winteriscoming.net Open in urlscan Pro
2600:9000:2394:2800:a:3342:cb00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winteriscoming.net/
Effective URL:
https://winteriscoming.net/
Submission: On January 29 via api (January 29th 2024, 5:10:15 pm UTC) from US — Scanned from DE

Summary HTTP 155 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 27 domains to perform 155 HTTP transactions. The main IP is 2600:9000:2394:2800:a:3342:cb00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is winteriscoming.net. The Cisco Umbrella rank of the primary domain is 904021.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 20th 2023. Valid for: a year.

This is the only time winteriscoming.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2600:9000:239... 2600:9000:2394:2800:a:3342:cb00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:550	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	2600:9000:223... 2600:9000:223c:2a00:19:4ac0:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:244... 2600:9000:244f:de00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:2251:9e00:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	18.165.187.137 18.165.187.137	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:bc00:18:ed96:9000:93a1	16509 (AMAZON-02) (AMAZON-02)
34	2600:9000:225... 2600:9000:225e:de00:14:3f07:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
10	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:2800:1b:3a6c:1300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:7000:1:4290:76c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:267	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb00:9b05:4c3d:7cad:ec0e	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.92 13.32.27.92	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	3.160.188.47 3.160.188.47	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2.23.78.67 2.23.78.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.128.140.222 108.128.140.222	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
155	39

1 2600:9000:2394:2800:a:3342:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

winteriscoming.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:550 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.wazimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.mmctsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:244f:de00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:9e00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.165.187.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-187-137.zrh55.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:bc00:18:ed96:9000:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.minutemediacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2600:9000:225e:de00:14:3f07:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

images2.minutemediacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2800:1b:3a6c:1300:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.fansided.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:7000:1:4290:76c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

promotions.minutemediaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:267 (United States)

ASN13335 (CLOUDFLARENET, US)

bqstreamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb00:9b05:4c3d:7cad:ec0e (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-92.fra56.r.cloudfront.net

c.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.188.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-188-47.mrs52.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.140.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-140-222.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	minutemediacdn.com assets.minutemediacdn.com — Cisco Umbrella Rank: 43525 images2.minutemediacdn.com — Cisco Umbrella Rank: 19059	223 KB
34	mmctsvc.com cdn.mmctsvc.com — Cisco Umbrella Rank: 30963	184 KB
13	userway.org cdn.userway.org — Cisco Umbrella Rank: 3378 api.userway.org — Cisco Umbrella Rank: 3275 cdn77.api.userway.org — Cisco Umbrella Rank: 6857	375 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	758 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	22 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 c.aps.amazon-adsystem.com — Cisco Umbrella Rank: 14548 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395	143 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	196 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	34 KB
4	gstatic.com fonts.gstatic.com	96 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1664 a.ad.gt — Cisco Umbrella Rank: 1857	5 KB
3	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157	88 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	479 B
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4441	172 KB
3	wazimo.com cdn.wazimo.com — Cisco Umbrella Rank: 37969	7 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	bqstreamer.com bqstreamer.com — Cisco Umbrella Rank: 23819	715 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	69 KB
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 3394	129 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2790	465 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1860	608 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1798	10 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 4345	37 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	minutemediaservices.com promotions.minutemediaservices.com — Cisco Umbrella Rank: 43054
1	fansided.com app.fansided.com — Cisco Umbrella Rank: 62068	2 KB
1	winteriscoming.net winteriscoming.net — Cisco Umbrella Rank: 904021	72 KB
155	27

	Domain	Requested by
34	images2.minutemediacdn.com	winteriscoming.net
34	cdn.mmctsvc.com	winteriscoming.net cdn.mmctsvc.com rumcdn.geoedge.be ajax.googleapis.com
10	cdn.userway.org	rumcdn.geoedge.be cdn.userway.org
10	www.googletagmanager.com	winteriscoming.net cdn.mmctsvc.com www.googletagmanager.com www.google-analytics.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com winteriscoming.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	winteriscoming.net
3	secure.cdn.fastclick.net	rumcdn.geoedge.be secure.cdn.fastclick.net
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	region1.google-analytics.com	www.googletagmanager.com
3	c.amazon-adsystem.com	winteriscoming.net c.amazon-adsystem.com
3	sdk.privacy-center.org	winteriscoming.net sdk.privacy-center.org rumcdn.geoedge.be
3	cdn.wazimo.com	winteriscoming.net rumcdn.geoedge.be cdn.wazimo.com
3	securepubads.g.doubleclick.net	winteriscoming.net securepubads.g.doubleclick.net rumcdn.geoedge.be
2	cdn77.api.userway.org	cdn.userway.org
2	id.hadron.ad.gt	cdn.hadronid.net
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google.de	winteriscoming.net
2	bqstreamer.com	cdn.wazimo.com
2	connect.facebook.net	winteriscoming.net connect.facebook.net
2	rumcdn.geoedge.be	winteriscoming.net rumcdn.geoedge.be
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	a.ad.gt	rumcdn.geoedge.be
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	geo.privacymanager.io	ats.rlcdn.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.hadronid.net	winteriscoming.net
1	tags.crwdcntrl.net	rumcdn.geoedge.be
1	ats.rlcdn.com	rumcdn.geoedge.be
1	config.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	c.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	www.google.com	winteriscoming.net
1	www.facebook.com	winteriscoming.net
1	api.userway.org	cdn.userway.org
1	promotions.minutemediaservices.com	cdn.mmctsvc.com
1	app.fansided.com	www.googletagmanager.com
1	ajax.googleapis.com	cdn.wazimo.com
1	assets.minutemediacdn.com	winteriscoming.net
1	winteriscoming.net
155	39

This site contains links to these domains. Also see Links.

Domain
quiz.hiddenremote.com
fansided.com
www.facebook.com
twitter.com
daily.fansided.com
www.minutemedia.com

Subject Issuer	Validity	Valid
editorinleaf.com Amazon RSA 2048 M03	`2023-12-20` - `2025-01-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
cdn.mmctsvc.com Amazon RSA 2048 M02	`2023-05-05` - `2024-06-02`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
*.privacy-center.org Amazon RSA 2048 M02	`2023-03-25` - `2024-04-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
assets.minutemediacdn.com Amazon RSA 2048 M02	`2023-04-26` - `2024-05-24`	a year	crt.sh
images.mmctsvc.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.fansided.com Amazon RSA 2048 M01	`2023-07-02` - `2024-07-30`	a year	crt.sh
*.minutemediaservices.com Amazon RSA 2048 M02	`2023-11-25` - `2024-12-23`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
c.aps.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-30` - `2024-07-28`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
id.hadron.ad.gt E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
1784939676.rsc.cdn77.org R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://winteriscoming.net/
Frame ID: 6503CDF628854A43D1B7F483E46E3B54
Requests: 155 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi.js
Frame ID: 5E641B57F90A0908EF42823E6F319324
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Game of Thrones and sci-fi/fantasy news, TV, and moviesIcon / VideoIcon / VideoIcon / VideoIcon / VideoIcon / Video

Page URL History Show full URLs

http://winteriscoming.net/ HTTP 307
https://winteriscoming.net/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

155
Requests

100 %
HTTPS

76 %
IPv6

27
Domains

39
Subdomains

39
IPs

5
Countries

2636 kB
Transfer

9189 kB
Size

20
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://quiz.hiddenremote.com/what-should-i-binge-tv-quiz/
Title: What Should I Binge?

Search URL Search Domain Scan URL

URL: https://fansided.com/network/entertainment/
Title: FanSided ENTERTAINMENT Sites

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WiCnet

Search URL Search Domain Scan URL

URL: https://twitter.com/WiCnet

Search URL Search Domain Scan URL

URL: https://fansided.com/

Search URL Search Domain Scan URL

URL: https://fansided.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://fansided.com/about-fansided/#masthead
Title: Masthead

Search URL Search Domain Scan URL

URL: https://fansided.com/fansided-openings/#apply
Title: Openings

Search URL Search Domain Scan URL

URL: https://fansided.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://fansided.com/network/
Title: Our 300+ Sites

Search URL Search Domain Scan URL

URL: https://daily.fansided.com/
Title: FanSided Daily

Search URL Search Domain Scan URL

URL: https://fansided.com/pitch-a-story/
Title: Pitch a Story

Search URL Search Domain Scan URL

URL: https://fansided.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://fansided.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/website-disclaimer/
Title: Legal Disclaimer

Search URL Search Domain Scan URL

URL: https://fansided.com/accessibility-statement/
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.minutemedia.com/
Title: Minute Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winteriscoming.net/ HTTP 307
https://winteriscoming.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

155 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
winteriscoming.net/
Redirect Chain

http://winteriscoming.net/
https://winteriscoming.net/

503 KB
72 KB

980ms
891ms

Document
text/html

2600:9000:2394:2800:a:3342:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:2800:a:3342:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 82c42a27cbea184402087a532cd35b787148b0dd1aca16116ed7fe71ca089341

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html
date: Mon, 29 Jan 2024 17:10:08 GMT
etag: W/0c37b7169a8bd1f71160a6e75325c90122c2cb88612d77b94a8f0917886ec77a|eb212358f6a2b374bb3df1a808ba57b66b30135ded0daec7b007dd9ff6f49edc
last-modified: Mon, 29 Jan 2024 17:10:08 GMT
referrer-policy: no-referrer-when-downgrade
server: CloudFront
vary: Accept-Encoding
via: 1.1 beda7ef1ba9a3d6628bdfdae06bd482c.cloudfront.net (CloudFront)
x-amz-cf-id: EJAB14aKxU9IQ0qWsDxnX4IHBtDOz8rPds5edmkKFcjjj460o4igig==
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://winteriscoming.net/
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1003 B 89ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600,700&display=swap

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

308346f9779bb3370a0d9ca8719ec7a179f5e599122a3714ac27c11938a9ea9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 17:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:10:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
744 B 90ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 17:06:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:10:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 194ms
133ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d7fe70c971b40deb8892bd9a804b31b3ee5d4d312b048785748bd313e06a5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29820
x-xss-protection: 0
server: cafe
etag: 381 / 19751 / 31080756 / config-hash: 10961985379633005465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:10:08 GMT

GET
H2 200 main.js Show response
cdn.wazimo.com/engine/common/widgets/mmlogger/ 4 KB
2 KB 101ms
33ms Script
application/javascript 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ba905fbfdc2e18b19974d8e56ae034e7b3931e00626ee80d3874703dc33f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 12:23:42 GMT
server: cloudflare
age: 6691
cf-polished: origSize=6126
etag: W/"65a9184e-17ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kY6A7P%2BrHCByVbl7F6uSY72CF%2F5zkUKC3qMpDV%2FTQSReqbNeBcpOzmCatmtgrBSEnddo60O%2FCrtDsuvQAM7ApP%2FnSFMjx3RuobIQzFdUPB1ew47GB15CaUgl0XxkN1ElJM3G7Eji8wQI9XWL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84d316401a749ba1-FRA

GET
H2 200 index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 215 KB
66 KB 152ms
28ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 4b86c0787178eb15e9a6aa1907a656e63167d5521481727728f458777df2ccdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 13:58:06 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 13:57:49 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 11523
etag: W/"66a83de4a571bb92bb8e6b8179e6fab5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pxojE0ds-00ELoS3iCjQuuKI6zndnKAejWe-BMYGNX5ZEL9rzU_qeg==

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/ 16 KB
6 KB 155ms
37ms Script
application/javascript 2600:9000:244f:de00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:de00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:09:41 GMT
x-amz-version-id: X3HbarngIU1A5dONG56O3OdientJRgpb
content-encoding: br
last-modified: Mon, 18 Dec 2023 12:16:19 GMT
server: AmazonS3
via: 1.1 cae331f931db08913da8ffb683cc6f68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
etag: W/"229a75f6b428e87e913ddfb377e45f31"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 28
x-amz-cf-id: epcINsI325L2s8yKTRM3S7J3s47OTN2WQP6i4NlE66mQ6E2v0HV0Qw==

GET
H2 200 loader.js Show response
sdk.privacy-center.org/3810dd55-0181-4ddc-952e-59a8c9a36fe4/ 86 KB
24 KB 89ms
29ms Script
application/javascript 2600:9000:2251:9e00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/3810dd55-0181-4ddc-952e-59a8c9a36fe4/loader.js?target_type=notice&target=WHiEUdYM
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c00b64f9ecb6283e594bdc2412a5e9023831dfa958b2ad709bdff4a4c4e45bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:39:09 GMT
content-encoding: br
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5459
x-amzn-requestid: 963b3c1a-5017-419b-b0a8-2e068e0df67a
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-didomi-configs-version: 95
etag: W/"ceae4cdfbd52ad7f13da74558038b196"
x-amzn-trace-id: root=1-65b7c69d-7be7a8b011a3349e59c20a53;sampled=0;lineage=eaae1266:0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200, public
x-amz-cf-id: Jsjv2KmflbTGaPdV9FAulA-y20bpA3TKrlkTrhnFC8JTo8Qa88e0Bg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 520 KB
137 KB 165ms
104ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7359a5ba1cb6468d87acc71cb935c4b9be4a192e6c9add0ef98f95ea48c615d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 139961
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 17:10:08 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
71 KB 357ms
33ms Script
application/javascript 18.165.187.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.187.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-187-137.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:14:18 GMT
content-encoding: gzip
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, ZRH55-P1
age: 3351
x-amz-server-side-encryption: AES256
etag: W/"bfb1a1567d75287f0c63152bfd796b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: mlzzb4GS4q-YsLERnbKrl3pUiBtpg7OV2iYR2JdCG8ecQRraNRPpsw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
70 KB 103ms
43ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-524LTF9

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfa97700bbe4aebd264f23350f5c19040c10bf4f3df325278dd733a050147160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71435
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 17:10:08 GMT

GET
H2 200 HomePagePhoenix.bundle.EYNOGTK3.js Show response
assets.minutemediacdn.com/js/ 426 KB
127 KB 157ms
53ms Script
application/javascript 2600:9000:2250:bc00:18:ed96:9000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.minutemediacdn.com/js/HomePagePhoenix.bundle.EYNOGTK3.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:bc00:18:ed96:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 20b59e88c09b33ccbe25eed47b260d27f27464788859d3298063b76a279ceda4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:53:30 GMT
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 15:51:22 GMT
server: CloudFront
x-amz-cf-pop: FRA60-P2
age: 4599
etag: W/"555d30429d680e14f4bcc7922495176e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VO0fmuBbAx5mU-3HGACrVR616I7ArdFqh6Lpwy2EtFVkou8PLjNK5w==

