urlscan.io logo urlscan.io
SecurityTrails logo

winteriscoming.net Open in urlscan Pro
2600:9000:21f3:ea00:a:3342:cb00:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://winteriscoming.com/
Effective URL: https://winteriscoming.net/
Submission: On July 10 via manual from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 5 countries across 25 domains to perform 112 HTTP transactions. The main IP is 2600:9000:21f3:ea00:a:3342:cb00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is winteriscoming.net. The Cisco Umbrella rank of the primary domain is 777811.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 20th 2023. Valid for: a year.
This is the only time winteriscoming.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
2 2600:9000:26e... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
31 2600:9000:244... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 18.165.227.28 16509 (AMAZON-02)
2 142.250.184.226 15169 (GOOGLE)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3.161.82.55 16509 (AMAZON-02)
12 2a02:6ea0:c70... 60068 (CDN77 _)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:214... 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 2600:1f14:5db... 16509 (AMAZON-02)
1 3.161.82.120 16509 (AMAZON-02)
2 108.138.6.136 16509 (AMAZON-02)
1 18.245.31.92 16509 (AMAZON-02)
1 18.66.196.84 16509 (AMAZON-02)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 23.215.22.18 16625 (AKAMAI-AS)
1 52.49.45.15 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.27.70 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 108.139.243.43 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
112 35
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
winteriscoming.com
1    2600:9000:21f3:ea00:a:3342:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
winteriscoming.net
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:20eb:9600:19:4ac0:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.mmctsvc.com
2    2600:9000:2491:6600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
2    2600:9000:26e8:d400:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
4    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2250:3a00:18:ed96:9000:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.minutemediacdn.com
31    2600:9000:2449:5c00:14:3f07:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
images2.minutemediacdn.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    18.165.227.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-227-28.lhr61.r.cloudfront.net
cdn.mmctsvc.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
15    2606:4700:20::681a:267 (United States)

ASN13335 (CLOUDFLARENET, US)
bqstreamer.com
1    3.161.82.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-55.fra56.r.cloudfront.net
sdk.privacy-center.org
12    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.userway.org
cdn77.api.userway.org
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:214f:3800:1b:3a6c:1300:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.fansided.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2600:1f14:5db:eb11:3a4b:a641:a48f:59be (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    3.161.82.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-120.fra56.r.cloudfront.net
c.aps.amazon-adsystem.com
2    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    18.245.31.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-92.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.66.196.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-84.mxp63.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
3    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    52.49.45.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-45-15.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    13.32.27.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net
launchpad.privacymanager.io
1    2a02:fa8:8806:21::1780 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
2    108.139.243.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-43.mxp63.r.cloudfront.net
geo.privacymanager.io
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
Apex Domain
Subdomains		 Transfer
32 minutemediacdn.com
assets.minutemediacdn.com — Cisco Umbrella Rank: 39277
images2.minutemediacdn.com — Cisco Umbrella Rank: 15422
228 KB
16 userway.org
cdn.userway.org — Cisco Umbrella Rank: 6851
api.userway.org — Cisco Umbrella Rank: 6703
cdn77.api.userway.org — Cisco Umbrella Rank: 11268
372 KB
15 bqstreamer.com
bqstreamer.com — Cisco Umbrella Rank: 17881
4 KB
5 mmctsvc.com
cdn.mmctsvc.com — Cisco Umbrella Rank: 31575
171 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3521
launchpad.privacymanager.io — Cisco Umbrella Rank: 3043
geo.privacymanager.io — Cisco Umbrella Rank: 2830
37 KB
4 amazon-adsystem.com
c.aps.amazon-adsystem.com — Cisco Umbrella Rank: 6884
c.amazon-adsystem.com — Cisco Umbrella Rank: 391
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 993
79 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 110
403 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2288
a.ad.gt — Cisco Umbrella Rank: 2506
5 KB
3 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1595
88 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 279
stats.g.doubleclick.net — Cisco Umbrella Rank: 208
177 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4746
172 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1223
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1265
13 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3576
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 232
72 KB
2 gstatic.com
fonts.gstatic.com
48 KB
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3384
136 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
2 KB
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4187
465 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2569
12 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
274 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2949
1 google.nl
www.google.nl — Cisco Umbrella Rank: 9102
408 B
1 fansided.com
app.fansided.com — Cisco Umbrella Rank: 97647
2 KB
1 winteriscoming.net
winteriscoming.net — Cisco Umbrella Rank: 777811
74 KB
1 winteriscoming.com
winteriscoming.com
656 B
112 25
Domain Requested by
31 images2.minutemediacdn.com winteriscoming.net
15 bqstreamer.com cdn.mmctsvc.com
10 cdn.userway.org rumcdn.geoedge.be
cdn.userway.org
5 cdn.mmctsvc.com winteriscoming.net
cdn.mmctsvc.com
4 api.userway.org cdn.userway.org
4 www.googletagmanager.com winteriscoming.net
www.googletagmanager.com
3 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
3 sdk.privacy-center.org winteriscoming.net
rumcdn.geoedge.be
2 cdn77.api.userway.org cdn.userway.org
2 geo.privacymanager.io launchpad.privacymanager.io
2 id.hadron.ad.gt cdn.hadronid.net
2 c.amazon-adsystem.com c.aps.amazon-adsystem.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net winteriscoming.net
connect.facebook.net
2 securepubads.g.doubleclick.net rumcdn.geoedge.be
2 fonts.gstatic.com fonts.googleapis.com
2 rumcdn.geoedge.be winteriscoming.net
rumcdn.geoedge.be
2 fonts.googleapis.com winteriscoming.net
1 a.ad.gt rumcdn.geoedge.be
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.hadronid.net winteriscoming.net
1 tags.crwdcntrl.net rumcdn.geoedge.be
1 launchpad-wrapper.privacymanager.io rumcdn.geoedge.be
1 config.aps.amazon-adsystem.com rumcdn.geoedge.be
1 c.aps.amazon-adsystem.com rumcdn.geoedge.be
1 www.facebook.com winteriscoming.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.nl winteriscoming.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 app.fansided.com www.googletagmanager.com
1 assets.minutemediacdn.com winteriscoming.net
1 winteriscoming.net
1 winteriscoming.com 1 redirects
112 35

This site contains links to these domains. Also see Links.

