF-8&dt=Winterfest%20%C2%BB%20Winter%20Fest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1791731275&gjid=1528314885&cid=1030314681.1692654881&tid=UA-99817797-2&_gid=2140870750.1692654881&_r=1&_slc=1&gtm=45He38g0n81TG8T9WK&z=25716562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winterfest.co.nz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:54:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winterfest.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
159 B 62ms
58ms Ping
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TP6PM96385&gtm=45je38g0&_p=851634144&_gaz=1&cid=1030314681.1692654881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692654881&sct=1&seg=0&dl=https%3A%2F%2Fwww.winterfest.co.nz%2F&dt=Winterfest%20%C2%BB%20Winter%20Fest&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP6PM96385&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:54:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winterfest.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 42ms
18ms Ping
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TP6PM96385&cid=1030314681.1692654881&gtm=45je38g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP6PM96385&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 21:54:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winterfest.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6318
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

44ms
37ms

XHR
application/json

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f1a53c2d49324838ae7e248d3bdeb28c0295158dcf315d11ac5adce9736c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Aug 2023 21:54:41 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6318 29 B
495 B 55ms
15ms Script
text/javascript 2607:f8b0:4020:804::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:46:08 GMT
x-content-type-options: nosniff
age: 513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Aug 2023 22:01:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 79ms
27ms Preflight
text/html 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 21 Aug 2023 21:54:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6318 67 KB
31 KB 35ms
33ms XHR
application/json+protobuf 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a49deef6d73ac88fde9915b8bd9be7a6a2edecb60e15bef1dac2aafe876e1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31591
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/ Frame 6318 116 KB
33 KB 16ms
14ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

391814c528eeec7d63a4384c3366f3b5f7ef28041ef9fb48c991fe4fefd83184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33466
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 03:39:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Aug 2024 18:16:48 GMT

GET
H2 200 iesEQ4xzziy5Hu9xj5MD97OdpJqf23Z9Gv4ZCReYTnU.js Show response
www.google.com/js/th/ Frame 6318 37 KB
15 KB 32ms
4ms Script
text/javascript 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/iesEQ4xzziy5Hu9xj5MD97OdpJqf23Z9Gv4ZCReYTnU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89eb04438c73ce2cb91eef718f9303f7b39da49a9fdb767d1afe190917984e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14690
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 05:08:20 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/NjGC1kD1KIQ/ Frame 6318 20 KB
20 KB 137ms
89ms Image
image/webp 2607:f8b0:4020:807::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/NjGC1kD1KIQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2016 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9bfd38cae652445da08dc337c74015a0d345308507f3fd6da5c69ca93eb6301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
x-content-type-options: nosniff
server: sffe
etag: "1558923375"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20568
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Aug 2023 23:54:41 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/ Frame 6318 48 KB
15 KB 15ms
14ms Script
text/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd828f8b04d538901e5ebeb0a114cd0ae87e0f9df71d19bc483cd5c0d3784200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15085
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 03:39:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Aug 2024 19:41:26 GMT

GET
DATA 200
OK truncated
/ Frame 6318 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AOPolaRw7MsXGpsemXWRVCcK-ByjbM0fotYV4XrmN95sAA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6318 2 KB
2 KB 65ms
33ms Image
image/jpeg 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AOPolaRw7MsXGpsemXWRVCcK-ByjbM0fotYV4XrmN95sAA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

44f938596cf7d8f47941fb2d83334c3cdbcb55c422f93520b0607125001a3102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1934
x-xss-protection: 0
server: fife
etag: "v144"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Aug 2023 21:54:41 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 6318 0
10 B 15ms
14ms Image
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?4QWTrg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6318 4 KB
2 KB 106ms
57ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 21:54:41 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
29ms Preflight
text/html 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 21 Aug 2023 21:54:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6318 90 B
134 B 37ms
37ms XHR
application/json+protobuf 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcaa3ed69603470bacd0da75d0c2ca0d77244cbcef1e68639457ad4731249e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 21 Aug 2023 21:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/116/ Frame 6318 51 KB
15 KB 23ms
13ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/116/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:06:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 22 Aug 2023 20:44:43 GMT