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae66a6bfeda36f14aee99589a98078c3d8ffa82a4ce443e11229864de21b68f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 465fcc22a8d03db25f15da540b733de0c636465839c7ef99c6dcb233a50af04c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 images%2FImageExchange%2Fmmsport%2F385%2F01hnb12yqhrx8qfza334.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_62/c_fill,w_720,ar_16:9,f_auto,q_auto,g_auto/ 17 KB
18 KB 143ms
32ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_62/c_fill,w_720,ar_16:9,f_auto,q_auto,g_auto/images%2FImageExchange%2Fmmsport%2F385%2F01hnb12yqhrx8qfza334.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 144defa23e96754a4dd2dd63668428d5e89073e4744a7aed2c41ff47a1c72a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:47:16 GMT
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1372
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hnb12yqhrx8qfza334.webp"
content-length: 17540
x-request-id: 7587b13ae5a032458d12365cf483283d
x-served-by: cache-iad-kjyo7100040-IAD
last-modified: Mon, 29 Jan 2024 16:43:42 GMT
server: CloudFront
surrogate-reporting: width=720,height=405,bytes=17540,owidth=3000,oheight=2000,obytes=3242115,ef=(1,13,17,23)
x-timer: S1706546837.658558,VS0,VE2
etag: "6a4ddc854290603175db4afae70e7d00"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: NAjZI64BTqUfvfXnLziiK_zVqS0QU31hbdNBICYvh3qTDwFEQasAzQ==
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 92ms
35ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 603364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 17:34:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 85ms
29ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:28:52 GMT
x-content-type-options: nosniff
age: 495676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:28:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 100ms
29ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: cdn.wazimo.com
URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 12:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 12:47:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ 436 KB
136 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 12:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16424
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139485
x-xss-protection: 0
server: cafe
etag: 9760076492862216199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Jan 2025 12:36:24 GMT

GET
H2 200 sdk.dd20666fb8c871080b1834da88c143647b75e56e.js Show response
sdk.privacy-center.org/sdk/dd20666fb8c871080b1834da88c143647b75e56e/modern/ 338 KB
94 KB 56ms
56ms Script
application/javascript 2600:9000:2251:9e00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/dd20666fb8c871080b1834da88c143647b75e56e/modern/sdk.dd20666fb8c871080b1834da88c143647b75e56e.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/3810dd55-0181-4ddc-952e-59a8c9a36fe4/loader.js?target_type=notice&target=WHiEUdYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fca15fdab1e9d65135b9065927af819257e48224d0a2c40f3abb49d7dadb1eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:18:35 GMT
content-encoding: gzip
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 15:18:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6694
etag: W/"52f261220ccc9e2f1756756c520e0345-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xlRQ-dxpVQmBHQB9lo86UX6AH7pz1iejiM1rBKD8GwaLLcxm92l1ow==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
59 KB 59ms
57ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Requested by

Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29dc647a00f7b03ac4135274c872f205689945926201384a4b70c43babb64e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60464
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 17:10:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
52 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M773ZX2

Requested by

Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cdbc5c1866fb27aa7d3ecdfa1c9208946cf672c634f3a49c72963ae9ae3e8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53557
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 17:10:08 GMT

GET
H3 200 winteriscoming.net.json Show response
cdn.mmctsvc.com/adunits/ 686 B
1007 B 183ms
25ms Fetch
application/json 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/adunits/winteriscoming.net.json
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c10e2b2daf3d219b419b65de36421f817ebb5bab791b329c282efe879f7905a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:29:10 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 319260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 686
last-modified: Fri, 26 Jan 2024 00:21:16 GMT
server: CloudFront
etag: "54d62dec0c5d102b13888eb53f8910f1"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 31536000
accept-ranges: bytes
x-amz-cf-id: Dj7IIQulUHzA7O4ZKs1Ytx-vatDQq2j8H3HhySE7x6_X8wzfEF0dlA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/ Frame 5E64 391 KB
123 KB 39ms
38ms Script
text/javascript 2600:9000:244f:de00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:de00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0f4bc260ed05fb3c3329c05134e7246a34966302e5225e1957d81fbc0d99d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:09:41 GMT
x-amz-version-id: Gj5qtNTEex9HnSk65OQZrbAUINvc3HEy
content-encoding: br
via: 1.1 cae331f931db08913da8ffb683cc6f68.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
age: 28
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 29 Jan 2024 16:50:31 GMT
server: AmazonS3
etag: W/"c323a4a03a53ffba6bf63018f030793f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: C5f6o4Dw1Wv9n5grtRf8cughpIMQXi-mC3uobuHMmQO2qv1E0Ofuug==

GET
H2 200 / Show response
cdn.wazimo.com/engine/common/widgets/mmlogger/min/ 13 KB
4 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/min/?static=true&v=118
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 30071189f1fdbd95cbf1621fd6b95bea16aa3827d53ef8326f6b0e8963896f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 29 Jan 2024 15:30:11 GMT
server: cloudflare
age: 5997
cf-polished: origSize=18273
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j4E9fnk9MFgwItXIvUv7U6spQL2Ez7t3naSAFJcG31ldVPIvZo0EP%2F%2BWwCX86j0%2BmeiO%2BWeyl62rvt609%2BCkMC86v1kjyioB7zfpk18Ej5oM0s0Fg85fpsGZscLQDZjSLiJkCVK9xFyIbsl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84d316422cfc9ba1-FRA

GET
H3 200 geo Show response
cdn.mmctsvc.com/.mc/ 58 B
298 B 26ms
25ms Fetch
application/json 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/.mc/geo
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ac667b39b6a81d70b1100cedc79a3d0c0d1347c1e17599d55131ab19e6d70b54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 22:23:38 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 11040391
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
content-length: 58
x-amz-cf-id: KXrMMbkdoV0LtwEarjS_vEpHWWhskcT_26Sjub3O5UoEwERcIqXc3w==

GET
H2 200 01hn3sdefaf8333nx8vy.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1600,h_900,x_0,y_109/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 314 B
1 KB 42ms
32ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_1600,h_900,x_0,y_109/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hn3sdefaf8333nx8vy.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2af81c00409b03aece10e2033c119f618c591fa6657564ab695af7da83d628d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:26:32 GMT
via: 1.1 01b8e3a9ba527e97cf26e596dffabb8e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2617
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hn3sdefaf8333nx8vy.webp"
content-length: 314
x-request-id: 97a8db0191ac2e667b38699d7eb4b412
x-served-by: cache-iad-kiad7000116-IAD
last-modified: Mon, 29 Jan 2024 16:26:28 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=314,owidth=1600,oheight=1039,obytes=1682761,ef=(1,13,17,23)
x-timer: S1706545592.002782,VS0,VE2
etag: "6b14c5f47c861d1993e5bf8ded3f7910"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: CKAAjnZLJmWPi57TXvJbKKPuMUedZY9Pt_0LmYySIrs4sbm1uKP4Ag==
x-cache-hits: 1

GET
H2 200 01hmyq0jfb6f4t0kdvh3.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5000,h_2812,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/ 880 B
2 KB 40ms
30ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_5000,h_2812,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/01hmyq0jfb6f4t0kdvh3.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f89537854582f3fdbb4d30625f4dd8e25b2ddeeb88aa9bbc916574244c315c37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:06:47 GMT
via: 1.1 071f5fea9cc276d1769e252ea33022fa.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3802
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hmyq0jfb6f4t0kdvh3.webp"
content-length: 880
x-served-by: cache-iad-kiad7000160-IAD
last-modified: Mon, 29 Jan 2024 15:54:32 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=880,owidth=5000,oheight=3246,obytes=2785147,ef=(1,13,17,23)
x-timer: S1706544407.384109,VS0,VE1
etag: "df1174dbbbca34145f6bbb0fd0442771"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Dr5iR_qnLS_LnNh5eAqBpm5iTamVuhHxTY9MdEPxTV92sN0FLoQT7w==
x-cache-hits: 1

GET
H2 200 house_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.jpg
images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/ 174 B
953 B 35ms
25ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/house_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: abbcc9b349f6420a2f60f4655521a3949da72428d818f370810a5a1fd9e83aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 17:51:36 GMT
via: 1.1 7858d9a710c9f9ade149eac1339a9a6c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 256713
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="house_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.webp"
content-length: 174
x-request-id: fe13c2421620a66a1d7a9a922818e53b
x-served-by: cache-iad-kiad7000075-IAD
last-modified: Fri, 26 Jan 2024 17:48:41 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=174,owidth=480,oheight=360,obytes=14187,ef=(1,13,17,23)
x-timer: S1706291497.901619,VS0,VE3
etag: "02d0a79b16d8e0a5caf51702ff68901d"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: rCSQj8Ecx8wfkVo87POXeVtGWmfbF-V1yimx3xFCTwy-X2-sLDwpMg==
x-cache-hits: 1

GET
H2 200 crazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.jpg
images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/ 336 B
1 KB 36ms
26ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/crazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d95dcfe536829dc50ecab12cd73490c22df720e1ab30c63acacdd28cfce137a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:08:48 GMT
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 345681
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="crazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.webp"
content-length: 336
x-request-id: eb336c8a861f910d9720fc7b911c7e00
x-served-by: cache-iad-kjyo7100064-IAD
last-modified: Thu, 25 Jan 2024 17:08:38 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=336,owidth=480,oheight=360,obytes=35006,ef=(1,13,17,23)
x-timer: S1706202528.303560,VS0,VE2
etag: "71150800f0318418f1865dd5e08587d1"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: dmtoj0PJRJyAr0PUr5fCj3fYSRHThCU9_fI0BMgVRSPlwXAPFNqL0w==
x-cache-hits: 1

GET
H2 200 01hn22r7ncx5hd222664.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_43/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 836 B
2 KB 40ms
31ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_43/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hn22r7ncx5hd222664.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 23437814a03bc20a177d6a37c8d403a2552fdea25465ac12c5917ac6dfd331fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:43:41 GMT
via: 1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1588
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hn22r7ncx5hd222664.webp"
content-length: 836
x-request-id: 3067ea2999e1fb74a388373ee89acf88
x-served-by: cache-iad-kiad7000123-IAD
last-modified: Mon, 29 Jan 2024 16:43:42 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=836,owidth=1920,oheight=1282,obytes=1836327,ef=(1,13,17,23)
x-timer: S1706546621.064169,VS0,VE509
etag: "4f1acce8389181e59582f9364101fd21"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: vv7d1ZN733hyFD_f9n2msGjmFGzaWbkHte-DX8L_1mT1rsyADOi9nQ==
x-cache-hits: 0

GET
H2 200 01hn3tzea3qcrm5abbxm.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_992,h_558,x_0,y_200/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/voltaxMediaLibrary/mmsport/385/ 356 B
1 KB 38ms
29ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_992,h_558,x_0,y_200/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/voltaxMediaLibrary/mmsport/385/01hn3tzea3qcrm5abbxm.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0e6921d90c459f9545573e0524df74f0a893c6f91e062f8d7276f3407dcd2d10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:09:31 GMT
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 7238
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hn3tzea3qcrm5abbxm.webp"
content-length: 356
x-served-by: cache-iad-kjyo7100104-IAD
last-modified: Mon, 29 Jan 2024 15:00:12 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=356,owidth=992,oheight=1500,obytes=221381,ef=(1,13,17,23)
x-timer: S1706540972.927705,VS0,VE2
etag: "ac6e5cfa4c007281762c80579dd93b2e"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: QGXtJ2yofMLiAKBNQj-pKj6YhVZfKvVFvmyXaGmCuw6TEx-kDiD4aw==
x-cache-hits: 1

GET
H2 200 01hn3h15eqz168h3gdmf.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 306 B
1 KB 37ms
28ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hn3h15eqz168h3gdmf.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 66af9cee4a582329bdae47b1fa86da5974bd5c6f2329ee3866f7680c51525f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:35:57 GMT
via: 1.1 5d1a51a1eb09caa5b28051dd961c7c40.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 243252
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hn3h15eqz168h3gdmf.webp"
content-length: 306
x-request-id: 050fd5c79ef9b9f1fdb15808c6a08739
x-served-by: cache-iad-kjyo7100030-IAD
last-modified: Fri, 26 Jan 2024 21:35:58 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=306,owidth=3000,oheight=2000,obytes=1328631,ef=(1,13,17,23)
x-timer: S1706304957.303811,VS0,VE603
etag: "8b8154514e4ba4dafccec4186f72f15c"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: oTvbQfwms6IpPB3yAELJYDME6gKVxMan84CTPuRClMBBwL4W0ItJjA==
x-cache-hits: 0

GET
H2 200 01hn3psgxhr5c0v0h3d8.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3600,h_2025,x_0,y_204/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 306 B
991 B 36ms
27ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3600,h_2025,x_0,y_204/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hn3psgxhr5c0v0h3d8.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 663fb61201f4249395559a01784078b0892fdf54772a19f95a05bf40a3ecdbec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:35:07 GMT
via: 1.1 52e479c500405e4e5b36d8a25429d06c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 88502
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hn3psgxhr5c0v0h3d8.webp"
content-length: 306
x-served-by: cache-iad-kjyo7100151-IAD
last-modified: Fri, 26 Jan 2024 21:15:22 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=306,owidth=3600,oheight=2394,obytes=5390219,ef=(1,13,17,23)
x-timer: S1706459707.466510,VS0,VE1
etag: "fde803548d05a56fb828ce0e54ebe2ac"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: O8ZD3k-d5js6GZA9G-odzpefTwSO5KPTgq-xYl89KDd-WqUiFfVBMw==
x-cache-hits: 1

GET
H2 200 01hn2r45fmaxhamy2x3c.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5184,h_2916,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 926 B
2 KB 39ms
30ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_5184,h_2916,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hn2r45fmaxhamy2x3c.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5f58aaf1f6edd3740a5fade14c9c4a6c116708651e0bca6da2a4229063f60e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:30:58 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 95951
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hn2r45fmaxhamy2x3c.webp"
content-length: 926
x-served-by: cache-iad-kiad7000098-IAD
last-modified: Fri, 26 Jan 2024 21:15:23 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=926,owidth=5184,oheight=3456,obytes=7418017,ef=(1,13,17,23)
x-timer: S1706452258.108166,VS0,VE121
etag: "ffc4220d5bc63dda780ec39944a92ead"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: BnfoTDxTLI21sQ37XyI_T03HP1nPeVrEYlWUDZHFphwz_vlUF1UdQQ==
x-cache-hits: 0

GET
H2 200 01hn0v76yye06a6rm0c9.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_7952,h_4473,x_0,y_467/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 396 B
1 KB 41ms
33ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_7952,h_4473,x_0,y_467/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hn0v76yye06a6rm0c9.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ae50af3b8034462a4da0b7cfe826946f07632bbbeee5ac1d9bd5befc4fb80a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:43:18 GMT
via: 1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 329211
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hn0v76yye06a6rm0c9.webp"
content-length: 396
x-served-by: cache-lga21934-LGA
last-modified: Thu, 25 Jan 2024 21:37:37 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=396,owidth=7952,oheight=5304,obytes=18259495,ef=(1,13,17,23)
x-timer: S1706218998.292498,VS0,VE1
etag: "2f76e9f6159d5ed0ef0d34b4ec755981"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: CVVOBzQDp2t6_va0WT1SwRcd-CHlaYmm4AbfBR9JLNQFZ7QT4TLQjw==
x-cache-hits: 1