Domain
quiz.hiddenremote.com
fansided.com
www.facebook.com
twitter.com
daily.fansided.com
www.minutemedia.com
Subject Issuer Validity Valid
editorinleaf.com
Amazon RSA 2048 M03		 2023-12-20 -
2025-01-17		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cdn.mmctsvc.com
Amazon RSA 2048 M02		 2024-04-04 -
2025-05-03		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M03		 2024-03-10 -
2025-04-07		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
assets.minutemediacdn.com
Amazon RSA 2048 M02		 2024-03-26 -
2025-04-25		 a year crt.sh
images.mmctsvc.com
Amazon RSA 2048 M02		 2024-04-02 -
2025-05-01		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
bqstreamer.com
E5		 2024-07-09 -
2024-10-07		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.fansided.com
Amazon RSA 2048 M02		 2024-06-01 -
2025-06-30		 a year crt.sh
*.google.nl
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
c.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-05-30 -
2025-06-29		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M03		 2024-06-26 -
2025-07-24		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
id.hadron.ad.gt
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
a.ad.gt
E6		 2024-06-09 -
2024-09-07		 3 months crt.sh
1784939676.rsc.cdn77.org
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://winteriscoming.net/
Frame ID: EF02C9BAF68670930BF38AF7F891D2D6
Requests: 111 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi.js
Frame ID: 50271CC1AA7AF6CDBB3B3E0B43B75BC1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Game of Thrones and sci-fi/fantasy news, TV, and movies

Page URL History Show full URLs

  1. https://winteriscoming.com/ HTTP 301
    https://winteriscoming.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

112
Requests

99 %
HTTPS

66 %
IPv6

25
Domains

35
Subdomains

35
IPs

5
Countries

2096 kB
Transfer

8923 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://winteriscoming.com/ HTTP 301
    https://winteriscoming.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=739763452834773&ev=PageView&dl=https%3A%2F%2Fwinteriscoming.net%2F&rl=&if=false&ts=1720608306842&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720608306841.933925914592598090&ler=empty&cdl=API_unavailable&it=1720608306802&coo=false&rqm=FGET HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D739763452834773%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwinteriscoming.net%252F%26rl%26if%3Dfalse%26ts%3D1720608306842%26sw%3D1600%26sh%3D1200%26v%3D2.9.160%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1720608306841.933925914592598090%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720608306802%26coo%3Dfalse%26rqm%3DFGET

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winteriscoming.net/
Redirect Chain
  • https://winteriscoming.com/
  • https://winteriscoming.net/
540 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ea00:a:3342:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
996aac5478fc6850d2af68a17443b0ce132601379a7b2a6a50c02bb6e3dcdaa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=60, stale-if-error=2592000, stale-while-revalidate=600
content-encoding
gzip
content-type
text/html
date
Wed, 10 Jul 2024 10:45:05 GMT
etag
W/e2a9250acbce2a0cd7644b954b1f5205231ff715e24df7790c78da5333d26b8f|69be31817033f9d8d46d3e656f3509a6ac77e656fa07cbe1a3dbfee752ea9161
last-modified
Wed, 10 Jul 2024 10:45:05 GMT
referrer-policy
no-referrer-when-downgrade
server
CloudFront
vary
Accept-Encoding
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
x-amz-cf-id
KUMu7UUDAhysSLps2-c5W-mhMH7VLw8ZVW-F3AnHENnW6JJUz2M45w==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-from-mm
true

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8a0ff650fe023648-FRA
content-length
167
content-type
text/html
date
Wed, 10 Jul 2024 10:45:04 GMT
expires
Wed, 10 Jul 2024 11:45:04 GMT
location
https://winteriscoming.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMyG3JW%2F%2FR84ZFAqMBhVS12if8iOBBWoTLkEkqTZ5oGkDJXAxklRoT42Xvk%2BpHVJV7wilVjSxMA2BwUnQrEont90chcmh%2FGlHxvpur8lbfPwltAfFNEuDWmBZ6rgisUjucKoNO9fMsUZPHt7iQvjbic%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		4 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600,700&display=swap
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a1835fa1aefc9b2c27bedbc20d4d69d21bc4a65977e77b055a0b1bf01838d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 10:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 10:30:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 10:45:05 GMT
css
fonts.googleapis.com/ 		5 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 10:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 10:45:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 10:45:05 GMT
mz-delivery.js
cdn.mmctsvc.com/ 		570 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/mz-delivery.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
928a0e0ef93a12c07bf3de13365cf5dfacd3ddf1348ceb9b2375e27b60ce1bc8

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 07:41:23 GMT
content-encoding
br
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 07:40:53 GMT
server
CloudFront
x-amz-cf-pop
FRA2-C1
age
97424
etag
W/"07d286e4f1af24c5aa6f4fce62701c61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
6VTWnz7Ue6wujWe5BGE1D5kS_pUWjDDbufZSk4-Y0dO6uLZQA-ELyg==
grumi-ip.js
rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd2ead78cad296168690d755c8811f6853cddfbf4e12e84d447df77689424967

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:31:56 GMT
x-amz-version-id
CKSk7NhMogga0WYcOdGolOkbXBzqeWtY
content-encoding
br
last-modified
Tue, 18 Jun 2024 14:32:56 GMT
server
AmazonS3
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"bd651b41522815521a623bfe5cd3933f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
790
x-amz-cf-id
NGZtoF4R-S4Nqtq3j5MIQASrLurWD1Af2BJyeD9MUomynPXJiNQ5Qg==
loader.js
sdk.privacy-center.org/3810dd55-0181-4ddc-952e-59a8c9a36fe4/ 		90 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/3810dd55-0181-4ddc-952e-59a8c9a36fe4/loader.js?target_type=notice&target=WHiEUdYM
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:d400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3c765ac23b9fe8fba7666a899f8e1930d40a42db782887476b43ccbe06eb0e1d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 09:23:57 GMT
content-encoding
br
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:false
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
age
4956
x-amzn-requestid
582b7c51-5209-416d-890e-a092af233eda
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-didomi-configs-version
111
x-amzn-trace-id
root=1-668dc011-330d12884f1a9bf7268740f2;parent=32b2913cf60cf712;sampled=0;lineage=eaae1266:0
etag
W/"12905f765828e8a5fb346f041a5048e5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
x-amz-cf-id
iFz4B7z5wTjqtC2z6J15bEMnJxh66ffhH3NoO29RsgpTn1l7G9WE-w==
gtm.js
www.googletagmanager.com/ 		530 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
296231ba09bcfc319d9a13e36cac057d9c9ebd34655e264cca6bcd21b1a032ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
153888
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jul 2024 10:45:06 GMT
gtm.js
www.googletagmanager.com/ 		241 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-524LTF9
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0a632b834b69b827d5dbfaaf5792ca5e87009c31bc2777c381f23ff50798e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75813
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jul 2024 10:45:06 GMT
HomePagePhoenix.bundle.GD4IHOL5.js
assets.minutemediacdn.com/js/ 		486 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.minutemediacdn.com/js/HomePagePhoenix.bundle.GD4IHOL5.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3a00:18:ed96:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
cca9481fed0f980f3f0283b84e40799c2cca0e1fc5a1cd2538ae12fb19289005