GET
H2 200 bg-branches.png
www.winterfest.co.nz/themes/sl-bootstrap/dist/images/ 648 KB
649 KB 2189ms
2186ms Image
image/png 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/images/bg-branches.png
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/css/style.css?m=1558561560
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a5c2b2f91125fc8da01ab2ad3243622816f7577fc60975564088351782b35bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/css/style.css?m=1558561560
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:44 GMT
cf-cache-status: MISS
last-modified: Wed, 22 May 2019 21:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MucjXXcgdq%2F7G3FT5Do3%2FEhIADYtg7FYzKBV93AfM5vNZeyireLx6GOSyGGKYr1EQTpP1VuA5i9VuhLr%2BlyirCm1Drp6dvbLeLhd8cUGz9OFMCWFV18Nq%2FMzgLHK8Adlz%2FXZgiWFI0EIhNGJiAlZN0Xa8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61db6e888c328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 663669

GET
H2 200 fa-solid-900.woff2
www.winterfest.co.nz/themes/sl-bootstrap/dist/fonts/ 115 KB
115 KB 2202ms
2200ms Font
font/woff2 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/fonts/fa-solid-900.woff2
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/css/style.css?m=1558561560
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe529bb3f596ef36f463c8be98e02b43acccdfc0626719077481fe94e03cff21

Request headers

Referer: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/css/style.css?m=1558561560
Origin: https://www.winterfest.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:44 GMT
cf-cache-status: MISS
last-modified: Wed, 22 May 2019 21:46:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42CRugjmyK%2FPNotrg7LgbyU6g1LMl8Ktez9%2FmuhqEBCwLpDwoSAJnTSx36IaxuFHSAdSmhCqQs3a454akUarZbPxQZ3%2F9e0Idtcou%2BfD%2B0dyjYu6OCoeCSCVrgKe3abZhB%2BSYBLfyqYO9%2BaL%2F8AaFAPXwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61db6e88ec328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 117364

GET
H2 200 l
use.typekit.net/af/8e2bbd/00000000000000003b9b3072/27/ 33 KB
33 KB 51ms
26ms Font
application/font-woff2 2600:141b:13::17d7:82b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8e2bbd/00000000000000003b9b3072/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lha2exq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 507a553130db61df15e47f554bd35c5b9521584e4847173a25fcedc1f6aba776

Request headers

Referer: https://use.typekit.net/lha2exq.css
Origin: https://www.winterfest.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
server: nginx
etag: "dd3ed5a051a56eebcd930c279014a0f1613402d5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33344

GET
H2 200 fa-brands-400.woff2
www.winterfest.co.nz/themes/sl-bootstrap/dist/fonts/ 73 KB
73 KB 2177ms
2175ms Font
font/woff2 2606:4700:3035::ac43:c794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/fonts/fa-brands-400.woff2
Requested by: Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/css/style.css?m=1558561560
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554a6afbe6416e8556e2735042512e57d021e00e49a964d84de15eb72b16504c

Request headers

Referer: https://www.winterfest.co.nz/themes/sl-bootstrap/dist/css/style.css?m=1558561560
Origin: https://www.winterfest.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:44 GMT
cf-cache-status: MISS
last-modified: Wed, 22 May 2019 21:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx7VFDQhWKXAJJDYlWL8ZP7c6FHru3Ta%2FyfIFlyJS4erk3Ad1vqqWDiWt9ZOg2kGtaSK6nUFjfnAWN8sGnDwPqM6oIeq2D%2BxRLkg%2FqPxk2t4pD%2BznjfuuBrp039gO6EDW1Bi0FeKZ9TWZCIM8z4axukBTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fa61db6e890c328-EWR
alt-svc: h3=":443"; ma=86400
content-length: 74652