GET
H2 200 01hn0pb0s8bbgy7y5q93.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3835,h_2157,x_155,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 322 B
1 KB 56ms
48ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3835,h_2157,x_155,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hn0pb0s8bbgy7y5q93.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c576d6374037db36fbe22fbeec555e9ff9ae1058b97253e10069eeaa4a33ec89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 20:05:44 GMT
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 335065
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hn0pb0s8bbgy7y5q93.webp"
content-length: 322
x-request-id: f99116036f2ec2ac4e71060e96a971a2
x-served-by: cache-iad-kiad7000160-IAD
last-modified: Thu, 25 Jan 2024 20:05:45 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=322,owidth=4096,oheight=2160,obytes=3272722,ef=(1,13,17,23)
x-timer: S1706213144.695353,VS0,VE1119
etag: "b897c7df9d7516747b25436d6fe9b6d5"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 7lnvrF1zCMAetvb1uRSHJOQFvTsH5r7IcT-Wyzk1UzaeNsKsgBfVvg==
x-cache-hits: 0

GET
H2 200 01hmyaxqx1v6w6hs03v0.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4392,h_2470,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/ 322 B
1 KB 54ms
47ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_4392,h_2470,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/01hmyaxqx1v6w6hs03v0.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a9b141bd388183d5ec09ab7eb9ee10c82c236b0ff2c53892d773ef530e6922b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:02:37 GMT
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 353252
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hmyaxqx1v6w6hs03v0.webp"
content-length: 322
x-request-id: d24660d4e54c66c47979e190d7244c96
x-served-by: cache-iad-kjyo7100160-IAD
last-modified: Thu, 25 Jan 2024 15:01:48 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=322,owidth=4392,oheight=3127,obytes=2278710,ef=(1,13,17,23)
x-timer: S1706194958.742847,VS0,VE1
etag: "1ccf302c51d0c84cdb7bb61b5319fe55"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: g_mCkKRXxAX1XgaRS7u5eWQJN-onUSDgTCxKtvckoPwQmALfdE58lQ==
x-cache-hits: 1

GET
H2 200 01hmq7ft1nnztqc9zb2f.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 306 B
1 KB 56ms
48ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmq7ft1nnztqc9zb2f.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 66af9cee4a582329bdae47b1fa86da5974bd5c6f2329ee3866f7680c51525f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 17:25:29 GMT
via: 1.1 5d1a51a1eb09caa5b28051dd961c7c40.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 431079
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hmq7ft1nnztqc9zb2f.webp"
content-length: 306
x-request-id: deb4e46b896e6c2f7e6a0bf09b9d8715
x-served-by: cache-iad-kjyo7100141-IAD
last-modified: Wed, 24 Jan 2024 07:06:33 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=306,owidth=3000,oheight=2000,obytes=1328631,ef=(1,13,17,23)
x-timer: S1706117130.977211,VS0,VE1
etag: "8b8154514e4ba4dafccec4186f72f15c"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 3Lh9bE9W1j4HEodxPNzAvVY2jzTxD2_Q4iuKbQGcFy6onjCvJ-WMxA==
x-cache-hits: 1

GET
H2 200 01hmw330m4wes6gydtfj.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2100,h_1181,x_0,y_72/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 188 B
920 B 56ms
49ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_2100,h_1181,x_0,y_72/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmw330m4wes6gydtfj.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 271ac8bfe00a9774fffd1e1aec332ca161bdba74149b4f14cd0684ab9c71e540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 02:31:19 GMT
via: 1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 52730
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hmw330m4wes6gydtfj.webp"
content-length: 188
x-request-id: 08101a6234673740a55c805fb8115ccf
x-served-by: cache-iad-kiad7000126-IAD
last-modified: Mon, 29 Jan 2024 02:31:20 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=188,owidth=2100,oheight=1400,obytes=825321,ef=(1,13,17,23)
x-timer: S1706495479.206712,VS0,VE506
etag: "02cfcb682eac8533076180be52c142fb"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: QawiH3ki7RJxoH41ihiZ3I87vdxmffnytpS4ghW3G7JbboxrwTvgqw==
x-cache-hits: 0

GET
H2 200 a_tale_of_fire_and_ice-5da0004c9737b76f55dd8cbfbc6dadcd.jpg
images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/ 342 B
1 KB 57ms
50ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/a_tale_of_fire_and_ice-5da0004c9737b76f55dd8cbfbc6dadcd.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c2d93132d9f33268b01136a0f0bd46dc44009dfe592a2c945e8e09dccc569edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:01:31 GMT
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 180518
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="a_tale_of_fire_and_ice-5da0004c9737b76f55dd8cbfbc6dadcd.webp"
content-length: 342
x-request-id: 38da703601148441bdfc91594702e6b5
x-served-by: cache-iad-kiad7000161-IAD
last-modified: Fri, 26 Jan 2024 21:15:21 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=342,owidth=480,oheight=360,obytes=28153,ef=(1,13,17,23)
x-timer: S1706367692.557102,VS0,VE2
etag: "6ce2e5bdd600e7aa8caa1ce5b6258993"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: S1Rnzt9qUyWHBeKzQZCpDJ4yKbalM3w1yloRi2dEeAsaKSiS1bxwgw==
x-cache-hits: 1

GET
H2 200 01hn110z7wesm8zbfs1f.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3018,h_1697,x_0,y_183/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/ 242 B
928 B 58ms
51ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3018,h_1697,x_0,y_183/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/01hn110z7wesm8zbfs1f.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5cc6c43ca1856a35faad9c60128c8a8458911aa160997c34ea22366df33ed8bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 14:11:06 GMT
via: 1.1 a27022837959b6f70545c8d6d0de9d04.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 269943
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hn110z7wesm8zbfs1f.webp"
content-length: 242
x-served-by: cache-iad-kiad7000130-IAD
last-modified: Fri, 26 Jan 2024 14:01:21 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=242,owidth=3018,oheight=4526,obytes=1626724,ef=(1,13,17,23)
x-timer: S1706278266.415833,VS0,VE75
etag: "921e4fe871e797df49662831f90b0172"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: upoLKyRqlGXTy2-sKJnDg2cf5En7D3e0PNJu9d1QyxyAIv2tH8L3Mw==
x-cache-hits: 0

GET
H2 200 01hmrzqbyfx7krjsv3w4.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3150,h_1771,x_0,y_94/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 270 B
1004 B 57ms
51ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3150,h_1771,x_0,y_94/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmrzqbyfx7krjsv3w4.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2d9c225c4ee1d642e8c8af4d6777bfd005f273ef758a47eee247f8b721e2f896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:59:00 GMT
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 335469
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hmrzqbyfx7krjsv3w4.webp"
content-length: 270
x-request-id: 91b4c588f54172f61151b77d60abb8d1
x-served-by: cache-iad-kiad7000171-IAD
last-modified: Thu, 25 Jan 2024 19:58:23 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=270,owidth=3150,oheight=2100,obytes=3262055,ef=(1,13,17,23)
x-timer: S1706212740.341075,VS0,VE2
etag: "d20d43dd9695e527464650cd2207ccf3"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fhJyWXD7wfT13auqfM_7iuny5IFKvnVT9IGZC27w8Zi-nxXdtf733w==
x-cache-hits: 1

GET
H2 200 01hmh3ht6rdsat0cn165.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3150,h_1771,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 250 B
938 B 55ms
50ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3150,h_1771,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmh3ht6rdsat0cn165.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 31d579fc125bbc52feab9228c7aa2827bcd3d61bf1fcf6e271c0ba85212170cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 15:00:33 GMT
via: 1.1 412b51478c24c00d9c9185312b00ffd0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 612576
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hmh3ht6rdsat0cn165.webp"
content-length: 250
x-served-by: cache-iad-kiad7000093-IAD
last-modified: Mon, 22 Jan 2024 08:04:29 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=250,owidth=3150,oheight=2100,obytes=2273921,ef=(1,13,17,23)
x-timer: S1705935634.793503,VS0,VE140
etag: "b17f6893d03bfd6353708be445c85850"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: up4bDQfqYZZwAZ7aWSBhqLcW3WtwoLihecF7h089B1yigXxEjdQbGw==
x-cache-hits: 0

GET
H2 200 01hmhb94gns96mettf6v.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2227,h_1252,x_511,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 372 B
1 KB 57ms
53ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_2227,h_1252,x_511,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmhb94gns96mettf6v.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6221c101442a1fa7b67dfb88adf7df9661e8262fcbafc542ed3166709e0929ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:28:48 GMT
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 643281
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hmhb94gns96mettf6v.webp"
content-length: 372
x-served-by: cache-iad-kiad7000138-IAD
last-modified: Sat, 20 Jan 2024 17:26:52 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=372,owidth=2999,oheight=1256,obytes=3933974,ef=(1,13,17,23)
x-timer: S1705904928.954636,VS0,VE57
etag: "746f3043adebf7e578ce25c7f2f70d1b"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: yjKl7KqWv8esYKTM21GAiLS2W_jTzJivYTZ_InaoWlqhbRcOsx8uSw==
x-cache-hits: 0

GET
H2 200 01hmd1e93vn3sr65txt7.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_52/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 294 B
979 B 57ms
52ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_52/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmd1e93vn3sr65txt7.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 98644a91fee0751f2d28ec09f7be853435d220d19345ddcf8d5c7e9035d86748

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 14:01:48 GMT
via: 1.1 bfc4676044fcc4c0c8e705c71ca51fea.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 788901
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hmd1e93vn3sr65txt7.webp"
content-length: 294
x-served-by: cache-iad-kjyo7100134-IAD
last-modified: Sat, 20 Jan 2024 14:01:48 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=294,owidth=1920,oheight=1280,obytes=2669328,ef=(1,13,17,23)
x-timer: S1705759309.785428,VS0,VE93
etag: "d2be6a2884deaa701a477597a2c632a0"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: A0-u2ccz1lXlsRpPl_gbWMWZ10pJ5dR5jVR8euhWzhQdrkPGvtRgjQ==
x-cache-hits: 0

GET
H2 200 01hmhhvb4bam8rttj22y.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5472,h_3078,x_0,y_66/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 890 B
2 KB 58ms
54ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_5472,h_3078,x_0,y_66/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmhhvb4bam8rttj22y.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e47c17f75a2cbd5fc2f3ad4de8b05fc5affb4fd8a6f45da8b98a877940ca83fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:17:20 GMT
via: 1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 733969
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hmhhvb4bam8rttj22y.webp"
content-length: 890
x-request-id: ef30dbb96c7b9f789c83f6bf12c19330
x-served-by: cache-iad-kiad7000144-IAD
last-modified: Fri, 19 Jan 2024 21:02:21 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=890,owidth=5472,oheight=3648,obytes=11257101,ef=(1,13,17,23)
x-timer: S1705814240.289014,VS0,VE19
etag: "905446a8de91163799cbd0a7ee898fbc"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: KX1s1CctLED08FiQr741mSbCyjmGcuYe-drE2BsUEwAbqIHikI2m9Q==
x-cache-hits: 1

GET
H2 200 01hmct2np495r5qgt6y8.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_80/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 386 B
1 KB 57ms
53ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_80/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hmct2np495r5qgt6y8.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 8964280ee5ff3dd7a8b752c726aa3e909a63410a565c7526e4868675cf4709b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:52:28 GMT
via: 1.1 f7f49dad2d783fde3adeef21381de800.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 958661
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hmct2np495r5qgt6y8.webp"
content-length: 386
x-request-id: e4c9c5f17651be5f41eb2406d9a023bb
x-served-by: cache-iad-kjyo7100038-IAD
last-modified: Thu, 18 Jan 2024 14:52:29 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=386,owidth=3000,oheight=2395,obytes=1643765,ef=(1,13,17,23)
x-timer: S1705589547.431192,VS0,VE811
etag: "90523f61ad8993d062c47d4344085526"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: yze1VKLaRKtF9eia6roN1eQMsZWtneJ_TET72HH_piLkmHRUmG_mNA==
x-cache-hits: 0

GET
H2 200 the_lord_of_the_rings_trilogy_supertrailer__hq_-b1ca8fb5acbbc0dba01fef2ac45ab167.jpg
images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/ 228 B
1003 B 60ms
56ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/the_lord_of_the_rings_trilogy_supertrailer__hq_-b1ca8fb5acbbc0dba01fef2ac45ab167.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 44912a4e9a17b476de45e314826e3ce7a8af159c4a120a64be60cb8ddc183135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:00:38 GMT
via: 1.1 747643510d5744fd5b06cb1647567818.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1130971
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="the_lord_of_the_rings_trilogy_supertrailer__hq_-b1ca8fb5acbbc0dba01fef2ac45ab167.webp"
content-length: 228
x-request-id: 4d99075fb10ade8ccd6222bd6ff554e6
x-served-by: cache-iad-kjyo7100179-IAD
last-modified: Tue, 16 Jan 2024 15:00:39 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=228,owidth=480,oheight=360,obytes=11693,ef=(1,13,17,23)
x-timer: S1705417238.573392,VS0,VE448
etag: "5473e8a8b07673f2139800bfcc239566"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: QErItBkFMzu6t5y1lYm3ZLtteku1PnLR0t_RHL7Du3n2_ibiJ5VodA==
x-cache-hits: 0

GET
H2 200 01hkghx1z41eaqve1z5a.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5504,h_3096,x_0,y_1904/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/ 292 B
1 KB 58ms
55ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_5504,h_3096,x_0,y_1904/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/01hkghx1z41eaqve1z5a.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 751d944ae6135be340cac7896f5f9b0326213d6db9f7360a329a56987cafe05b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:03:32 GMT
via: 1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1134397
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hkghx1z41eaqve1z5a.webp"
content-length: 292
x-request-id: e67d3ec0a24d25695e0e27076decdcd0
x-served-by: cache-iad-kiad7000127-IAD
last-modified: Tue, 16 Jan 2024 14:01:33 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=292,owidth=5504,oheight=8256,obytes=11627028,ef=(1,13,17,23)
x-timer: S1705413813.621116,VS0,VE1
etag: "cd6461de34141596ed54ab231cd70c2f"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 8ZhtzpOZIBtEHIVYRmbmPQlggpaFyv4yrwf1W2tuRu2ptwKExIviiA==
x-cache-hits: 1

GET
H2 200 01hktexdjvkf87rx4fh7.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3150,h_1771,x_0,y_45/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 202 B
935 B 60ms
56ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3150,h_1771,x_0,y_45/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hktexdjvkf87rx4fh7.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0ad2843d1c38f27db499879552bd11587b8cf0b32fd8e30e063260038b3e6d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 15:03:59 GMT
via: 1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1217170
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hktexdjvkf87rx4fh7.webp"
content-length: 202
x-request-id: 526824ba8b66f0746509890da9dbe6c5
x-served-by: cache-iad-kiad7000083-IAD
last-modified: Mon, 15 Jan 2024 15:00:32 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=202,owidth=3150,oheight=2100,obytes=2489069,ef=(1,13,17,23)
x-timer: S1705331039.136833,VS0,VE1
etag: "16074beb997bccff74e3c08f14eac7ae"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Bvt20zUKfJYJu2oqaZEZHARJbY7DB1qfqLdWhdgq4yConxAkRixMMg==
x-cache-hits: 1