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 08:04:30 GMT
content-encoding
br
via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jul 2024 08:02:43 GMT
server
CloudFront
x-amz-cf-pop
FRA60-P2
age
528037
etag
W/"ac3cd6656422476ac08aec7e756e959d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age: 31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
hk_yu35_ARsjqrFNcaEBEjMWWds6tu7NhpGSkokZL31Oy8IhZDjlyw==
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae66a6bfeda36f14aee99589a98078c3d8ffa82a4ce443e11229864de21b68f8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
465fcc22a8d03db25f15da540b733de0c636465839c7ef99c6dcb233a50af04c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
images%2FImageExchange%2Fmmsport%2F385%2F01j2c8xgvfycrp5d25pa.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_720,ar_16:9,f_auto,q_auto,g_auto/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_720,ar_16:9,f_auto,q_auto,g_auto/images%2FImageExchange%2Fmmsport%2F385%2F01j2c8xgvfycrp5d25pa.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9c5837b840d01cddd50bac3b63fecfbf48d79b05c2df7bc65ab30a84d9e4e46d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 19:43:12 GMT
via
1.1 02953992e043cdd9273bab020f4030a0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
54114
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j2c8xgvfycrp5d25pa.webp"
content-length
41308
x-request-id
6b5f695cb717e8cd72822f9b7bd4f938
x-served-by
cache-iad-kiad7000067-IAD
last-modified
Tue, 09 Jul 2024 19:43:13 GMT
server
CloudFront
surrogate-reporting
width=720,height=405,bytes=41308,owidth=1920,oheight=1280,obytes=1622041,ef=(1,13,17,23)
x-timer
S1720554191.309398,VS0,VE873
etag
"c7488caf4a47b183cc04d261919a0478"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
cf6WGlWJK3nGiMUhJntEH1tF17b4FRsY-SZjGijWEooWWLBtRdWXNg==
x-cache-hits
0
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:42:42 GMT
x-content-type-options
nosniff
age
90144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:42:42 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:35:22 GMT
x-content-type-options
nosniff
age
90584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:35:22 GMT
grumi.js
rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/ Frame 5027 		391 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4ae968c44c730791048c4a5aa7e0e981455db389a3a19ef25ce6000ef91821

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:31:56 GMT
content-encoding
br
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jul 2024 10:07:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
790
etag
W/"e7d18e93f0b162afce8c5970e4a89dc4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
O_pdVY2sf9D0cMk1Blv0P9pE6C7J8pu4Gx6BqQWasRMqJiNAwxqM6g==
li_direct_list.json
cdn.mmctsvc.com/engine/static/monetization/ 		52 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/engine/static/monetization/li_direct_list.json
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.227.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-28.lhr61.r.cloudfront.net
Software
CloudFront /
Resource Hash
ab828a6248c5b0b5276efb11988eedcc6aa53f08098ecd67ff454ed65a89e8ae

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 06:31:22 GMT
content-encoding
br
via
1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P5
age
15225
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jul 2024 06:30:48 GMT
server
CloudFront
etag
W/"f2418a4b01fca2832f5dcd3251edacdd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 31536000
x-amz-cf-id
ZwTHky9Vj8Smt6i7QthSdBTAea1zHPjTkqcB9LUJm4UJkQRkK0OmSA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9b484fe8b833192180baa0c957e396b4bae4955010a25b35cc33503d12a32cf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31925
x-xss-protection
0
server
cafe
etag
193 / 19914 / 31085116 / config-hash: 8874660279980304388
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Jul 2024 10:45:06 GMT
winteriscoming.net.json
cdn.mmctsvc.com/oo-policies/demand-configuration/ 		32 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/oo-policies/demand-configuration/winteriscoming.net.json
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.227.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-28.lhr61.r.cloudfront.net
Software
CloudFront /
Resource Hash
c4a5ad56cd8026f757032435604adbdaa8a73177b6740b651111b26d9e221ca6

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 07:38:41 GMT
content-encoding
br
via
1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P5
age
97586
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 08 Jul 2024 15:29:16 GMT
server
CloudFront
etag
W/"aa7c914517f7760258c4f6d5ee307558"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 31536000
x-amz-cf-id
9H8HnPPViE2BcP0uCuMfocKIaL9UHF1XvBOdckr_zswKlabLKsCYsA==
winteriscoming.net.json
cdn.mmctsvc.com/adunits/unify/ 		1 KB
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/adunits/unify/winteriscoming.net.json
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.227.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-28.lhr61.r.cloudfront.net
Software
CloudFront /
Resource Hash
a2807189054c393597b0d0c705622337fbcccbd830d2fc4096fe04ea272764f2

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:02:41 GMT
content-encoding
br
via
1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P5
age
9746
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jul 2024 08:01:46 GMT
server
CloudFront
etag
W/"ffe29ed7f687bb9e6850d974c060db71"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 31536000
x-amz-cf-id
s2BPVR8IFrnMzWWVFmZQgnHQ2yd1AEolrZUGe6f1qTBIOZ0Rk-aZFQ==
/
bqstreamer.com/tr/ 		0
279 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gPyAVh8uZ0YC6%2FEioI%2B1Fa21JJFuVAYZbTKUzWvKwboqjyKFFvGklOckXIYGcJRhOGxMn1GXYx8Ot6VM9xLUtZDoLDK1w5AzQ84ZB4A8%2Fuctg%2Fj5MgS9TAFwUf1D1XdKMyaedwsF0GVBb4%2F8"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a73364d-FRA
/
bqstreamer.com/tr/ 		0
278 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxzJ5uHccSWW1LfiK%2FUUOZqR%2F68kaCS3AKoE7JiK72bGLg2AMtM5A17c10HXKU%2Bqee4%2BsNCPZPAPlSF0etsT%2FetRJWB8xQZ0l2YwWK1TZelHWuE9IHlmZAaSWofOyh%2BanZITkFhb0Le5hBBr"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a7f364d-FRA
sdk.e0ea24de9e6c038214bf35587950fea8470e327d.js
sdk.privacy-center.org/sdk/e0ea24de9e6c038214bf35587950fea8470e327d/modern/ 		345 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/e0ea24de9e6c038214bf35587950fea8470e327d/modern/sdk.e0ea24de9e6c038214bf35587950fea8470e327d.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:d400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ad423ec7bd6ed6ffbbe09bd620eb7fbc1f6b840fb779c89d133aae8f9263b77