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 35ms
10ms Font
application/font-woff2 2600:141b:13::17d7:82b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lha2exq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

Referer: https://use.typekit.net/lha2exq.css
Origin: https://www.winterfest.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34336

GET
H2 200 l
use.typekit.net/af/5364bc/00000000000000003b9b3073/27/ 35 KB
35 KB 377ms
352ms Font
application/font-woff2 2600:141b:13::17d7:82b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5364bc/00000000000000003b9b3073/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lha2exq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f7eb8b6f679ea076e97a49176cb52130ee87fc6b402e41462e3bddcdcb67ed60

Request headers

Referer: https://use.typekit.net/lha2exq.css
Origin: https://www.winterfest.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
server: nginx
etag: "c75ce9e6655bead4f201ee0e7d66f9b2b605597c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35808

GET
H2 200 l
use.typekit.net/af/0ff5e1/00000000000000003b9b3078/27/ 33 KB
34 KB 50ms
25ms Font
application/font-woff2 2600:141b:13::17d7:82b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0ff5e1/00000000000000003b9b3078/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lha2exq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 88694e0418748c08ec3082cad6ac8e7e98bd980ca7f322b668d4b7772ee1acd6

Request headers

Referer: https://use.typekit.net/lha2exq.css
Origin: https://www.winterfest.co.nz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
server: nginx
etag: "5604717ace233ade2de274e8019e41d7eecd75db"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34112

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/NjGC1kD1KIQ/ Frame 6318 45 KB
45 KB 68ms
66ms Image
image/webp 2607:f8b0:4020:807::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/NjGC1kD1KIQ/maxresdefault.webp

Requested by

Host: www.winterfest.co.nz
URL: https://www.winterfest.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2016 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd280d536c84f54fe412fb4c0416d181d66a8bb72bfa1a1cfa397423ff0b9956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 21:54:42 GMT
x-content-type-options: nosniff
server: sffe
etag: "1558923375"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45942
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Aug 2023 23:54:42 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6318 28 B
50 B 42ms
42ms XHR
application/json 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f980f2a9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
X-Goog-Request-Time: 1692654884430
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NjGC1kD1KIQ?start=19&feature=oembed
X-YouTube-Client-Version: 1.20230815.01.01
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtvU0xpN3hkNzRaQSiguo-nBjIICgJVUxICGgA%3D
X-YouTube-Ad-Signals: dt=1692654881150&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1110%2C624&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 21 Aug 2023 21:54:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: u3lTBcUXSbs
.youtube.com/	1970-01-20 18:30:06	Name: VISITOR_INFO1_LIVE Value: oSLi7xd74ZA
.winterfest.co.nz/	1970-01-20 14:12:21	Name: _gid Value: GA1.3.2140870750.1692654881
.winterfest.co.nz/	1970-01-20 14:10:54	Name: _gat_UA-99817797-2 Value: 1
.winterfest.co.nz/	1970-01-20 23:46:54	Name: _ga_TP6PM96385 Value: GS1.1.1692654881.1.0.1692654881.60.0.0
.winterfest.co.nz/	1970-01-20 23:46:54	Name: _ga Value: GA1.1.1030314681.1692654881