GET
H2 200 3_body_problem_season_1__geeked_week__sneak_peek-b9fb877dbb402f0aaf5a63c3059cfd1a.jpg
images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/ 310 B
1 KB 61ms
57ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/shape/cover/sport/3_body_problem_season_1__geeked_week__sneak_peek-b9fb877dbb402f0aaf5a63c3059cfd1a.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a28dbeb56873c9d51d0c98cfa6413c8253a0e6a4dc7f4c0a3f3c9da833bae6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:01:03 GMT
via: 1.1 70e40bc3fbbdbf0242115d0ef383be56.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1390146
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="3_body_problem_season_1__geeked_week__sneak_peek-b9fb877dbb402f0aaf5a63c3059cfd1a.webp"
content-length: 310
x-request-id: a19f856c5957d43254db0beaea733c41
x-served-by: cache-iad-kjyo7100043-IAD
last-modified: Sat, 13 Jan 2024 15:01:04 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=310,owidth=480,oheight=360,obytes=18390,ef=(1,13,17,23)
x-timer: S1705158063.352601,VS0,VE288
etag: "0f374667f225200bf859306d172fef01"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: QaPI4eljmF5OZQ5o6dm7pOg733NYHviHjFhQgCMV4P7uN35Z2kG6HQ==
x-cache-hits: 0

GET
H2 200 01hkzy2d0ck4kbrph523.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1000,h_562,x_0,y_70/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 326 B
1011 B 60ms
57ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_1000,h_562,x_0,y_70/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hkzy2d0ck4kbrph523.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b31008345e3659c8b65ae101c12cde5b5279afc913d70ad359140aaadbd7db18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 05:06:11 GMT
via: 1.1 02953992e043cdd9273bab020f4030a0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1253038
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hkzy2d0ck4kbrph523.webp"
content-length: 326
x-served-by: cache-iad-kiad7000168-IAD
last-modified: Sat, 13 Jan 2024 15:35:06 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=326,owidth=1000,oheight=1600,obytes=231893,ef=(1,13,17,23)
x-timer: S1705295171.132185,VS0,VE1
etag: "433e1842e8e4f03ace6f59a4cadf1238"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ByyjoabQnJlOFY5631LdNRKDfWamMbxCXl-p3Ye8Mw-IfVaOI4ns3w==
x-cache-hits: 1

GET
H2 200 01hkzmzmwn2z80yweqfq.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3413,h_1919,x_204,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 316 B
1003 B 61ms
58ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_3413,h_1919,x_204,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hkzmzmwn2z80yweqfq.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9cb466b3cc0996bde7571ba1b80aba054021a3d04f299f522bd8eaf4f54165be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 14:31:46 GMT
via: 1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1305503
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hkzmzmwn2z80yweqfq.webp"
content-length: 316
x-served-by: cache-iad-kjyo7100176-IAD
last-modified: Sat, 13 Jan 2024 15:35:07 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=316,owidth=3840,oheight=1920,obytes=738945,ef=(1,13,17,23)
x-timer: S1705242707.788033,VS0,VE46
etag: "aa228c7df7af54e8c08a5056a48c572b"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: SNgVB1mtWBjmwOi50qCwUkoA-jzFZJb67kHiCxis2u0vfO3dzmYlJA==
x-cache-hits: 0

GET
H2 200 01hkz8ayh3yhaadsdz50.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2847,h_1601,x_531,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 292 B
980 B 61ms
58ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_2847,h_1601,x_531,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01hkz8ayh3yhaadsdz50.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 3cba253b7417701b683d483fe37831a5608118adb21d85b39d426661dd6656d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:49:10 GMT
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1448459
x-cache: Hit from cloudfront
content-disposition: inline; filename="01hkz8ayh3yhaadsdz50.webp"
content-length: 292
x-served-by: cache-iad-kjyo7100162-IAD
last-modified: Fri, 12 Jan 2024 22:37:41 GMT
server: CloudFront
surrogate-reporting: width=16,height=9,bytes=292,owidth=3840,oheight=1605,obytes=870582,ef=(1,13,17,23)
x-timer: S1705099751.558705,VS0,VE1
etag: "9174f4a510d8cc874377cdc0891d8d3c"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 6q66YyuFSpDIeoJ28VEbRBRR4589Lo46PuWilkjRVAOgPLuybqJqDA==
x-cache-hits: 1

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 149ms
22ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 70cbf7923ac2b920be7a8dc45b753ec055f3492eff5a3f41dfade6d1a0787907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:09 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 2320
x-amz-cf-pop: FRA60-P3
age: 708
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706545889
x-77-nzt: EgwBnJIhiAH3EAkAAAwBJRPCMQH3CgAAAA
x-accel-expires: @1706549489
x-77-age: 2330
x-cache-lb: HIT
last-modified: Fri, 26 Jan 2024 13:16:17 GMT
server: CDN77-Turbo
etag: W/"6441a129f20e9de75025d4c6af103039"
x-77-nzt-ray: f6587a1dc1566cabf1dbb765e7b6d41c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: y5yzB_FUjZtkfWhwt6g2QojmTgpWSHABei7tdiWl3c--VrKsZCVY1g==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X878ZPFT48&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d7bddca209ed98451676dd814159e31fac2096db2b57aabd183093f84da8970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 17:10:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b70b4de9c2e497721f9f77d5b7bda9bd2d3b035907330f1f980aa4cfe518cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 17:10:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 101ms
22ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4920
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Jan 2024 17:48:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 96ms
26ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 17:10:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: p90wNQkCUXd+dA29aPRnrVIKhffxXftLueEsnzjzYlzYIafNz9N99I9og76YbqVXkmdfy+L/WlUXIf5HobL80Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 voltaxFlyoutInjector.js Show response
app.fansided.com/scripts/ 3 KB
2 KB 116ms
28ms Script
application/javascript 2600:9000:214f:2800:1b:3a6c:1300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fansided.com/scripts/voltaxFlyoutInjector.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:3a6c:1300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7988bfa1e7bdefad6eee21d30705d6d27bf9aeff0076cc4a374f901a041a270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:36:29 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 19:50:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 2020
x-amz-server-side-encryption: AES256
etag: W/"a2f67de0591e15cae8cf6fd11cd7207d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ejBz3I1YxBX-YgWB_NfJS-M1k7UfSg6he8f7fGY19Yriv9YgCleudA==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
690 B 46ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600,700&display=swap

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

308346f9779bb3370a0d9ca8719ec7a179f5e599122a3714ac27c11938a9ea9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 17:00:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:10:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
744 B 45ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 17:10:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:10:09 GMT

GET
H2 200 images%2FGettyImages%2Fmmsport%2F385%2F01hmyq0jfb6f4t0kdvh3.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5000,h_2812,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/ 8 KB
8 KB 41ms
29ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_5000,h_2812,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/images%2FGettyImages%2Fmmsport%2F385%2F01hmyq0jfb6f4t0kdvh3.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6bf47d186ba36766527ab8f4274dcba86e7cd2b13a05b943b050929741f145cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:28:32 GMT
via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 67297
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="01hmyq0jfb6f4t0kdvh3.webp"
content-length: 7950
x-request-id: a8d4c52729b5867d8425f01c93e22f8c
x-served-by: cache-iad-kiad7000044-IAD
last-modified: Sun, 28 Jan 2024 21:50:02 GMT
server: CloudFront
surrogate-reporting: width=360,height=203,bytes=7950,owidth=5000,oheight=3246,obytes=2785147,ef=(1,13,17,23)
x-timer: S1706480912.114022,VS0,VE2
etag: "90ff782d975da2346762ec138a4d75e1"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: sak5htU4dSWkSHpYE8hAu683ccP_iiFBX2ogdsK-17yIx7VdBvwslw==
x-cache-hits: 1

GET
H2 200 shape%2Fcover%2Fsport%2Fcrazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.jpg
images2.minutemediacdn.com/image/upload/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/ 12 KB
13 KB 40ms
28ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/shape%2Fcover%2Fsport%2Fcrazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 102a6335011524a3bb83f5c011ece0b0ff203ab32d7c02a5cba5cd61e4bd6b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:22:18 GMT
via: 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 344871
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="crazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.webp"
content-length: 12060
x-request-id: 9c00331ff6f9fe6f51c9fe774f796b35
x-served-by: cache-lga21934-LGA
last-modified: Wed, 24 Jan 2024 21:43:54 GMT
server: CloudFront
surrogate-reporting: width=360,height=203,bytes=12060,owidth=480,oheight=360,obytes=35006,ef=(1,13,17,23)
x-timer: S1706203338.353177,VS0,VE2
etag: "d2c6a974e5b47bcdd57972ccbba43d31"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ifreSFzygRmmkfKYWTEk1FQV6IE2lNqUU2AhF_jaYr3IvMNTNKNljQ==
x-cache-hits: 1

GET
H2 200 shape%2Fcover%2Fsport%2Fhouse_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.jpg
images2.minutemediacdn.com/image/upload/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/ 4 KB
5 KB 34ms
23ms Image
image/webp 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/shape%2Fcover%2Fsport%2Fhouse_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0d382c6584603efd2331746434b9acdbb170168ad8af9f214342cdd229d7ce72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 18:03:38 GMT
via: 1.1 dbd1543e724393accac6fa465477c430.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 255991
x-cache: Hit from cloudfront
status: 200 OK
content-disposition: inline; filename="house_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.webp"
content-length: 4048
x-request-id: a98819d78b902d90f0aaa47d801e7fad
x-served-by: cache-iad-kjyo7100148-IAD
last-modified: Fri, 26 Jan 2024 15:11:36 GMT
server: CloudFront
surrogate-reporting: width=360,height=203,bytes=4048,owidth=480,oheight=360,obytes=14187,ef=(1,13,17,23)
x-timer: S1706292218.464702,VS0,VE1
etag: "117fff10e5f109b6e88249b91c0b07ce"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Kz421ePGfD_E7DHTinujU7jw-EyvOeCvbh9iYHgBBtOkckQGrKaVmw==
x-cache-hits: 1

GET
H2 200 images%2FImageExchange%2Fmmsport%2F385%2F01hn3sdefaf8333nx8vy.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1600,h_900,x_0,y_109/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/ 21 KB
21 KB 40ms
31ms Image
image/jpeg 2600:9000:225e:de00:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/c_crop,w_1600,h_900,x_0,y_109/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/images%2FImageExchange%2Fmmsport%2F385%2F01hn3sdefaf8333nx8vy.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:de00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 17c458e189926a3a8236cb84e000a28e7f7acf5c40121fcd2c13f6f802ed19bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 05:09:22 GMT
via: 1.1 a7c7e4aa6d7cf400aa51dc847716996e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 43247
x-cache: Hit from cloudfront
status: 200 OK
content-length: 21163
x-request-id: 3e8442b4ce36e0256d14d170edb9715f
x-served-by: cache-lga21978-LGA
last-modified: Sun, 28 Jan 2024 17:26:58 GMT
server: CloudFront
surrogate-reporting: width=360,height=203,bytes=21163,owidth=1600,oheight=1039,obytes=1682761,ef=(1,13,17,23)
x-timer: S1706504962.262881,VS0,VE2
etag: "d052d1829aabeda50c1dfdf82dd3721c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=31560000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: E44Yk4ngdO_HdaeFzIGih9jVSKxGl2PhXkrYscUUlgjryYl04XP1Ww==
x-cache-hits: 1

GET
H3 200 ui-gdpr-en-web.dd20666fb8c871080b1834da88c143647b75e56e.js Show response
sdk.privacy-center.org/sdk/dd20666fb8c871080b1834da88c143647b75e56e/modern/ 263 KB
54 KB 25ms
24ms Script
application/javascript 2600:9000:2251:9e00:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/dd20666fb8c871080b1834da88c143647b75e56e/modern/ui-gdpr-en-web.dd20666fb8c871080b1834da88c143647b75e56e.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2251:9e00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14d76e96151645aee2d48acf0d006d5316a3100c53be9d11a44bd6c3983a7409

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:18:51 GMT
content-encoding: br
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 15:18:22 GMT
server: AmazonS3
age: 6679
x-amz-cf-pop: FRA60-P3
etag: W/"6421ff5933df66ab428845d584c50f49-1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6Sserbk-WvPUJUMEH29G16rI1E1wNmYHMMGFhVSwMAwnupbbWsXwoA==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 603365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 17:34:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:28:52 GMT
x-content-type-options: nosniff
age: 495677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:28:52 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 103ms
44ms XHR
application/javascript 18.165.187.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.187.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-187-137.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:43 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 099d4ba9ace3ae96fa2a16ccfeeac6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 28227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 5eqwSPObjYlnNhcu_RlxKHmeZz4HJoYTr4PeV6lhyn3hUoKSEHO6lA==

GET
H2 200 4333.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 3 KB
2 KB 24ms
23ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/4333.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c854d9b1a3902fffc3a57e5e51e7664a2c4e1c6855172fd8545754f346070e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 19:34:19 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 09:23:23 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 5348151
etag: W/"fc8798015d83993986c507256fa3929a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 700N0aTHtzJAe8N0L_lHlIaXqtt9-_OvFuKn6Z1ETb6dz7ByuBP6tA==

GET
H2 200 3659.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 3 KB
2 KB 24ms
23ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/3659.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a27133373642419fbe564153aee06aad0321f33b78c0db10b176bdd5367c8187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:15:46 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Tue, 05 Sep 2023 10:02:19 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 12023664
etag: W/"9b4629989d261f80f6ea1a672d584b1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: T0NkJb8Pp1414mgFx7yeSWOmYrzclpH9vFC1vAYDIajPySCPDTsa1g==

GET
H2 200 5556.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 15 KB
6 KB 25ms
24ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/5556.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 83f0b33fac9a2b4f332d016b082309df1200d73798a5abe37dc73be96c34f029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 06:47:14 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Tue, 05 Sep 2023 10:02:22 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 11701376
etag: W/"bfaa0c49d6316b237a400e8ecbb6d1d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M8MK_3hD57-q5rVmjRGoJV8QpLwTSvGduBP3t0FiQGCQZFHgT1XkNg==

GET
H2 200 565.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 3 KB
2 KB 25ms
25ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/565.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2b8fb20621f42a98899240e96fd19beeb00a321510c59e48661e6d3ade1afd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 07:44:13 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:07 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 1848357
etag: W/"cd96b3fc5b1a8955b3e22162c8aa5d3e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: oiQy2n2cEXGpkM1IrcC2MmtHV07NebmTW9CBbRQ30pziF4PTsKGuHw==

GET
H2 200 6009.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 3 KB
2 KB 26ms
25ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/6009.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: bd22f4b69edca909b2645b55f55b04823c0529a443f73c5c725b4b9dd1dd1041

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 03:07:51 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 30 Oct 2023 14:42:02 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 7740139
etag: W/"ae12b92b18da95b8f23353558130ab5c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2rUGxux9j2J8-azfTg81_4bAC3xqKMkxtoibLj1Y3SwtE9IUaTBrLw==

GET
H2 200 9448.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 5 KB
3 KB 28ms
25ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/9448.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 40b6d86a57ee430ca32b26841a74d899c80cfb73cd58f4b38513f0e85d131517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:13 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 1815963
etag: W/"774298623cd6a0c2e0ee6da56d8031f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9fHCCpJdREdNxIE1fzQnnInHg8NntsYmtTu0d1-5uPR6gzm7Nt29Kw==