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:27:06 GMT
content-encoding
br
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 14:26:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
73081
etag
W/"3522c01f653424276a2e9a0c4dbb411c-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7uAz3f2VmJcYpAPxV_5kuyuFRAfOkC0H5sTM7cfEO5046gECeqUzGA==
/
bqstreamer.com/tr/ 		0
276 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pjgtDX3RrWbN3Hqn9WOz0MAQhdVb0Li1lG%2FWkNTIoL3g1J9LP1Pg4EfkgzGEiXdx7oa%2BFT7LALUDvNTaeapNW5kwE17R93q0KRzSv%2FqtpuWGmwBUMLfhgM03Yd3EIE0EH4Ax%2F6ioAG48X7X"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a81364d-FRA
/
bqstreamer.com/tr/ 		0
280 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEiJleu8q%2F4L7BSYCSg9Ihi8sItc6UtwXnNN49Dpo%2BjHFBbQdEr%2FIWYFthkIDLzOB5PGL%2FN7GuIW3fBCCMZHO%2B3yvGvA13YiQ2TOWD0%2B3QghwSWS3X4n4LYoa22QubmqvLRK7QSAq4QdEZ5N"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a82364d-FRA
/
bqstreamer.com/tr/ 		0
438 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QktwROdRROS5esolm5TbIp%2B8IRRLRXymbB%2Ft1%2BpSXNOuMjOMDwOPloRsgzNX66hpAWh3ZUHqdF7NOyXToZKKV%2BuakfXN7FHLdez0dofixdwwMfYHB0oea5CcCHvUcGNovGCCsLowg0zGG2D1"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a76364d-FRA
/
bqstreamer.com/tr/ 		0
277 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHrybgl3hj0Q22bOORGv7e18fTEZCRQeSsZ6jq9%2Bdul%2BGqdgwsE7tT3R6qvv75%2BYi7Jdfi6zqNGct6LczE3QsYyKbmnp18YQIsMyNw4bRs98O7XzozF%2BqsuW%2BeJU%2FiFfa1I6v3d277cCDPf2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a78364d-FRA
/
bqstreamer.com/tr/ 		0
274 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9qah7wXE67dFplWGrflVlsOcWIKOpiyFxbOeqiwUut4jHJ5aKSbQ3ty7tPqeTG9wf7RbQLuldxJn2TFboOTYtK7EmG6OIuyQGT2stpGgPgtQ86VITTg%2B%2BD564OrGUA4VWModkAuj1%2FQd7OQ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a7a364d-FRA
/
bqstreamer.com/tr/ 		0
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkGpglLaIh6r701kJFZt0gnHCgH8rSebmo0XTf%2F7kH2fUbocEjzBKu7dxxxVNxBi6PvgjuQt9M9dOlH6%2FhFeLCaoQ9yfpA%2B3a19QATpibBALa2O4ik3kA4u9YEwoj9qbrAo5ZsWrJ2ZEFLoH"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65a1a7d364d-FRA
ui-gdpr-en-web.e0ea24de9e6c038214bf35587950fea8470e327d.js
sdk.privacy-center.org/sdk/e0ea24de9e6c038214bf35587950fea8470e327d/modern/ 		266 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/e0ea24de9e6c038214bf35587950fea8470e327d/modern/ui-gdpr-en-web.e0ea24de9e6c038214bf35587950fea8470e327d.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.82.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bad1a45722abd15022bf889fefa530301f4bfbdec458a41a2c302a678cd481dc

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:28:03 GMT
content-encoding
gzip
via
1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 14:26:55 GMT
server
AmazonS3
age
73024
x-amz-cf-pop
FRA56-P10
etag
W/"dd217f3b9ae7dee9e7bf2fb4ef4ceaf2-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7d8FZbUUk6Wj7t2E5xsMb32CvdePHaTE9U0z9-ycEKf3P5eKreisbA==
/
bqstreamer.com/tr/ 		0
277 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzONkCSf2wywu10yyaXbKq%2FOKrziOc34tJC6Bc%2FKU8buP9RGT2EYamZZRwS6NcOFZKzZMkeOv7T5fHZbh9qjPG7aDfxiGvYe4vCX9gfyxY8RS6%2BCMdlHtIIXiWjYyEnr0pDTxuIpIdLBO0FE"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65aebb8364d-FRA
01j2ddmkjrfnwpnpeer6.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_77/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		882 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_77/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j2ddmkjrfnwpnpeer6.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f24d23d21c0a0acf94f9e3e2fba4532ad917c7179d6937e27300c9cf7b277383

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 04:49:35 GMT
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
21331
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j2ddmkjrfnwpnpeer6.webp"
content-length
882
x-served-by
cache-lga21968-LGA
x-orig-request-id
217f01acacd492208106307fe67f82bc
last-modified
Wed, 10 Jul 2024 04:45:09 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=882,owidth=1920,oheight=1280,obytes=1015318,ef=(1,13,17,23)
x-timer
S1720586976.660843,VS0,VE90
etag
"a4c00df5f1007ba028ba274362814883"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
IH_4L3MKwCEN8aXiR6lWJCULlEUIw2kgt1RxswewzI2S_tlAHkyp7A==
x-cache-hits
0
01j2ces3dtsssnr1jkdz.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_53/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		898 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_53/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j2ces3dtsssnr1jkdz.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
544dc5dcb79bffd5d7d760ec32e9f41458f77262e712d566799dbe9ee870279e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 19:26:51 GMT
via
1.1 8774711cd9fd32ceec95cdb13439f30c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
55095
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j2ces3dtsssnr1jkdz.webp"
content-length
898
x-request-id
c016bdbe69970ef3011807caab56be29
x-served-by
cache-lga21950-LGA
last-modified
Tue, 09 Jul 2024 19:26:52 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=898,owidth=1920,oheight=1280,obytes=1363479,ef=(1,13,17,23)
x-timer
S1720553211.571816,VS0,VE670
etag
"a8255fde876468c612354586579f3cbf"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
D2RdOH01N2naI8SX1XFvdeN_wqGAYiO1_SVi7pSqAmhmx6cPp44NTQ==
x-cache-hits
0
01j2c1rsta2xdschaery.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		854 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j2c1rsta2xdschaery.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9b145b60b8fd3c31f5eab8b3ab2291d901b81965bcc712180ee37eff8cfa6089

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 18:26:19 GMT
via
1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
58727
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j2c1rsta2xdschaery.webp"
content-length
854
x-request-id
21dc66418bb762944bc2d05f36a24129
x-served-by
cache-lga21936-LGA
last-modified
Tue, 09 Jul 2024 18:26:20 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=854,owidth=1920,oheight=1280,obytes=1009665,ef=(1,13,17,23)
x-timer
S1720549579.214541,VS0,VE472
etag
"9b4671f3fa44d62e588bbe9b375d5fea"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
soe7Sn8TKLq64eXl0u9GR6YY08y0nsB2QEWUUdLK7BynPOtA1oD_fA==
x-cache-hits
0
01j29w89b1kcvhbc5sg7.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1376,h_774,x_544,y_133/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		770 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1376,h_774,x_544,y_133/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j29w89b1kcvhbc5sg7.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
59dfe59ce65410f4cd3c08e526990ad29147b182b0374ebae8723aeb6fcffe0d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 16:27:34 GMT
via
1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
65852
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j29w89b1kcvhbc5sg7.webp"
content-length
770
x-request-id
e050c7a6409ad39bd0f882ff93564271
x-served-by
cache-iad-kiad7000123-IAD
last-modified
Tue, 09 Jul 2024 16:27:35 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=770,owidth=1920,oheight=1280,obytes=952740,ef=(1,13,17,23)
x-timer
S1720542454.201928,VS0,VE458
etag
"afdb18ff8d554efdb72b9be069e63f61"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
SiFUV43S0pfbzsB6plLjfsj8RbS3T_r5z8OxXhg8Pn28DjCFAPxCEQ==
x-cache-hits
0
01j2c26afrz3hjxv1ncb.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3840,h_2160,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3840,h_2160,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j2c26afrz3hjxv1ncb.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8064822666206cffb0c8129fad6ca73adbc03bacbc0a707780f118d3ad4fb6bb

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 19:43:11 GMT
via
1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
54115
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j2c26afrz3hjxv1ncb.webp"
content-length
3470
x-served-by
cache-iad-kiad7000108-IAD
x-orig-request-id
6be9822bb953ea01e1448643b65d1747
last-modified
Tue, 09 Jul 2024 19:42:50 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=3470,owidth=3840,oheight=2160,obytes=3288491,ef=(1,13,17,23)
x-timer
S1720554191.472649,VS0,VE1
etag
"92ee04e7cd7ec6114e66d264ccc71fe6"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
WPM_CBxuDbRl5Kyraw5ieLhE6Ae9eMlgX_bZko02G_0Lh2UL2FCBdw==
x-cache-hits
1
01j2c08m13xkp35b365j.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2944,h_1656,x_259,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		350 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_2944,h_1656,x_259,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j2c08m13xkp35b365j.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
646992ac1f8a44556f3eb29d69eeb9f97e6c869ee11a18ec4581174f9a5e9499