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdnjs.cloudflare.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
p.typekit.net
static.doubleclick.net
stats.g.doubleclick.net
use.typekit.net
winterfest.co.nz
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.winterfest.co.nz
www.youtube.com
yt3.ggpht.com
2001:4860:4802:34::178
2600:1400:9000::687e:74b1
2600:141b:13::17d7:82b1
2606:4700:3035::ac43:c794
2606:4700::6811:190e
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:80b::2001
2607:f8b0:4006:824::2004
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::2006
2607:f8b0:4020:804::200e
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::200a
2607:f8b0:4020:807::2016
02e9602367091ff1ba7d02fab831fc6b5416226ec9f968172c3f6260bfd1eab2
097062d3ff5eba5ed298e482e9b7f6d5782f6a8fc91c6952270e07200efb0c48
0a49deef6d73ac88fde9915b8bd9be7a6a2edecb60e15bef1dac2aafe876e1b1
0b7c622d83c1aea4b65cb3fb343eec69be6d880b106726fed2cd27d6fc0ec9c9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e8c4a3bcd7c4ac7b437a5267fba4e16d3a7e9594bfe8eccb121060a4dcb1acb
1f1a53c2d49324838ae7e248d3bdeb28c0295158dcf315d11ac5adce9736c301
391814c528eeec7d63a4384c3366f3b5f7ef28041ef9fb48c991fe4fefd83184
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44f938596cf7d8f47941fb2d83334c3cdbcb55c422f93520b0607125001a3102
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4a5c2b2f91125fc8da01ab2ad3243622816f7577fc60975564088351782b35bb
507a553130db61df15e47f554bd35c5b9521584e4847173a25fcedc1f6aba776
554a6afbe6416e8556e2735042512e57d021e00e49a964d84de15eb72b16504c
56f5b7229e8ac1aedc3988502da4bc5d5d4509254bdc1da1a8b5b026d2e34863
58fb5c73b344c416b5827c8dc3feaa1ad7f15174aa56f2066341b769259e8fc4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7415039f59079ca60c9e043d354a2525f48d3d105040f6d85c6276fda97f70b0
88694e0418748c08ec3082cad6ac8e7e98bd980ca7f322b668d4b7772ee1acd6
89eb04438c73ce2cb91eef718f9303f7b39da49a9fdb767d1afe190917984e75
9b2bbe52353923212284b2ca1057d43ec7c275f550b035fe1886d96ac7f0b4d1
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
a9bfd38cae652445da08dc337c74015a0d345308507f3fd6da5c69ca93eb6301
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b24ecc1d9ce36f6945dfac09a1c1d983349a743bea724331b924dbd2b438f0d9
b54d16de682fdf843bd8c85e369ee6796f9a08525ae92b652925c46b74bdf5c8
bd280d536c84f54fe412fb4c0416d181d66a8bb72bfa1a1cfa397423ff0b9956
bd828f8b04d538901e5ebeb0a114cd0ae87e0f9df71d19bc483cd5c0d3784200
c5a6344d11b123e18e9c63cc039eaa5688087fecfd3d6df21bea3f58256b532c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb354c58323320d9769a15dd21f1ba962740d61bee5c97c842072f9dcd41a68
ddd502a813cbc8177bfe33477f69e259fbb9f4b59435edf6fbe7353fdee97abc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e180095b5375ccc6adb47d74780de7ff2f93955c22e3313ecaac34a89d42ac2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d94c4693e9d62e00be2252d7ddb23cfce0633803dd0efaefee0249549d48e5
e7b0cda3a632394aee9e8254f942b93cb2ae52692de55174fb6096475e1d8dcd
e8bf594e1cb3d2eab55cfa4f85cc14e2a26524e38e09fdccd058b88369741333
e9ac254acd70676479e68125aae00ae184fa2c0c1ea830603147325fce1d065b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3543cebe90ac1017436bf6a9256dcefd5945c97a2aa97ead50fbbb4bcebdbde
f7eb8b6f679ea076e97a49176cb52130ee87fc6b402e41462e3bddcdcb67ed60
fcaa3ed69603470bacd0da75d0c2ca0d77244cbcef1e68639457ad4731249e4e
fe529bb3f596ef36f463c8be98e02b43acccdfc0626719077481fe94e03cff21

www.winterfest.co.nz Open in urlscan Pro 2606:4700:3035::ac43:c794 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

100 %IPv6

12 Domains

18 Subdomains

17 IPs

2 Countries

3180 kBTransfer

6373 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winterfest.co.nz Open in urlscan Pro
2606:4700:3035::ac43:c794 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

100 %
IPv6

12
Domains

18
Subdomains

17
IPs

2
Countries

3180 kB
Transfer

6373 kB
Size

6
Cookies

52 HTTP transactions
1 data transactions