GET
H2 200 3032.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 948 B
1 KB 28ms
25ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/3032.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ec53504a081dddd77f08540d6ee595c1a17fdc8da1babb70113d896d314f73a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 06:53:14 GMT
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 11960215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Tue, 05 Sep 2023 10:02:18 GMT
server: CloudFront
etag: "dc6ce230a13c8f9593f6ebcca14c702a"
vary: Origin
content-type: text/javascript
cache-control: max-age: 31536000
accept-ranges: bytes
x-amz-cf-id: xRzY8b-wr1zF5kRMKJwsuLmlOqsJzMfES4YJVM06m9xFa7PwUFqrhg==

GET
H2 200 4121.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 2 KB
1 KB 28ms
26ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/4121.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b2307a02d64df748d32d7f7b31c3851c04e114ee3c0bfc4ed0e88a8104d8204c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:00:59 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:04 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 1822151
etag: W/"8801e6685775693dba7d40c9ae1cc993"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HKfzVKdvPsCj3HiyDRr8MJHkEvi8RsKWITn0b31LGaJ8oqH1NPLexg==

GET
H2 200 1907.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 639 B
1 KB 28ms
27ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/1907.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 4ef45c7f3897b18faaf0a46b27fa7796af7980545714c03172adf7cb6bc872ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:02:24 GMT
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 5256466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 639
last-modified: Thu, 23 Nov 2023 09:23:18 GMT
server: CloudFront
etag: "71c2344e10b88a9d8b6ea089fbe7612e"
vary: Origin
content-type: text/javascript
cache-control: max-age: 31536000
accept-ranges: bytes
x-amz-cf-id: a2JAE53Gcqa84HD1G9Nl0PcNkF0UalE2nR4PdXTMbrGT13k_FIcqiw==

GET
H2 200 1253.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 18 KB
7 KB 29ms
27ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/1253.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2c6692f2f1c0b1e3e074d2bb63d96d0111b25753c193afbb518cf8799e4e5842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:55:58 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 1815963
etag: W/"27f523dffda3503282a515bb630e6176"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: R5kU7sVsiotkFkE7NVBrVtGeXtUlkoe76EoyFVvOpscc39gRRcglbg==

GET
H2 200 8973.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 6 KB
3 KB 44ms
43ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/8973.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 199adf6f32f9d20c2b91ae4581755c524a3b43cc7f6d4e64e7679e6acc5cb463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:52:06 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:12 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 2355484
etag: W/"44bed50a7a637c19d25d15d3b9d1e513"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: L58KUtO62UcPYCzLPGqrIgyTTdDoT8RthYN6LcQcSkJQS6V108bm8Q==

GET
H2 200 6118.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 4 KB
2 KB 44ms
43ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/6118.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 209a9189d4323a4a0947b5b7c31d6b9f54927c60a87334dcae7124c8d876815a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 15:56:23 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:08 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 1732426
etag: W/"86690e29611f8f82e39af22702552e83"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hpR2VJJ8AAX8lmMqBk5UMUrpHexIFd2fMICHXnVKxHdiyy5ibNSrLA==

GET
H2 200 8691.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 7 KB
3 KB 45ms
44ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/8691.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5a3b1afa85c39480d2e9493b2de9c3cb3f51d1eab5bd9b5b307bd9afeb353fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:12 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P2
age: 1815963
etag: W/"69dd818a9ac9f96f24e40bb2875e6eeb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CsQK1SSNXTdhUTu4OZ1dx5s05_KqBMachaQowcXGBZ7SMK44ls-GSw==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 386 KB
80 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRHP5BL&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bc5e0090105dc46b8d3a6c6cd53f5a3d116c235a6c6aa7c15d9e2fac0e718ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82141
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 17:10:09 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
62 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCL98KW&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5dd3ace5af51ce2e5094836a73f97bbf8f34fe17b019213a72ba9270f86ad26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63431
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 17:10:09 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
52 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M773ZX2&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28c236fa3a7af000415ccbb55affadadab2e87f4ab5a95e3839aa4eac0d5d689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53483
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 17:10:09 GMT

POST
H2 200 impressions
promotions.minutemediaservices.com/ 0
0 564ms
466ms Ping
application/json 2600:9000:2251:7000:1:4290:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.minutemediaservices.com/impressions
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7000:1:4290:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 /
bqstreamer.com/tr/ 0
278 B 229ms
148ms Ping
text/html 2606:4700:20::681a:267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bqstreamer.com/tr/
Requested by: Host: cdn.wazimo.com
URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/min/?static=true&v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVzFsXG2ORZ6TshWYDzsqhRXDYnFIHZ%2FKx1SipLtKzn%2FhoDuZnU3lsSuvvMyfTpwjhjZdRqkpB3xym3cX%2F6hnGO7aDlCHdaqWf3XrC5GSq7bvLrSjb9PV%2FzPnSOYCfVt8GouZmE7w2vsziNA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 84d31647aeef902a-FRA

POST
H2 200 /
bqstreamer.com/tr/ 0
437 B 227ms
148ms Ping
text/html 2606:4700:20::681a:267
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bqstreamer.com/tr/
Requested by: Host: cdn.wazimo.com
URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/min/?static=true&v=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 29 Jan 2024 17:10:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq%2BYEOUGLvlMudyCtmjaPouiPGGBDoV3APyp49rmQ8PK1KGoelkQSe3U6oEYlakrvvew7PNbx8q646kf6Culfw5SPB0gjIWDKxRxmzBu1Tz0O7Tu8O%2Bk3nUwN8F%2BUvIjDGyBul63OCKwJtZ3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 84d31647aef0902a-FRA

GET
H3 200 li_direct_list.json Show response
cdn.mmctsvc.com/engine/static/monetization/ 49 KB
5 KB 72ms
72ms XHR
application/json 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/engine/static/monetization/li_direct_list.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 90d13c638b11d741c8197eea563a67ab100361956cecaf2e41b615fae56a5c65

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 07:30:33 GMT
content-encoding: br
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 34777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 07:30:31 GMT
server: CloudFront
etag: W/"ba7a69525ee784882fbba6681e3f05be"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 31536000
x-amz-cf-id: ZvJWESxpz1aOMFIMB4p-0_fLi5pcvT9Yl9UeWQmE85TJek4Rblg-Pg==

GET
H3 200 a9_r.json Show response
cdn.mmctsvc.com/engine/static/monetization/ 12 KB
5 KB 47ms
47ms XHR
application/json 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/engine/static/monetization/a9_r.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b0542876f80a1be4694cc409de59fecece5150b4eb8ef806fec12c487e891fcc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 21:26:32 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1971818
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 09:33:11 GMT
server: CloudFront
etag: W/"a8779aef4d32acecc4f1c46843918251"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 31536000
x-amz-cf-id: JFwhP5sTPSjks52OQpHAkrQT629bx05mjTBfADgK4KdWcXLceXJTqA==

GET
H2 200 widget_app_base_1706274798459.js Show response
cdn.userway.org/widgetapp/2024-01-26-13-13-18/ 139 KB
41 KB 93ms
44ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/widget_app_base_1706274798459.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5a732456d5f5c7c70e756525d6ad42c374b79283e28093eea8ebb409b1259a4f

Request headers

Referer: https://winteriscoming.net/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:09 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 272385
x-amz-cf-pop: FRA60-P3
age: 710
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706275824
x-77-nzt: EgwBnJIhiAH3ASgEAAwBJRPCLgH3BQAAAA
x-accel-expires: @1732195819
x-77-age: 272390
x-cache-lb: HIT
last-modified: Fri, 26 Jan 2024 13:16:11 GMT
server: CDN77-Turbo
etag: W/"94ec2b1cc51a2713ebd4c966afe68a24"
x-77-nzt-ray: f6587a1d2763feb5f1dbb76560680c34
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: XYw92OxrmFYp4wHBUNLfjv_SCFHgzT5rIli3FzJkTf3bGmnZz1qFrg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 30ms
30ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1965254590&t=pageview&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&ul=en-us&de=UTF-8&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABEAAAAC~&jid=27284221&gjid=2060130588&cid=674550167.1706548210&tid=UA-6383965-2&_gid=43548458.1706548210&_r=1&_slc=1&gtm=45He41o0n71TCW5HWv72382166&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&z=1410756610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 31ms
30ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1965254590&t=pageview&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAACACIC~&jid=811499076&gjid=532236982&cid=674550167.1706548210&tid=UA-1577313-14&_gid=43548458.1706548210&_r=1&_slc=1&gtm=45He41o0n71TCW5HWv72382166&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cg1=HomePage&cd5=ENTERTAINMENT&cd11=Winter%20is%20Coming&cd13=385&cd18=&cd19=&cd20=&cd23=en&cd24=en&cd27=HomePage&cd30=web&cd33=none%2C&cd40=458765590176886965775069614557&cd61=1&cd62=monetisedPageview&cd63=Direct&cd64=&cd65=&cd86=0&cd93=GTM%20data%20ready%20to%20GA&cd115=0&cd116=0&cd117=1&cd129=none&cd132=DE-none&cd133=iuWCD6YMca8jc8zn&cd134=iuWCD6YMca8jc8zn&cd135=458765590176886965775069614557&z=1653667435

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c5ff5f666f0353e942b75cb4e0122d59159f9f6070cf0d2bb510e9e2fa446470

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 24ms
23ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1965254590&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=v3-1706548209162-2068657397647&ev=1338&_u=aEDAAEABEAAAACACICC~&jid=&gjid=&cid=674550167.1706548210&tid=UA-1577313-14&_gid=43548458.1706548210&gtm=45He41o0n71TCW5HWv72382166&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cg1=HomePage&cd40=458765590176886965775069614557&cd93=GTM%20event%20To%20GA&cd132=DE-none&cd133=iuWCD6YMca8jc8zn&cd134=iuWCD6YMca8jc8zn&cd135=458765590176886965775069614557&cd66=23&cd67=23&z=2139455141

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 18:06:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83023
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 739763452834773 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/739763452834773?v=2.9.143&r=stable&domain=winteriscoming.net&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

822d3d3a1fdbc0e7d197ce2865586633869b4e6357c992f6f996f111834d2089

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 17:10:09 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11031
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: HUd7VjzbpV1T5pUx7BtMyCoNW9MKzCgKHgX7UuzSn15JsxcVfbNMSd7aZmjI6pRhKlVrv+Z8psGmhkrjBWpF4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 82ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=45je41o0v881192982z872382166&_p=1706548208518&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&ul=en&cid=674550167.1706548210&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&dr=&sid=1706548209&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.sample_rate=100&ep.page_type=HomePage&ep.distribution_channels=none%2C&ep.anonimized=true&ep.traffic_source_to_DFP=Direct&ep.traffic_id_to_dfp=&ep.affiliate_id_hit=&ep.is_article_infinite_scroll_page=false&epn.number_of_article_on_page=1&ep.player_ownership=O%26O&ep.experiment_version_hit=&ep.maxmind_geo_detected_hit=DE&epn.unique_event_id_hit=23&ep.post_fs_site_id=385&ep.post_vertical=ENTERTAINMENT&ep.anonymizeIp=true&ep.cookieFlags=samesite%3Dnone%3Bsecure&ep.platform=desktop&up.affiliate_id_user=&up.experiment_version_user=&up.property=Winter%20is%20Coming&tfd=2433
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 42ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X878ZPFT48&gtm=45je41o0v894323542z872382166&_p=1706548208518&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&ul=en&cid=674550167.1706548210&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&dr=&sid=1706548209&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.sample_rate=100&ep.page_type=HomePage&ep.distribution_channels=none%2C&ep.anonimized=true&ep.traffic_source_to_DFP=Direct&ep.traffic_id_to_dfp=&ep.affiliate_id_hit=&ep.is_article_infinite_scroll_page=false&epn.number_of_article_on_page=1&ep.player_ownership=O%26O&ep.experiment_version_hit=&ep.maxmind_geo_detected_hit=DE&epn.unique_event_id_hit=23&ep.post_fs_site_id=385&ep.post_vertical=ENTERTAINMENT&ep.anonymizeIp=true&ep.cookieFlags=samesite%3Dnone%3Bsecure&ep.platform=desktop&ep.user_is_connected=no%20attempt&ep.article_template=none&ep.inarticle_links_number=0&ep.inarticle_links=none&ep.advertiser_id=0&ep.previous_page_traffic_source_to_dfp=none&ep.is_slideshow=false&ep.finite_scroll_data_exists=false&ep.mm_user_identifier=458765590176886965775069614557&ep.agnostic_creative_id=0&up.affiliate_id_user=&up.experiment_version_user=&up.property=Winter%20is%20Coming&up.mmUserID=458765590176886965775069614557&tfd=2476
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X878ZPFT48&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 95ms
32ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6383965-2&cid=674550167.1706548210&jid=27284221&gjid=2060130588&_gid=43548458.1706548210&_u=aEBAAAAAEAAAAC~&z=1721946427

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 29 Jan 2024 17:10:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 94ms
31ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1577313-14&cid=674550167.1706548210&jid=811499076&gjid=532236982&_gid=43548458.1706548210&_u=aEDAAEABEAAAACACIC~&z=1073109792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 29 Jan 2024 17:10:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
87 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VJ6NN73G7G&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3db8449bf164fc3838b4d1b6038f9944a10b841bebdf6f0c332bc9cc2cc85126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88558
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 17:10:10 GMT

POST
H2 200 p0xG3SZhEr Show response
api.userway.org/api/tunings/ 2 KB
3 KB 540ms
176ms XHR
application/json 2600:1f14:5db:eb00:9b05:4c3d:7cad:ec0e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/p0xG3SZhEr
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/widget_app_base_1706274798459.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9b05:4c3d:7cad:ec0e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f69cc018332ab81855ec153ad1fd599ba2f36fe406faf649dee61d3f91264fee

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
etag: W/"997-w6+maRFvjQsmlXA6YmwfM8Gh5mE"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr8856f1a25973443
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2455
x-service-version: uw-pr

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 107ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=739763452834773&ev=PageView&dl=https%3A%2F%2Fwinteriscoming.net%2F&rl=&if=false&ts=1706548210120&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706548210119.526279946&ler=empty&cdl=API_unavailable&it=1706548209900&coo=false&exp=d1&rqm=GET

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 29 Jan 2024 17:10:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 2390.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 22 KB
8 KB 26ms
25ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/2390.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0c1fa34c904bff1fd2781301089ebfae8e8190e1ff8c48f2770ba7b61cf96d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:00 GMT
server: CloudFront
age: 1815964
x-amz-cf-pop: FRA56-P2
etag: W/"dfa409452d546fa0a5e8fb9d188e47d5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7LqS_hwXbKu6_KKX1UOWqKJ2CQ-Bn1z5folP96l-jseXU2UunvqvXw==