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 16:57:19 GMT
via
1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
64067
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j2c08m13xkp35b365j.webp"
content-length
350
x-served-by
cache-lga21982-LGA
x-orig-request-id
0c8ee348c4bbb14a1326f16bf9731202
last-modified
Tue, 09 Jul 2024 16:56:31 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=350,owidth=3600,oheight=1656,obytes=5602110,ef=(1,13,17,23)
x-timer
S1720544239.261608,VS0,VE70
etag
"df45578e883b8165b9f7c93ad3def7ad"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
GbGD_dhXl57saku-bDm_UagnDS0BDT91PhtLyh0NThRwIHL9-YEXaw==
x-cache-hits
0
01j1sj3hhw167nmc5cpv.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_127/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		932 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_127/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1sj3hhw167nmc5cpv.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
38b6d8f60b4713a3dbaedfe8883f9ef679bc57d79f80c04613bb2f1b1fa6576e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 16:02:54 GMT
via
1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
67332
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1sj3hhw167nmc5cpv.webp"
content-length
932
x-request-id
471df923deddf5b0ece87a06b891dfda
x-served-by
cache-lga21941-LGA
last-modified
Tue, 09 Jul 2024 16:00:50 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=932,owidth=3000,oheight=2000,obytes=4786707,ef=(1,13,17,23)
x-timer
S1720540975.586666,VS0,VE1
etag
"f631d06ad9ce9b04294a735eb3630b84"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ZzEhT6m8iYCf3MVjjk1xvlTF8qafDPY1bbP0i-vnenwhSIqyJ9jQ0Q==
x-cache-hits
1
01j29kyprhr5t6vq2je4.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1000,h_562,x_0,y_88/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		318 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1000,h_562,x_0,y_88/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j29kyprhr5t6vq2je4.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
dfb651a5c762cc020b6fd889a4151fcfb040587d87e68e821b85f95936aa727c

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 06:51:10 GMT
via
1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
100436
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j29kyprhr5t6vq2je4.webp"
content-length
318
x-request-id
022267bc3a83826886f245a54f0f79b3
x-served-by
cache-lga21925-LGA
last-modified
Tue, 09 Jul 2024 06:51:11 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=318,owidth=1000,oheight=665,obytes=252924,ef=(1,13,17,23)
x-timer
S1720507870.769361,VS0,VE428
etag
"987b3c17d477ad23163ce21d2edd0734"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
5m9h7SK30qkp7jozDvGXgVyEC-BXrGIBqHHEWG9Mu6OHvGJpY07pjw==
x-cache-hits
0
01j28sk568ym1t99z1ft.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5245,h_2950,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/ 		422 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_5245,h_2950,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/01j28sk568ym1t99z1ft.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b7a1332c9ac38288340b06dd71628a986be2459c54438d526016272393018e0f

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 06:51:11 GMT
via
1.1 820b14719bf91dbc846cab9728bc3fe6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
100435
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j28sk568ym1t99z1ft.webp"
content-length
422
x-request-id
c3ca8fffca4b68efe6a6ba6e2ec4f513
x-served-by
cache-lga21972-LGA
last-modified
Tue, 09 Jul 2024 06:51:12 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=422,owidth=5245,oheight=3497,obytes=3002218,ef=(1,13,17,23)
x-timer
S1720507870.117393,VS0,VE1298
etag
"5160d73f2a96e636f596a98c9dfe875b"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
fCyPrIpAHsFoFQisyVLzxo-hO1066lChUg4EKaqb3iEGQ0zjM79--g==
x-cache-hits
0
01j1ztx023hp790gx3h3.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2852,h_1604,x_660,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		830 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_2852,h_1604,x_660,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1ztx023hp790gx3h3.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
21d39a5fe1d0b7cb9d808919716f3e7fbbbe15c6d2d965692cd6dde8c03c7323

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Jul 2024 00:52:27 GMT
via
1.1 52e479c500405e4e5b36d8a25429d06c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
467559
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1ztx023hp790gx3h3.webp"
content-length
830
x-request-id
15c98db161a58bc023aff881768fbb0b
x-served-by
cache-iad-kjyo7100155-IAD
last-modified
Fri, 05 Jul 2024 00:44:15 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=830,owidth=3840,oheight=1608,obytes=1500333,ef=(1,13,17,23)
x-timer
S1720140747.316174,VS0,VE1
etag
"158e6da71434e360cdb9ad41aaa25824"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
XdkgV6DDyWFyXV7eZJZk1r_2bu4GMNSpIsdsS6qlQ-YHIiSm-WRDIQ==
x-cache-hits
0
01j1qhqnfh4kdp7ekm4k.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		792 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1qhqnfh4kdp7ekm4k.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
abf4d6ba8af51baf687ac22a8029b32dc239696e6d0eac085036f778dd2d58e3

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Jul 2024 20:51:41 GMT
via
1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
395605
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1qhqnfh4kdp7ekm4k.webp"
content-length
792
x-request-id
607f63a2181485f131f7167d677c1960
x-served-by
cache-iad-kjyo7100109-IAD
last-modified
Fri, 05 Jul 2024 20:47:56 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=792,owidth=3000,oheight=2000,obytes=5220844,ef=(1,13,17,23)
x-timer
S1720212701.236035,VS0,VE2
etag
"cea4c76ca6a16bf9f86fe196e30bb570"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Qzn6iQpQTjkdpUvOFIo8n5lihYWcjrx99fc3WucOYxcYHOr3Uy3iYg==
x-cache-hits
1
01j1w6dst5jxw8wwk5z4.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_313/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		340 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3000,h_1687,x_0,y_313/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1w6dst5jxw8wwk5z4.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b11477ff618dfcd4c21694a326c74a914f5d903b8a90f8c9532768524556e6db

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 20:42:56 GMT
via
1.1 820b14719bf91dbc846cab9728bc3fe6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
568930
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j1w6dst5jxw8wwk5z4.webp"
content-length
340
x-served-by
cache-lga21921-LGA
x-orig-request-id
19a7049906cf61e7244601d394bb2eac
last-modified
Wed, 03 Jul 2024 20:41:10 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=340,owidth=3000,oheight=2000,obytes=6168588,ef=(1,13,17,23)
x-timer
S1720039376.173144,VS0,VE40
etag
"39815f45243ea562cdf09b64067b46b6"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
vIcnRBAXvcax3qPknDQ1KVNrTdvHNenydiwqeoxlRj55iJWhDO_r5w==
x-cache-hits
0
01j164sexshqarwe1rn8.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2507,h_1410,x_33,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/voltaxMediaLibrary/mmsport/385/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_2507,h_1410,x_33,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/voltaxMediaLibrary/mmsport/385/01j164sexshqarwe1rn8.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d624f6b214f995cf806fbe990eca196954f1af230ff939de8bd8b28f37102d0b