GET
H3 200 2027.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 392 B
738 B 26ms
25ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/2027.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 60d108fd16c0e659f36428e731702211e2464f7bb3ef4d2116386ba349573464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 02:21:24 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 4373327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 392
last-modified: Sun, 03 Dec 2023 14:05:56 GMT
server: CloudFront
etag: "a2fe37644cd349208eddd4249867f424"
vary: Origin
content-type: text/javascript
cache-control: max-age: 31536000
accept-ranges: bytes
x-amz-cf-id: ZXNq15Iqq4OtnvQIlwPXHiJ5iD5T9KOqwzPNH-OnaNGW-xaJeKOUyQ==

GET
H3 200 2881.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 17 KB
7 KB 27ms
26ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/2881.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ecc6586c8d4d7929773065525e45fe135c4f448efb38f73c485a42cb467b116e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:30:37 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:02 GMT
server: CloudFront
age: 1175974
x-amz-cf-pop: FRA56-P2
etag: W/"a2e203c302a19beec2a1ce5b5d450190"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gRU3dCLbb0rGAb_mVytRDEwyWUgZF25uBK0qlIFDTRRJ4jSj-3pbsA==

GET
H3 200 270.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 5 KB
3 KB 26ms
26ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/270.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 8975f6dfbac6114e91798c20ce7896f4c6283dc63389d351324dac6e60134fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:28:04 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:01 GMT
server: CloudFront
age: 1928527
x-amz-cf-pop: FRA56-P2
etag: W/"ecb2013dbd39f4557bc6583e63f80a9f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5Hcjo-V70y16kDqVmHZH2TPYswIkso7zrgzA6iDzdhIGhs-sIzFypQ==

GET
H3 200 9064.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 7 KB
3 KB 28ms
28ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/9064.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a2108f489bb9c0da0a06e88301ca0e7b280bb7c15ac5db1d8b759fd7481c4158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:02:29 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 09:23:32 GMT
server: CloudFront
age: 5256462
x-amz-cf-pop: FRA56-P2
etag: W/"5574ea67457b1b847677fff5de99570c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Bw7OVmeyWYS7iREOpMy7tskeXCmDCJ_eUVTFAU3NZnlfs5pRLpNxjw==

GET
H3 200 9148.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 23 KB
9 KB 27ms
27ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/9148.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 11329ace96cb54c627870382b8ec2b7157a6cae2cb5d0096774b312e4371544f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:55:36 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Wed, 11 Oct 2023 08:38:21 GMT
server: CloudFront
age: 7920875
x-amz-cf-pop: FRA56-P2
etag: W/"5c7f89caf525236893ecccddd2c10b96"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -8OiH53nrlk0dKc0I-kII8TXjt3j9oONVZmRtjELrOXaYlkngJPWDw==

GET
H3 200 3238.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 7 KB
3 KB 28ms
27ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/3238.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5b69c7452da4976f57b449e012ff2e65f2ba4d711da86c35b6c95e825495a9a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:02 GMT
server: CloudFront
age: 1815964
x-amz-cf-pop: FRA56-P2
etag: W/"b4044a0e001c2081a98d2a047dc716d2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: b5_mOUkXvrDe5FAIJF59w1J9zZPck0Fwdy3vze3VKqdBp7t8Eqorjg==

GET
H3 200 9222.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 10 KB
5 KB 28ms
28ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/9222.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f120c7ab79e6c17fa4c5871d6f4f4b2de849386a5c0a5f5cfde3892015d48f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 12:55:38 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Thu, 28 Sep 2023 15:02:48 GMT
server: CloudFront
age: 10124072
x-amz-cf-pop: FRA56-P2
etag: W/"2c2284cc19e294b86fd4683ab2c1bf8a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: x-0icWoHT21cKS8Q0Q74VHLYLsExnzagLnCjRxXlAuTm2F0bKGWKeg==

GET
H3 200 1262.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 16 KB
5 KB 28ms
28ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/1262.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e480602ef2fa76a727259c719370562228b97d2a63ef709f84b437e375211ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:55:58 GMT
server: CloudFront
age: 1815964
x-amz-cf-pop: FRA56-P2
etag: W/"5e65411a54d4e7b7d3f3b9bd75ca59eb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0-A_jk1j-wKrr6M7NAqCvK43yNSvPi0-b58gM6993mPS-9zRZEi5qA==

GET
H3 200 4005.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 16 KB
6 KB 31ms
30ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/4005.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 48df6accf729c3536ba19765ea02f233ce664c2427f611a0749f65d4380b4453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:02:28 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 09:23:22 GMT
server: CloudFront
age: 5256462
x-amz-cf-pop: FRA56-P2
etag: W/"637fe0fc659ad5afc2adc30a8fde731c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: --aUreyXA8YRDkkjwu4fS6oQ-HTkPnBwtn8GvO93-YlI6gGAgsAxVg==

GET
H3 200 6162.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 5 KB
2 KB 30ms
29ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/6162.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: bde3732d015017f2fac553399000cd1a1906ed4043dbe45f477346d78664372c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 19:34:02 GMT
content-encoding: br
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 09:23:27 GMT
server: CloudFront
age: 5348169
x-amz-cf-pop: FRA56-P2
etag: W/"bd7352f7a338fbbeefa81f278785eb77"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wSlqIRF9L7mgWRpcbJfNlqpsRzOOgTRK_wWTIgSs4sQtHjuszUJ-FA==

GET
H3 200 5909.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 6 KB
3 KB 30ms
29ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/5909.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e09e3ff6d4adbe08d4c449e7eab9b862070284d27421954681e90354a7f588d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:08 GMT
server: CloudFront
age: 1815964
x-amz-cf-pop: FRA56-P2
etag: W/"ecec1d0899113d6f0aad01dd01df5053"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6noNwJlGmsNS-lDpXHifV7PUFiQOGhA_jFEqZFKxpx9Y2tY6Qy7EEQ==

GET
H3 200 9528.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 23 KB
8 KB 33ms
30ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/9528.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 17c85a1f8396f689136e12698bd9f8c2ddb940c2508c402a42e6208f11738b4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:44:07 GMT
content-encoding: br
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:13 GMT
server: CloudFront
age: 1815964
x-amz-cf-pop: FRA56-P2
etag: W/"ad62d10fdf030d1884e44153e4f0bad1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0QBMMtL0rfXdPsn7lC0ZiNDzEIKkiDIJVLmNr9UR2w7LlgEvpzD5pw==

GET
H3 200 2627.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 6 KB
3 KB 31ms
28ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/2627.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: badf0148bc89c391d08d4a3781ffee2b33439bc2435ca9b3fcd1f467879c6822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:01:00 GMT
content-encoding: br
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:01 GMT
server: CloudFront
age: 1822151
x-amz-cf-pop: FRA56-P2
etag: W/"760a29e426a8ce02bce2df7a9689263a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7Ycu3ceENRS1_ozU2zTy8FO0YqIGhTnP0UssgvFszwqeoJbfn8_ikA==

GET
H3 200 3990.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 9 KB
4 KB 31ms
30ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/3990.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 8ece35524c1beb8ab51f49951fdb55b9742f741c8951e54a9bbf9a455aa337c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:23:23 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 14:56:03 GMT
server: CloudFront
age: 1903608
x-amz-cf-pop: FRA56-P2
etag: W/"a10a53cbc243a2b22d0876c5ec5f487d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8A4IB4Kw2c0tvz0KvQiPCFcWkvK_VobNYjEN7eoTOcflDGp2Z7OiRQ==

GET
H3 200 9331.index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 5 KB
2 KB 29ms
28ms Script
text/javascript 2600:9000:223c:2a00:19:4ac0:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/9331.index.non-platform.prod.latest.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:223c:2a00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0d93059ce7beccbbdd3bf6474a4781566dc0e6dadfc677bb762ff126ff90444e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:55:36 GMT
content-encoding: gzip
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Wed, 11 Oct 2023 08:38:21 GMT
server: CloudFront
age: 7920875
x-amz-cf-pop: FRA56-P2
etag: W/"389439d3976345d3ff705f6b635adba3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MXFcy18qZmXtjQ7dvtWxQrN8QrfRIT5JmfYV_CH6I_spowjYibkq7A==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 111ms
57ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1577313-14&cid=674550167.1706548210&jid=811499076&_u=aEDAAEABEAAAACACIC~&z=745333784

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 112ms
57ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1577313-14&cid=674550167.1706548210&jid=811499076&_u=aEDAAEABEAAAACACIC~&z=745333784

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 32ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VJ6NN73G7G&gtm=45je41o0v9175492087&_p=1706548208518&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&tcfd=10001&ul=en-us&sr=1600x1200&cid=674550167.1706548210&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dp=%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&sid=1706548210&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_content_group_1=HomePage&ep.ua_dimension_5=ENTERTAINMENT&ep.ua_dimension_11=Winter%20is%20Coming&ep.ua_dimension_13=385&ep.ua_dimension_23=en&ep.ua_dimension_24=en&ep.ua_dimension_27=HomePage&ep.ua_dimension_30=web&ep.ua_dimension_33=none%2C&ep.ua_dimension_40=458765590176886965775069614557&ep.ua_dimension_61=1&ep.ua_dimension_62=monetisedPageview&ep.ua_dimension_63=Direct&ep.ua_dimension_86=0&ep.ua_dimension_93=GTM%20data%20ready%20to%20GA&ep.ua_dimension_115=0&ep.ua_dimension_116=0&ep.ua_dimension_117=1&ep.ua_dimension_129=none&ep.ua_dimension_132=DE-none&ep.ua_dimension_133=iuWCD6YMca8jc8zn&ep.ua_dimension_134=iuWCD6YMca8jc8zn&ep.ua_dimension_135=458765590176886965775069614557&tfd=2727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ6NN73G7G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 32ms
31ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VJ6NN73G7G&cid=674550167.1706548210&gtm=45je41o0v9175492087&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ6NN73G7G&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 69ms
68ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VJ6NN73G7G&cid=674550167.1706548210&gtm=45je41o0v9175492087&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=945687670

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fec2dabcd9153b1275fd863c071233108d5deab3018a096af387c3d01fac0ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29823
x-xss-protection: 0
server: cafe
etag: 945 / 19751 / m202401230101 / config-hash: 10961985379633005465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:10:10 GMT

GET
H2 200 apstag.js Show response
c.aps.amazon-adsystem.com/ 293 KB
65 KB 97ms
22ms Script
application/javascript 13.32.27.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.aps.amazon-adsystem.com/apstag.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53e03fd7b211f76a1a15aa18de0ae9d96555abbcf58ada35a17b681d8b2407f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:54:52 GMT
content-encoding: br
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-version-id: N39g1S9f4mF7Hpl7kiLDkoWkWkzsU0NL
x-amz-cf-pop: FRA56-C2
age: 919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 Jan 2024 10:03:00 GMT
server: AmazonS3
etag: W/"1daf93a0dce7e503444473a8d8d7cea1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: hHmNd1z_H2owywPmpPvt3d8bIhBBklceb7uArzNsw0NoOHuKhIUyaA==

GET
H2 200 3777 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
799 B 91ms
23ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3777
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: e79282db5d92a47470a5e2bb20f5212cf8997c8013d7cca841be890d798c1ef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:51:33 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1117
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: NEJNG6vSMTQWhUoTaImpIpUVfxajJoDr_VNy5qmwFRULN3toLydP9Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
4 KB 40ms
40ms XHR
application/json 18.165.187.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2Fwinteriscoming.net
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.187.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-187-137.zrh55.r.cloudfront.net
Software: Server /
Resource Hash: 67b5c473e8698e645a7286e32f502549a61b2563785d6adcea0d7b10bc6acd7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 14:20:10 GMT
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH55-P1
age: 10200
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winteriscoming.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3408
x-amz-cf-id: xkfZadLk2qJfyp-jJesIa2ECITP4inN1F4hc1XlXpa6TD6ehxjHP4A==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1965254590&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Commercial&ea=Commercial%20API%20Loaded&el=v3-1706548209162-2068657397647&ev=1338&_u=aEDAAEABEAAAACACICC~&jid=&gjid=&cid=674550167.1706548210&tid=UA-1577313-14&_gid=43548458.1706548210&gtm=45He41o0n71TCW5HWv72382166&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cg1=HomePage&cd40=458765590176886965775069614557&cd93=GTM%20event%20To%20GA&cd126=01hdenqks50a643ea0&cd127=FS%20MFA%20Generic%20Desktop&cd132=DE-NA&cd133=iuWCD6YMca8jc8zn&cd134=iuWCD6YMca8jc8zn&cd135=458765590176886965775069614557&cd66=190&cd67=190&z=815198176

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 00:03:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61591
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 152ms
49ms Script
text/javascript 3.160.188.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.188.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-47.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: gzip
via: 1.1 8db38b2985895531f24131b50e53541c.cloudfront.net (CloudFront)
date: Mon, 29 Jan 2024 03:57:55 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P5
age: 48609
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: DxY_p9KROZiaBC0H8LcWygl7I4q0v32qgjYTE587MBfq4d0KCyT3Bw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 88ms
25ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 02:12:53 GMT
content-encoding: gzip
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 53837
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 7XsoOVvzOwpmtKtRWPxWW4dYD2e9kzTeOWUmaJby5bA9iyX1xKkDjg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 102ms
38ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwinteriscoming.net%2F&ref=&_it=amazon&partner_id=454
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 4264
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 84d3164bff342c2e-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 124ms
37ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Mon, 29 Jan 2024 17:25:10 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
337 B 163ms
47ms XHR
application/json 108.128.140.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.140.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-140-222.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 65b6263227a029d43b2fce4a8615a1abeaf7506ab2eb1b39407e27b452b6493b

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache
x-server: 10.45.29.222
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 103 B
293 B 126ms
125ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=winteriscoming.net&url=https://winteriscoming.net/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwinteriscoming.net%2F&ref=&_it=amazon&partner_id=454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5507ffe86bee952e2678ffe4dd71356b8e2e79d8be4c0a8d21716c125a37a705

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 84d3164da83491d7-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 222ms
132ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=winteriscoming.net&url=https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://winteriscoming.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 84d3164ccf7891d7-FRA
content-length: 0
content-type: application/json
date: Mon, 29 Jan 2024 17:10:10 GMT
debug: OPTIONS block
expires: Tue, 28 Jan 2025 17:10:10 GMT
server: cloudflare

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 41ms
40ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Mon, 29 Jan 2024 17:25:10 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-01-26-13-13-18/locales/ 501 B
962 B 24ms
23ms XHR
application/json 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/widget_app_base_1706274798459.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:10 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 272380
x-amz-cf-pop: FRA60-P3
age: 703
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706275830
x-77-nzt: EgwBnJIhiAH3/CcEAAwBJRPCMQH3DwAAAA
x-accel-expires: @1732195815
x-77-age: 272395
x-cache-lb: HIT
last-modified: Fri, 26 Jan 2024 13:16:10 GMT
server: CDN77-Turbo
etag: W/"27831556b168f3c27f0819652aac1fb5"
x-77-nzt-ray: f6587a1d2763feb5f2dbb76536df7b27
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: vS_JswV1oCHpVuMl5u1c6OxsfRwRC5YPJPHdWRWr1GLRhVv1UzI6cw==