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Jul 2024 15:58:53 GMT
via
1.1 6bc6f1fdbe871b248472c66b101ae43c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
672373
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j164sexshqarwe1rn8.webp"
content-length
4356
x-served-by
cache-iad-kiad7000143-IAD
x-orig-request-id
bfb665904d35ffce26a86353c7d93324
last-modified
Tue, 02 Jul 2024 15:52:57 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=4356,owidth=2846,oheight=1412,obytes=2705134,ef=(1,13,17,23)
x-timer
S1719935933.344767,VS0,VE1
etag
"3907ea9460e535333a03fe9bf59d11a3"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
kcIufB7u4hiZOCzkVNJGpam9-0lIWXl1FVwEX54tjnoqv5S6U3DOOw==
x-cache-hits
1
01j03zgree1x0dz1nd66.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		284 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j03zgree1x0dz1nd66.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
40fd2df95e9e9aa804c9c6007e04eee3a154b8533cd48984520ecb56a9cb0946

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 02:16:00 GMT
via
1.1 87e02820e63ff6cf9cd98d9efbaab1fc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
203346
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j03zgree1x0dz1nd66.webp"
content-length
284
x-served-by
cache-iad-kiad7000169-IAD
x-orig-request-id
1d944fd00bfb3995944f37ac491af252
last-modified
Mon, 08 Jul 2024 02:01:35 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=284,owidth=1920,oheight=1080,obytes=996245,ef=(1,13,17,23)
x-timer
S1720404960.420227,VS0,VE1
etag
"1b9d449c21be9333edd6bf435d28c0b6"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ITxlqldcesEtFym-4O6FMm_XgAVnsvCGk6tDkdpP7NAmhZeoZF6FMQ==
x-cache-hits
0
01j1fy45pycddfvexm44.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2862,h_1609,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		872 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_2862,h_1609,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1fy45pycddfvexm44.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1b8e4563a4a7691afd5f46d27af8ac68945150647410ffd81c8179fa3a1baeab

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 02:07:14 GMT
via
1.1 090efd40244331fb9de1ff753ff5be70.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
203872
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1fy45pycddfvexm44.webp"
content-length
872
x-request-id
6fe0c4404bdd1111e53f3f5673726d1e
x-served-by
cache-iad-kjyo7100074-IAD
last-modified
Mon, 08 Jul 2024 01:56:47 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=872,owidth=3840,oheight=1608,obytes=464488,ef=(1,13,17,23)
x-timer
S1720404435.658002,VS0,VE1
etag
"e0430dadd60295b719e3be5b656790e1"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
jA2hih6zpjyz4O5KUbvULhI5jQmLSxBV6NyEMp51GYzh-crUSVRUtA==
x-cache-hits
0
01j1syz3ff5bcs33wmda.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2000,h_1125,x_0,y_142/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/ 		286 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_2000,h_1125,x_0,y_142/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/385/01j1syz3ff5bcs33wmda.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
306b0b93a52cbff8ca715df368598b3c48747f77c6b9b6aeabba3d8285606b6c

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Jul 2024 17:37:20 GMT
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
666466
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j1syz3ff5bcs33wmda.webp"
content-length
286
x-served-by
cache-lga21957-LGA
x-orig-request-id
1d1240cd612144fb8f0cb3a7097da474
last-modified
Tue, 02 Jul 2024 17:37:06 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=286,owidth=2000,oheight=3000,obytes=601832,ef=(1,13,17,23)
x-timer
S1719941840.441064,VS0,VE36
etag
"4ecc31c3c051e7154a609dde33637ad3"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Ty6Lrxth6e59zOkDE4Lj1nLVx6gv7zBDgFeN9CoC9srz7qhMdbMK9g==
x-cache-hits
0
01j0kgq6b9673r48myt7.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3733,h_2099,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		260 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3733,h_2099,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j0kgq6b9673r48myt7.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8923f3d0ba39ebf9b01795a763daee435124285f4ea530bced6812077cf39f47

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 28 Jun 2024 16:59:43 GMT
via
1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
1014323
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j0kgq6b9673r48myt7.webp"
content-length
260
x-request-id
46163d17c7b97e6bcb71a687c6174d78
x-served-by
cache-iad-kjyo7100176-IAD
last-modified
Fri, 28 Jun 2024 16:59:16 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=260,owidth=3733,oheight=2100,obytes=1243885,ef=(1,13,17,23)
x-timer
S1719593983.061925,VS0,VE2
etag
"8a23d79f3600fbffa39a0987132c4f05"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
CiaqPR28g_V9K0kguUI0hqPJeLTkZ1hzrAJ6WvtYEZf8CNIe-gin2w==
x-cache-hits
1
01j29khd7fz417eh6xqq.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		884 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j29khd7fz417eh6xqq.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
01ab6627bfe5f7f04f87b2075541473aa62968503a12c3759e8140d5cbf3cc26

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 06:51:09 GMT
via
1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
100437
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j29khd7fz417eh6xqq.webp"
content-length
884
x-request-id
087f90289bda231ee46a5684d2c83491
x-served-by
cache-lga21975-LGA
last-modified
Tue, 09 Jul 2024 06:51:10 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=884,owidth=1920,oheight=1280,obytes=1015318,ef=(1,13,17,23)
x-timer
S1720507869.250116,VS0,VE583
etag
"0c74ab4530c2d3f648f32325ad74b587"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
hEqeC9DVAqHZqy8cXKURVdPf2GORTrw895tTbzz-8uNMUjo3ZYvzOA==
x-cache-hits
0
01j1x59yf6kfrt7zv85p.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_158/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		226 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_158/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1x59yf6kfrt7zv85p.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c46c8ce447846b5d0c03a5e585dd2350d8f217944665e365729e1a7f05ac6c07

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 18:44:18 GMT
via
1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
144048
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j1x59yf6kfrt7zv85p.webp"
content-length
226
x-served-by
cache-lga21947-LGA
x-orig-request-id
f196c78c0df2c05feb243a6311c6cfee
last-modified
Mon, 08 Jul 2024 18:42:14 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=226,owidth=1920,oheight=1280,obytes=1127870,ef=(1,13,17,23)
x-timer
S1720464259.742722,VS0,VE1
etag
"844bb6f6ebdd408db4786d2efc7fb98a"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
GVpSk3DRqABiyHwt6DC4bCf2lF7Uk2d7WLyam6pJHBMwzOK92S-8Hw==
x-cache-hits
1
01j28978hdtsqkyvgpgt.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		844 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j28978hdtsqkyvgpgt.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bb4c4381a3e8d1f1578c25e31101344b7815a54e436b052632c19847a3b6c7f5

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 07:34:41 GMT
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
184225
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j28978hdtsqkyvgpgt.webp"
content-length
844
x-request-id
cbe97398397a26d1e80f8257cbf3780f
x-served-by
cache-iad-kjyo7100152-IAD
last-modified
Mon, 08 Jul 2024 07:34:42 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=844,owidth=1920,oheight=1280,obytes=1343426,ef=(1,13,17,23)
x-timer
S1720424081.031166,VS0,VE524
etag
"ff6be1def77d3ad95fc19fbf98e6d054"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
St3mGu_kXN8-6EMtA1Iw_u-lJskfIcUr6vXyx03FKw0pesSPBg9uxw==
x-cache-hits
0
01j20p6cksrxeamy3865.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_80/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		224 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_80/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j20p6cksrxeamy3865.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
83463d6e8e4fef3ace0dfcbd5ddc249509e89be62718893765dd1963894005b4