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
608 B 107ms
23ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 02:00:29 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 54581
x-amzn-requestid: e0b9d030-fc62-4050-9dc5-64e1f5e2b53b
x-amzn-trace-id: Root=1-65b706bd-32bf19b3793cf9595b3221c3;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: SR39mGxlDoEEEhg=
content-length: 28
x-amz-cf-id: FjVjuJNKmo7s5wxWwIfqgPPuFB3xICiIk2LnLn-YYYc7_kz-VgUH0w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
465 B 171ms
39ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://winteriscoming.net
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Mon, 29 Jan 2024 17:40:10 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1965254590&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=v3-1706548209162-2188825333199&ev=981&_u=aEDAAEABEAAAACACICC~&jid=&gjid=&cid=674550167.1706548210&tid=UA-1577313-14&_gid=43548458.1706548210&gtm=45He41o0n71TCW5HWv72382166&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cg1=HomePage&cd40=458765590176886965775069614557&cd93=GTM%20event%20To%20GA&cd126=01hdenqks50a643ea0&cd127=FS%20MFA%20Generic%20Desktop&cd132=DE-NA&cd133=iuWCD6YMca8jc8zn&cd134=iuWCD6YMca8jc8zn&cd135=458765590176886965775069614557&cd66=224&cd67=224&z=607232620

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 00:03:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61591
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 37ms
37ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Mon, 29 Jan 2024 17:25:10 GMT

GET
H2 200 454 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 125ms
36ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/454?_it=amazon
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9915c6ca63b31a992c835fb5d7834b0d3f89a811840cf25902db7b6656be19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 17:08:02 GMT
server: cloudflare
age: 129
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 84d3164efec4bb95-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
400 B 146ms
57ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fwinteriscoming.net%2F&pid=v7PMx7PfAMI4p&cb=0&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22MM_DISPLAY_MANAGER_AD_STATIC-0_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22175840252%2Ffansided%2Fwinteriscoming.net%2Ftop%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdpre=1&gdprc=CP5JSkAP5JSkAAHABBENAkEgAAAAAEPgAAAAAAASNghQAKAAsAB0AFAAVAAuABwADwAIAAXAAyABoAD8AIgARwAmABQACkAFUALYAZgA0AB6AD8AIQARwAnABSgDDAGWANEAc8A7gDvAH7AQcBCACLAEYgI4AjoBJQCxAF1AOIAdQA7YB9gD_gI9ATIAo8BUoCwgFqALYAXQAvMBf4DBAGGgMWAZIAyoBpoDggHFgOPAjeBIoCRoAAAA.YAAACHwAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-253-136.fra60.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:10 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winteriscoming.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 8O47WhdJiNw-7n_BEpSkNvCuwUbEiKUU9VoykDycxxUro7R6I1RN4g==

GET
H2 200 remediation_1706274798459.js Show response
cdn.userway.org/widgetapp/2024-01-26-13-13-18/remediation/ 112 KB
30 KB 30ms
29ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/remediation/remediation_1706274798459.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/widget_app_base_1706274798459.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: deac975055b519499caf8dcced97ac094a19676d4c40c057d8064ca9ad5c9fee

Request headers

Referer: https://winteriscoming.net/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:11 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 272384
x-amz-cf-pop: FRA60-P3
age: 703
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706275827
x-77-nzt: EgwBnJIhiAH3ACgEAAwBisclwQH3DAAAAA
x-accel-expires: @1732195815
x-77-age: 272396
x-cache-lb: HIT
last-modified: Fri, 26 Jan 2024 13:16:11 GMT
server: CDN77-Turbo
etag: W/"f734bdc02b15ec12e55953cc49daa21f"
x-77-nzt-ray: f6587a1d2763feb5f3dbb765b4bf100a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: b2F-H3ALArG5YJXZiqIN0uAsI5_H0FEA6-o4E5JQ7LJna_HNQyZleg==

GET
H2 200 6ASe8Txsp1EW8bfj.json Show response
cdn.userway.org/remediations/consolidated/3505957/ 683 KB
134 KB 42ms
41ms XHR
application/json 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/3505957/6ASe8Txsp1EW8bfj.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/widget_app_base_1706274798459.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1b58162adc569a812658d258517207b7f475f6cd80ccaff60d55ad6c2a527420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:11 GMT
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706547746
x-77-nzt: EggBnJIhiAFBDAGKxyXBAffRAQAA
x-accel-expires: @1738083746
x-77-age: 465
x-cache-lb: MISS
last-modified: Mon, 29 Jan 2024 17:02:22 GMT
server: CDN77-Turbo
etag: W/"157b70d9ed8e3489787c6cccea35dd4d"
x-77-nzt-ray: f6587a1d2763feb5f3dbb765974a0d0a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: XKvZBDZB0alT4nN_NvwHKK3avNa28iER9PbGiuUVvTyIaktsiefSBw==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 24ms
23ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:11 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 272386
x-amz-cf-pop: FRA60-P3
age: 6
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706275825
x-77-nzt: EgwBnJIhiAH3AigEAAwBJRPCNAH3CgAAAA
x-accel-expires: @1732195815
x-77-age: 272396
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: f6587a1dc1566cabf3dbb7656b09ae0b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 5K5R-EeJPFhRXc-5nsF43Tyu358sNn-69CyKUPTrq89yCxaYp1YV7A==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:11 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 272387
x-amz-cf-pop: FRA60-P3
age: 8
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706275824
x-77-nzt: EgwBnJIhiAH3AygEAAwBJRPCLgH3BQAAAA
x-accel-expires: @1732195819
x-77-age: 272392
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: f6587a1dc1566cabf3dbb765b5bcb30b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: uBuljobXLzNM7-9WGHs43CZZbrfF3X8c_wKhlmtX5bYBZUhG8NayDg==

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/paid/ 49 KB
18 KB 26ms
25ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1706274798459
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/widget_app_base_1706274798459.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b8f9b0f28637041e05cd76c465d90599cb81e8845e4958b5da7517fda7e57982

Request headers

Referer: https://winteriscoming.net/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:11 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 272384
x-amz-cf-pop: FRA60-P3
age: 702
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706275827
x-77-nzt: EgwBnJIhiAH3ACgEAAwBisclwQH3DAAAAA
x-accel-expires: @1732195815
x-77-age: 272396
x-cache-lb: HIT
last-modified: Fri, 26 Jan 2024 13:16:16 GMT
server: CDN77-Turbo
etag: W/"fd1af69dd4c552316ce8fc439e082ffe"
x-77-nzt-ray: f6587a1d2763feb5f3dbb765bba74b0e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: gb45N5RG_Tyg3z7egl4i7q3yA0sijmvN0QgYzDY-r62qjkcM1pIxRg==

GET
H2 200 6ASe8Txsp1EW8bfj.json Show response
cdn.userway.org/remediations/consolidated/3505957/ 683 KB
134 KB 25ms
25ms Fetch
application/json 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/3505957/6ASe8Txsp1EW8bfj.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1706274798459
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1b58162adc569a812658d258517207b7f475f6cd80ccaff60d55ad6c2a527420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:11 GMT
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706547746
x-77-nzt: EggBnJIhiAFBDAGKxyXBAffRAQAA
x-accel-expires: @1738083746
x-77-age: 465
x-cache-lb: MISS
last-modified: Mon, 29 Jan 2024 17:02:22 GMT
server: CDN77-Turbo
etag: W/"157b70d9ed8e3489787c6cccea35dd4d"
x-77-nzt-ray: f6587a1d2763feb5f3dbb76523d51a10
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: XKvZBDZB0alT4nN_NvwHKK3avNa28iER9PbGiuUVvTyIaktsiefSBw==

GET
H2 200 nav_menu_helper_1706274798459.js Show response
cdn.userway.org/widgetapp/2024-01-26-13-13-18/remediation/ 23 KB
7 KB 25ms
24ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/remediation/nav_menu_helper_1706274798459.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-26-13-13-18/widget_app_base_1706274798459.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038

Request headers

Referer: https://winteriscoming.net/
Origin: https://winteriscoming.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:12 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 272381
x-amz-cf-pop: FRA60-P3
age: 705
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706275831
x-77-nzt: EgwBnJIhiAH3/ScEAAwBJRPCLgH3DAAAAA
x-accel-expires: @1732195819
x-77-age: 272393
x-cache-lb: HIT
last-modified: Fri, 26 Jan 2024 13:16:11 GMT
server: CDN77-Turbo
etag: W/"f270f813f648a284d50fe8f345c21bdc"
x-77-nzt-ray: f6587a1d2763feb5f4dbb7656ff36f0e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: PCspXCj4VH6tUFxnGtvEl2TVucWrxeJY1au4CFfWaU-wuywei1e31g==

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/wV1SYn5dYDbeX9BB/ 2 KB
1 KB 226ms
226ms Fetch
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/wV1SYn5dYDbeX9BB/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_1600%2Ch_900%2Cx_0%2Cy_109%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FImageExchange%252Fmmsport%252F385%252F01hn3sdefaf8333nx8vy.jpg%22%2C%22alt%22%3A%22Percy%20Jackson%20and%20the%20Olympians%20key%20art%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_3000%2Ch_1687%2Cx_0%2Cy_62%2Fc_fill%2Cw_720%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FImageExchange%252Fmmsport%252F385%252F01hnb12yqhrx8qfza334.jpg%22%2C%22alt%22%3A%22PERCY%20JACKSON%20%26%20THE%20OLYMPIANS%20-%20%5C%22Episode%20103%E2%80%9D%20(Disney%2FDavid%20Bukach)%20WALKER%20SCOBELL%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_5000%2Ch_2812%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F385%252F01hmyq0jfb6f4t0kdvh3.jpg%22%2C%22alt%22%3A%22InStyle%20EE%20Rising%20Star%20Party%20Ahead%20Of%20The%20EE%20BAFTAs%20At%20The%20Granary%20Square%20Brasserie%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fshape%252Fcover%252Fsport%252Fcrazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.jpg%22%2C%22alt%22%3A%22Crazy%20Rings%20of%20Power%20rumors%20%26%20the%20Hugo%20Award%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fshape%252Fcover%252Fsport%252Fhouse_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.jpg%22%2C%22alt%22%3A%22House%20of%20the%20dragon%7C%20King%20Viserys%20enters%20the%20throne%20room%F0%9F%90%89%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1706274798459
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0491376bd428bb97b0209c87e218ee61e40f54d78b1e39b57e673ba19baa1ed9

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:10:13 GMT
content-encoding: gzip
x-77-cache: MISS
x-service-version: img-dscr-srv-ca87f731
x-77-nzt: EggBw7WqEQFBCAHUZjgRAYE
x-accel-expires: @1707153013
x-cache-lb: MISS
server: CDN77-Turbo
etag: W/"664-vjjVGCZ1FAghZmiD7tigmVgLPqw"
x-77-nzt-ray: 4c1562242f866681f5dbb7659722c71a
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/wV1SYn5dYDbeX9BB/ Frame 0
0 602ms
491ms Preflight 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/wV1SYn5dYDbeX9BB/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_1600%2Ch_900%2Cx_0%2Cy_109%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FImageExchange%252Fmmsport%252F385%252F01hn3sdefaf8333nx8vy.jpg%22%2C%22alt%22%3A%22Percy%20Jackson%20and%20the%20Olympians%20key%20art%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_3000%2Ch_1687%2Cx_0%2Cy_62%2Fc_fill%2Cw_720%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FImageExchange%252Fmmsport%252F385%252F01hnb12yqhrx8qfza334.jpg%22%2C%22alt%22%3A%22PERCY%20JACKSON%20%26%20THE%20OLYMPIANS%20-%20%5C%22Episode%20103%E2%80%9D%20(Disney%2FDavid%20Bukach)%20WALKER%20SCOBELL%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_5000%2Ch_2812%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F385%252F01hmyq0jfb6f4t0kdvh3.jpg%22%2C%22alt%22%3A%22InStyle%20EE%20Rising%20Star%20Party%20Ahead%20Of%20The%20EE%20BAFTAs%20At%20The%20Granary%20Square%20Brasserie%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fshape%252Fcover%252Fsport%252Fcrazy_rings_of_power_rumors___the_hugo_award-5f88d1f3876114625d628a2962757326.jpg%22%2C%22alt%22%3A%22Crazy%20Rings%20of%20Power%20rumors%20%26%20the%20Hugo%20Award%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fshape%252Fcover%252Fsport%252Fhouse_of_the_dragon__king_viserys_enters_the_throne_room__-8976a5193ceadf0fa1c9c57e835a7fdf.jpg%22%2C%22alt%22%3A%22House%20of%20the%20dragon%7C%20King%20Viserys%20enters%20the%20throne%20room%F0%9F%90%89%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://winteriscoming.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Mon, 29 Jan 2024 17:10:13 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WqEQAACAHUZjgRAAA
x-77-nzt-ray: 4c1562242f866681f4dbb7650bcd0d39
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-ca87f731