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 04:44:40 GMT
via
1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
194426
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j20p6cksrxeamy3865.webp"
content-length
224
x-served-by
cache-iad-kjyo7100176-IAD
x-orig-request-id
6c8f6955841a799627ace5031acc4475
last-modified
Mon, 08 Jul 2024 02:07:30 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=224,owidth=1920,oheight=1280,obytes=1687601,ef=(1,13,17,23)
x-timer
S1720413880.101740,VS0,VE1
etag
"2a242f37908eefb83400854b28f759a3"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
RyQmSdtfckCqLWOEFzvJsHuiYHuOXP5UYU-ZduoH1AgPWjmVxLjZUg==
x-cache-hits
0
01j1tfxa8qfdpfvdptjz.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_62/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		324 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_62/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1tfxa8qfdpfvdptjz.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
be1b2858679b4df2631f0fe63d0df1af25ef9f3155164d6e9abc088a155b4849

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 02:12:47 GMT
via
1.1 43ef856f354a8f27601faed7d5395c74.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
203539
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1tfxa8qfdpfvdptjz.webp"
content-length
324
x-request-id
82a2d0b54a5489ef7671c72aaa5b1249
x-served-by
cache-iad-kjyo7100089-IAD
last-modified
Mon, 08 Jul 2024 02:00:19 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=324,owidth=1920,oheight=1280,obytes=1121864,ef=(1,13,17,23)
x-timer
S1720404767.208575,VS0,VE1
etag
"813aa705fb15f459c20f5ed2e1a2b909"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
2snb3JOMTvKyCmteLAeQznx2yhU29--yMb7tYZd8t7gu_P5cHs9cEg==
x-cache-hits
0
01j1dx7szjme6mr5mvrf.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		852 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1dx7szjme6mr5mvrf.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7e930961df21ef795cecf6d80a22330647d0b077e53164f3b5290b596e6f8e18

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 03:11:27 GMT
via
1.1 7d306155ab8019f7c5a3e7c3468732de.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
200019
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j1dx7szjme6mr5mvrf.webp"
content-length
852
x-served-by
cache-iad-kjyo7100049-IAD
x-orig-request-id
ef8d51db9fcf90f62cd00d5e556263d6
last-modified
Mon, 08 Jul 2024 02:07:32 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=852,owidth=1920,oheight=1080,obytes=888424,ef=(1,13,17,23)
x-timer
S1720408288.724502,VS0,VE1
etag
"1553d8c4268bd1427b22ee88bc1cb7c1"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Yu-Mb8PaawSWd5-lB-0a0n604LbLL_z2c50A9Usp3FKHggKCSaV7fA==
x-cache-hits
0
01j1z7fdct7tdvrhqvmx.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_200/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		328 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_200/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1z7fdct7tdvrhqvmx.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
22c794cffc6969dc33b797e1bd6a57c0bda452a92de70cedf89eb0d3c9dbe376

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 07 Jul 2024 13:33:19 GMT
via
1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
249107
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j1z7fdct7tdvrhqvmx.webp"
content-length
328
x-served-by
cache-iad-kjyo7100080-IAD
x-orig-request-id
5adea404b494c6ac76217ceca9d46f8d
last-modified
Sat, 06 Jul 2024 02:02:15 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=328,owidth=1920,oheight=1280,obytes=1328972,ef=(1,13,17,23)
x-timer
S1720359200.771035,VS0,VE1
etag
"0e1d9cc1019dbede0e98639ed119e2c2"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
z99LI5BZVgSl9shjoG1fdTDTwUi5jO2jRlKtgT8c19fjRQQdv-KbKw==
x-cache-hits
0
01j0kqd5m2hqck40qvsj.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_2508,h_1410,x_29,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/voltaxMediaLibrary/mmsport/385/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_2508,h_1410,x_29,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/voltaxMediaLibrary/mmsport/385/01j0kqd5m2hqck40qvsj.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
44851a2cf2e14a53e9c3914765f37ce158e4abe1e2fb5fcb575b384e98043f1d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 13:15:02 GMT
via
1.1 ccabfbceff64477665e33f03003a399c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
336604
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j0kqd5m2hqck40qvsj.webp"
content-length
4448
x-served-by
cache-iad-kiad7000100-IAD
x-orig-request-id
4b1f624039855856eeefbfca3a03d974
last-modified
Sat, 06 Jul 2024 02:02:15 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=4448,owidth=2860,oheight=1412,obytes=4598995,ef=(1,13,17,23)
x-timer
S1720271703.922296,VS0,VE1
etag
"beef1a79de44a259c96129453e780ca4"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ojZpTYKIdF5wVuQdRwA-k7XAZastvblaYhSJ2xzaBiSppLi3QY5p0w==
x-cache-hits
0
01j1q7qhekp0qta3afms.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_187/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		324 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_187/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1q7qhekp0qta3afms.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
021b513b570824f1f7cbb8128dac19336096b6f520b2642d907e82dbed76df17

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Jul 2024 20:51:41 GMT
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
395605
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1q7qhekp0qta3afms.webp"
content-length
324
x-request-id
7e9d85fe93001298b6d0ac41408bb40c
x-served-by
cache-lga21966-LGA
last-modified
Fri, 05 Jul 2024 20:49:24 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=324,owidth=1920,oheight=1280,obytes=1328972,ef=(1,13,17,23)
x-timer
S1720212701.216164,VS0,VE1
etag
"2c8dddf1f2a13a15ed81de4b569b0885"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
3IH_9Y5C3KfbZbkc3cQS3kLn6shOrMJKm40EfXgk0dLRv0kIVn-DfQ==
x-cache-hits
0
01j1t91fmzsyz4c35rhn.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		310 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1t91fmzsyz4c35rhn.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a96342754999d22562fcec863f6edcf608e21b9501c3f66ce8448453b9bea72

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 07:29:57 GMT
via
1.1 29e51fc5bac0897053e2f02edda4aecc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
530109
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1t91fmzsyz4c35rhn.webp"
content-length
310
x-request-id
c6ad8922ce83b7751a56df9b406e4f1c
x-served-by
cache-iad-kiad7000159-IAD
last-modified
Thu, 04 Jul 2024 07:29:58 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=310,owidth=1920,oheight=1280,obytes=1371952,ef=(1,13,17,23)
x-timer
S1720078197.762188,VS0,VE886
etag
"3cbdf55ce4a53dba2bd92e7ae4bda321"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
-YCiHhGMju0CksiAed68sAFlwN1N4LKIcE1Bw_j-2MDRCQCXOfYHqw==
x-cache-hits
0
01j1qd41rd1ycqx2h08v.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_42/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		164 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_42/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1qd41rd1ycqx2h08v.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7c827d521caf28e87c879d95081ec4cd755e869428059d3ade16012f8d6358b6