GET
H2 200 loadMonitor.js Show response
cdn.wazimo.com/engine/common/widgets/mmlogger/ 561 B
674 B 30ms
30ms Script
application/javascript 2606:4700:20::681a:550
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/loadMonitor.js
Requested by: Host: cdn.wazimo.com
URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35507afa8f30bc00343eaca8c0f6cee6e2657bd90904d5b03f2c795a42b103ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:10:13 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 07 Aug 2022 08:27:19 GMT
server: cloudflare
age: 6690
cf-polished: origSize=652
etag: W/"62ef7767-28c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wruuGCiozej%2FD%2B0vSplCGxmSjhPy6Wa%2FK8FVfiNKy1YbNtjwKM%2Bg%2F04GZwacbFZtXV%2BntUENxiLFv2pzAf39vFEEZtqdkh2CGFWo5TOGRZd6gZBh9LD1Som%2BOXB7xnfT24Uj%2Fkk0cbj82iaI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84d316603c8b9ba1-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=45je41o0v881192982z872382166&_p=1706548208518&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&ul=en&cid=674550167.1706548210&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dl=%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&dr=&sid=1706548209&sct=1&seg=0&_s=2&tfd=7438
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 31ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VJ6NN73G7G&gtm=45je41o0v9175492087&_p=1706548208518&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&tcfd=10001&ul=en-us&sr=1600x1200&cid=674550167.1706548210&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&dl=https%3A%2F%2Fwinteriscoming.net%2F&dp=%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&sid=1706548210&sct=1&seg=0&_s=2&tfd=7744
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ6NN73G7G&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:10:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winteriscoming.net/	1970-01-20 18:12:33	Name: cityCode Value: NA
winteriscoming.net/	1970-01-20 18:12:33	Name: stateCode Value: NA
winteriscoming.net/	1970-01-20 18:12:33	Name: countryCode Value: DE
winteriscoming.net/	1970-01-20 18:02:30	Name: mm-session-id Value: iuWCD6YMca8jc8zn
winteriscoming.net/	1970-01-20 22:21:40	Name: mm-user-id Value: uPGz4y7hrjSYv10r
winteriscoming.net/	1969-12-31 23:59:59	Name: mm-session-interval Value: 71
winteriscoming.net/	1969-12-31 23:59:59	Name: mm-user-interval Value: 43
winteriscoming.net/	1970-01-20 18:02:30	Name: _wzmm.influencerId Value: "none"
winteriscoming.net/	1970-01-20 18:02:30	Name: _wzmm.session Value: "458765590176886965775069614557"
.winteriscoming.net/	1970-01-20 18:03:54	Name: _gid Value: GA1.2.43548458.1706548210
.winteriscoming.net/	1970-01-20 18:02:28	Name: _gat_UA-6383965-2 Value: 1
.winteriscoming.net/	1970-01-20 18:02:28	Name: _gat_UA-1577313-14 Value: 1
.winteriscoming.net/	1970-01-21 03:38:28	Name: _ga_X878ZPFT48 Value: GS1.1.1706548209.1.0.1706548209.0.0.0
.winteriscoming.net/	1970-01-20 20:12:04	Name: _fbp Value: fb.1.1706548210119.526279946
winteriscoming.net/	1970-01-20 18:45:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.winteriscoming.net/	1970-01-20 18:45:40	Name: _sharedID Value: 91ea088d-d7b5-4d6c-9a1b-4a7271344327
.winteriscoming.net/	1970-01-21 03:38:28	Name: _ga Value: GA1.2.674550167.1706548210
.winteriscoming.net/	1970-01-21 03:38:28	Name: _ga_VJ6NN73G7G Value: GS1.2.1706548210.1.0.1706548210.60.0.0
.winteriscoming.net/	1970-01-21 03:38:28	Name: _ga_NB8RD6J3M6 Value: GS1.1.1706548209.1.0.1706548210.0.0.0
winteriscoming.net/	1970-01-20 18:03:54	Name: _lr_geo_location Value: DE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/739763452834773?v=2.9.143&r=stable&domain=winteriscoming.net&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ajax.googleapis.com
api.userway.org
app.fansided.com
assets.minutemediacdn.com
ats.rlcdn.com
bcp.crwdcntrl.net
bqstreamer.com
c.amazon-adsystem.com
c.aps.amazon-adsystem.com
cdn.hadronid.net
cdn.mmctsvc.com
cdn.userway.org
cdn.wazimo.com
cdn77.api.userway.org
config.aps.amazon-adsystem.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
id.hadron.ad.gt
images2.minutemediacdn.com
proc.ad.cpe.dotomi.com
promotions.minutemediaservices.com
region1.analytics.google.com
region1.google-analytics.com
rumcdn.geoedge.be
sdk.privacy-center.org
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.crwdcntrl.net
winteriscoming.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.128.140.222
13.32.27.92
13.32.99.89
18.165.187.137
2.23.78.67
2001:4860:4802:34::36
2600:1f14:5db:eb00:9b05:4c3d:7cad:ec0e
2600:9000:214f:2800:1b:3a6c:1300:93a1
2600:9000:223c:2a00:19:4ac0:c3c0:93a1
2600:9000:2250:bc00:18:ed96:9000:93a1
2600:9000:2251:7000:1:4290:76c0:93a1
2600:9000:2251:9e00:5:b7cc:d3c0:93a1
2600:9000:225e:de00:14:3f07:afc0:93a1
2600:9000:2394:2800:a:3342:cb00:93a1
2600:9000:244f:de00:4:b37b:9440:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:267
2606:4700:20::681a:550
2a00:1450:4001:806::200a
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:6ea0:c700::17
2a02:6ea0:c700::19
2a02:fa8:8806:20::2100
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.160.188.47
52.222.253.136
65.9.66.68
99.86.4.128
0491376bd428bb97b0209c87e218ee61e40f54d78b1e39b57e673ba19baa1ed9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ad2843d1c38f27db499879552bd11587b8cf0b32fd8e30e063260038b3e6d7f
0c1fa34c904bff1fd2781301089ebfae8e8190e1ff8c48f2770ba7b61cf96d3a
0d382c6584603efd2331746434b9acdbb170168ad8af9f214342cdd229d7ce72
0d7bddca209ed98451676dd814159e31fac2096db2b57aabd183093f84da8970
0d7fe70c971b40deb8892bd9a804b31b3ee5d4d312b048785748bd313e06a5b7
0d93059ce7beccbbdd3bf6474a4781566dc0e6dadfc677bb762ff126ff90444e
0e6921d90c459f9545573e0524df74f0a893c6f91e062f8d7276f3407dcd2d10
102a6335011524a3bb83f5c011ece0b0ff203ab32d7c02a5cba5cd61e4bd6b75
11329ace96cb54c627870382b8ec2b7157a6cae2cb5d0096774b312e4371544f
144defa23e96754a4dd2dd63668428d5e89073e4744a7aed2c41ff47a1c72a0f
14d76e96151645aee2d48acf0d006d5316a3100c53be9d11a44bd6c3983a7409
16ba905fbfdc2e18b19974d8e56ae034e7b3931e00626ee80d3874703dc33f34
17c458e189926a3a8236cb84e000a28e7f7acf5c40121fcd2c13f6f802ed19bd
17c85a1f8396f689136e12698bd9f8c2ddb940c2508c402a42e6208f11738b4b
199adf6f32f9d20c2b91ae4581755c524a3b43cc7f6d4e64e7679e6acc5cb463
1b58162adc569a812658d258517207b7f475f6cd80ccaff60d55ad6c2a527420
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
209a9189d4323a4a0947b5b7c31d6b9f54927c60a87334dcae7124c8d876815a
20b59e88c09b33ccbe25eed47b260d27f27464788859d3298063b76a279ceda4
21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
23437814a03bc20a177d6a37c8d403a2552fdea25465ac12c5917ac6dfd331fd
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
271ac8bfe00a9774fffd1e1aec332ca161bdba74149b4f14cd0684ab9c71e540
28c236fa3a7af000415ccbb55affadadab2e87f4ab5a95e3839aa4eac0d5d689
29dc647a00f7b03ac4135274c872f205689945926201384a4b70c43babb64e75
2af81c00409b03aece10e2033c119f618c591fa6657564ab695af7da83d628d3
2b8fb20621f42a98899240e96fd19beeb00a321510c59e48661e6d3ade1afd86
2c6692f2f1c0b1e3e074d2bb63d96d0111b25753c193afbb518cf8799e4e5842
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d9c225c4ee1d642e8c8af4d6777bfd005f273ef758a47eee247f8b721e2f896
30071189f1fdbd95cbf1621fd6b95bea16aa3827d53ef8326f6b0e8963896f64
308346f9779bb3370a0d9ca8719ec7a179f5e599122a3714ac27c11938a9ea9b
31d579fc125bbc52feab9228c7aa2827bcd3d61bf1fcf6e271c0ba85212170cd
35507afa8f30bc00343eaca8c0f6cee6e2657bd90904d5b03f2c795a42b103ca
37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3cba253b7417701b683d483fe37831a5608118adb21d85b39d426661dd6656d2
3db8449bf164fc3838b4d1b6038f9944a10b841bebdf6f0c332bc9cc2cc85126
40b6d86a57ee430ca32b26841a74d899c80cfb73cd58f4b38513f0e85d131517
44912a4e9a17b476de45e314826e3ce7a8af159c4a120a64be60cb8ddc183135
465fcc22a8d03db25f15da540b733de0c636465839c7ef99c6dcb233a50af04c
48df6accf729c3536ba19765ea02f233ce664c2427f611a0749f65d4380b4453
4b86c0787178eb15e9a6aa1907a656e63167d5521481727728f458777df2ccdb
4ef45c7f3897b18faaf0a46b27fa7796af7980545714c03172adf7cb6bc872ed
53e03fd7b211f76a1a15aa18de0ae9d96555abbcf58ada35a17b681d8b2407f8
5507ffe86bee952e2678ffe4dd71356b8e2e79d8be4c0a8d21716c125a37a705
5a3b1afa85c39480d2e9493b2de9c3cb3f51d1eab5bd9b5b307bd9afeb353fae
5a732456d5f5c7c70e756525d6ad42c374b79283e28093eea8ebb409b1259a4f
5b69c7452da4976f57b449e012ff2e65f2ba4d711da86c35b6c95e825495a9a4
5cc6c43ca1856a35faad9c60128c8a8458911aa160997c34ea22366df33ed8bd
5f58aaf1f6edd3740a5fade14c9c4a6c116708651e0bca6da2a4229063f60e41
60d108fd16c0e659f36428e731702211e2464f7bb3ef4d2116386ba349573464
6221c101442a1fa7b67dfb88adf7df9661e8262fcbafc542ed3166709e0929ef
65b6263227a029d43b2fce4a8615a1abeaf7506ab2eb1b39407e27b452b6493b
663fb61201f4249395559a01784078b0892fdf54772a19f95a05bf40a3ecdbec
66af9cee4a582329bdae47b1fa86da5974bd5c6f2329ee3866f7680c51525f23
67b5c473e8698e645a7286e32f502549a61b2563785d6adcea0d7b10bc6acd7a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc5e0090105dc46b8d3a6c6cd53f5a3d116c235a6c6aa7c15d9e2fac0e718ef
6bf47d186ba36766527ab8f4274dcba86e7cd2b13a05b943b050929741f145cd
70cbf7923ac2b920be7a8dc45b753ec055f3492eff5a3f41dfade6d1a0787907
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7359a5ba1cb6468d87acc71cb935c4b9be4a192e6c9add0ef98f95ea48c615d7
751d944ae6135be340cac7896f5f9b0326213d6db9f7360a329a56987cafe05b
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7cdbc5c1866fb27aa7d3ecdfa1c9208946cf672c634f3a49c72963ae9ae3e8d4
822d3d3a1fdbc0e7d197ce2865586633869b4e6357c992f6f996f111834d2089
82c42a27cbea184402087a532cd35b787148b0dd1aca16116ed7fe71ca089341
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f0b33fac9a2b4f332d016b082309df1200d73798a5abe37dc73be96c34f029
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8964280ee5ff3dd7a8b752c726aa3e909a63410a565c7526e4868675cf4709b2
8975f6dfbac6114e91798c20ce7896f4c6283dc63389d351324dac6e60134fd0
8b70b4de9c2e497721f9f77d5b7bda9bd2d3b035907330f1f980aa4cfe518cce
8ece35524c1beb8ab51f49951fdb55b9742f741c8951e54a9bbf9a455aa337c1
90d13c638b11d741c8197eea563a67ab100361956cecaf2e41b615fae56a5c65
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
98644a91fee0751f2d28ec09f7be853435d220d19345ddcf8d5c7e9035d86748
9cb466b3cc0996bde7571ba1b80aba054021a3d04f299f522bd8eaf4f54165be
a2108f489bb9c0da0a06e88301ca0e7b280bb7c15ac5db1d8b759fd7481c4158
a27133373642419fbe564153aee06aad0321f33b78c0db10b176bdd5367c8187
a28dbeb56873c9d51d0c98cfa6413c8253a0e6a4dc7f4c0a3f3c9da833bae6bb
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a9b141bd388183d5ec09ab7eb9ee10c82c236b0ff2c53892d773ef530e6922b3
abbcc9b349f6420a2f60f4655521a3949da72428d818f370810a5a1fd9e83aa7
ac667b39b6a81d70b1100cedc79a3d0c0d1347c1e17599d55131ab19e6d70b54
ae50af3b8034462a4da0b7cfe826946f07632bbbeee5ac1d9bd5befc4fb80a49
ae66a6bfeda36f14aee99589a98078c3d8ffa82a4ce443e11229864de21b68f8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0542876f80a1be4694cc409de59fecece5150b4eb8ef806fec12c487e891fcc
b2307a02d64df748d32d7f7b31c3851c04e114ee3c0bfc4ed0e88a8104d8204c
b31008345e3659c8b65ae101c12cde5b5279afc913d70ad359140aaadbd7db18
b5dd3ace5af51ce2e5094836a73f97bbf8f34fe17b019213a72ba9270f86ad26
b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138
b8f9b0f28637041e05cd76c465d90599cb81e8845e4958b5da7517fda7e57982
badf0148bc89c391d08d4a3781ffee2b33439bc2435ca9b3fcd1f467879c6822
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e
bd22f4b69edca909b2645b55f55b04823c0529a443f73c5c725b4b9dd1dd1041
bde3732d015017f2fac553399000cd1a1906ed4043dbe45f477346d78664372c
bfa97700bbe4aebd264f23350f5c19040c10bf4f3df325278dd733a050147160
c00b64f9ecb6283e594bdc2412a5e9023831dfa958b2ad709bdff4a4c4e45bed
c10e2b2daf3d219b419b65de36421f817ebb5bab791b329c282efe879f7905a3
c2d93132d9f33268b01136a0f0bd46dc44009dfe592a2c945e8e09dccc569edf
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c576d6374037db36fbe22fbeec555e9ff9ae1058b97253e10069eeaa4a33ec89
c5ff5f666f0353e942b75cb4e0122d59159f9f6070cf0d2bb510e9e2fa446470
c854d9b1a3902fffc3a57e5e51e7664a2c4e1c6855172fd8545754f346070e3d
c9915c6ca63b31a992c835fb5d7834b0d3f89a811840cf25902db7b6656be19c
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d7988bfa1e7bdefad6eee21d30705d6d27bf9aeff0076cc4a374f901a041a270
d95dcfe536829dc50ecab12cd73490c22df720e1ab30c63acacdd28cfce137a8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deac975055b519499caf8dcced97ac094a19676d4c40c057d8064ca9ad5c9fee
e09e3ff6d4adbe08d4c449e7eab9b862070284d27421954681e90354a7f588d4
e0f4bc260ed05fb3c3329c05134e7246a34966302e5225e1957d81fbc0d99d5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47c17f75a2cbd5fc2f3ad4de8b05fc5affb4fd8a6f45da8b98a877940ca83fd
e480602ef2fa76a727259c719370562228b97d2a63ef709f84b437e375211ef8
e79282db5d92a47470a5e2bb20f5212cf8997c8013d7cca841be890d798c1ef0
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec53504a081dddd77f08540d6ee595c1a17fdc8da1babb70113d896d314f73a6
ecc6586c8d4d7929773065525e45fe135c4f448efb38f73c485a42cb467b116e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f120c7ab79e6c17fa4c5871d6f4f4b2de849386a5c0a5f5cfde3892015d48f9d
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69cc018332ab81855ec153ad1fd599ba2f36fe406faf649dee61d3f91264fee
f89537854582f3fdbb4d30625f4dd8e25b2ddeeb88aa9bbc916574244c315c37
fca15fdab1e9d65135b9065927af819257e48224d0a2c40f3abb49d7dadb1eb0
fec2dabcd9153b1275fd863c071233108d5deab3018a096af387c3d01fac0ab4

winteriscoming.net Open in urlscan Pro 2600:9000:2394:2800:a:3342:cb00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

100 %HTTPS

76 %IPv6

27 Domains

39 Subdomains

39 IPs

5 Countries

2636 kBTransfer

9189 kBSize

20 Cookies

18 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winteriscoming.net Open in urlscan Pro
2600:9000:2394:2800:a:3342:cb00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

100 %
HTTPS

76 %
IPv6

27
Domains

39
Subdomains

39
IPs

5
Countries

2636 kB
Transfer

9189 kB
Size

20
Cookies

155 HTTP transactions
3 data transactions