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 17:22:12 GMT
via
1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
580974
x-cache
Hit from cloudfront
content-disposition
inline; filename="01j1qd41rd1ycqx2h08v.webp"
content-length
164
x-served-by
cache-iad-kjyo7100023-IAD
x-orig-request-id
8a51d3c9fde205fac135730c7a27e398
last-modified
Wed, 03 Jul 2024 17:20:03 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=164,owidth=1920,oheight=1280,obytes=945666,ef=(1,13,17,23)
x-timer
S1720027332.424591,VS0,VE1
etag
"8d66f03d9e990c5cb596d696c4dc7f42"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
If8QzmUbE0kVQkk1wxbwP2ooqkAPnT-a119t4Zq58nKLm0_PaFfNWQ==
x-cache-hits
0
01j1t1b9efbwcxbthe07.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_50/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/ 		310 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_1920,h_1080,x_0,y_50/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/ImageExchange/mmsport/385/01j1t1b9efbwcxbthe07.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e30020960c2d46da685d797a968f174549d1052a97e986131ef16e93cf1693f2

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 16:09:59 GMT
via
1.1 8696978c2d465ffc3a342761ace51d9e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
585307
x-cache
Hit from cloudfront
status
200 OK
content-disposition
inline; filename="01j1t1b9efbwcxbthe07.webp"
content-length
310
x-request-id
1c85515d8d1934ba1964aaa34c48801b
x-served-by
cache-iad-kjyo7100076-IAD
last-modified
Wed, 03 Jul 2024 10:32:17 GMT
server
CloudFront
surrogate-reporting
width=16,height=9,bytes=310,owidth=1920,oheight=1280,obytes=1297463,ef=(1,13,17,23)
x-timer
S1720023000.864620,VS0,VE1
etag
"617bb82b601327169ed641a4e54b9f48"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
QVzLC9-3IPbBi-NWZ1LOLHh6F8KmgoZDqWnreWVfdLHeUD5ACjU3aA==
x-cache-hits
0
policy.json
cdn.mmctsvc.com/ 		668 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/policy.json?unify=1&country=NL&state=NA&platform=desktop&pageType=HomePage&operatingSystem=other&trafficSource=Direct&commercialTags=&editorialTags=&language=en&mmUserIdentifier=19&eventTimeout=3000&pageURL=https%3A%2F%2Fwinteriscoming.net%2F
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.227.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-28.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86725df14d37f74e0bbf3771f73a97c64eb26c514e6c4c2125909c088cd9e889

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 08:29:16 GMT
via
1.1 5fb9e0c21a061d26e0a1e7ca612b7004.cloudfront.net (CloudFront)
x-amz-request-id
CMEJ9TGZHNNMFVKC
x-amz-cf-pop
LHR61-P5
x-amz-server-side-encryption
AES256
age
1390552
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
668
x-amz-id-2
6kAbrSf3oyZYex74uZ6Bh3fCZLCAYFkEK/sA5UjSLaiA/SHF3a3GiP87owE9J1HNmkfARS3FyafJlwe7syfo4w==
last-modified
Thu, 04 Apr 2024 08:47:23 GMT
server
AmazonS3
etag
"600835e521977a3a4a4f494ef5d94da3"
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
lKBrgHcfcGVG4qSLCdP5OZZNNsg-Eh40H_iQ3kRqgogEbT-ui-_XCQ==
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ca15fb8bec943405b0a2ab78082119971f18ebf0d1eb7d771a1292890c683dd

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:06 GMT
via
1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
248
x-amz-server-side-encryption
AES256
x-accel-date-max
1720172837
x-77-cache
HIT
x-cache
HIT
x-age
2737
x-accel-date
1720605569
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3sQoAAAwBJRPCNAH3hwgAAA
x-accel-expires
@1720609169
x-77-age
2737
last-modified
Fri, 05 Jul 2024 09:05:30 GMT
server
CDN77-Turbo
etag
W/"b106bd0c183303a7d661f13fced07408"
x-77-nzt-ray
90833930552f08e732668e661c116629
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
_2IGdhzVHSF06DCAKwiGe_iFgxaTuX4g04xUIWAj6LklPDrCO9Z9JA==
js
www.googletagmanager.com/gtag/ 		251 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X878ZPFT48&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f645dfeb6370b13f58de88582673023f283dac902390b83454e2c05cc8b82e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90652
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jul 2024 10:45:06 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2298daf078520d7f4917dfcd48a518e8159c14b789a0286dce3b2999965ac98e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91778
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jul 2024 10:45:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 Jul 2024 10:45:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=12, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
4ZqGkA0VyzSZIG1np5xTvw62jXTdbfcS8A8VZhSEtq+vygFKRhkOPOLP5TQ52aIxmZ3iRbUisj0BVN1+nGrosA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
voltaxFlyoutInjector.js
app.fansided.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.fansided.com/scripts/voltaxFlyoutInjector.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:1b:3a6c:1300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7988bfa1e7bdefad6eee21d30705d6d27bf9aeff0076cc4a374f901a041a270

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 09:59:39 GMT
content-encoding
gzip
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jun 2024 12:53:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2728
x-amz-server-side-encryption
AES256
etag
W/"a2f67de0591e15cae8cf6fd11cd7207d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
lHNluk_UUD8eCvLVdzAbvdMpJV6PZapdDaWvZH3MjPHDyXcIQcl5oQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/ 		467 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407030101/pubads_impl.js?cb=31085116
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f8ed2e4e6bc7d75dc8dab7d97ad92e7a611d82ff93d8692535fa9466ab3a3591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 09:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4236
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148836
x-xss-protection
0
server
cafe
etag
13429486672346502663
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 10 Jul 2025 09:34:30 GMT
widget_app_base_1720170198437.js
cdn.userway.org/widgetapp/2024-07-05-09-03-18/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
25eb835d036f9696f166d1955c42500845e00e4473d93fb20ad43939cf7f1acd

Request headers

Referer
https://winteriscoming.net/
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:06 GMT
via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
269
x-amz-server-side-encryption
AES256
x-accel-date-max
1720172838
x-77-cache
HIT
x-cache
HIT
x-age
435468
x-accel-date
1720172838
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3DKUGAAwBJRPCLgH3bwgAAA
x-accel-expires
@1746090679
x-77-age
435468
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"450d1be7460efab44c317e168e2612a9"
x-77-nzt-ray
90833930a22187ee32668e66ffbb962f
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
zU-nkm-0F8ar7ux4J-D3fPvcVeSnWKuG5pTQs-6hCRTCWiOA0VKt8w==
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=45je4730v881192982z872382166za200zb72382166&_p=1720608305882&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=2112727712.1720608307&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&dr=&sid=1720608306&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.sample_rate=100&ep.page_language=en&ep.page_type=HomePage&ep.distribution_channels=none%2C&ep.anonimized=true&ep.traffic_source_to_dfp=Direct&ep.traffic_id_to_dfp=&ep.affiliate_id_hit=&ep.is_article_infinite_scroll_page=false&epn.number_of_article_on_page=1&ep.player_ownership=O%26O&ep.experiment_version_hit=&ep.maxmind_geo_detected_hit=NL&epn.unique_event_id_hit=21&ep.post_fs_site_id=385&ep.post_vertical=ENTERTAINMENT&ep.anonymizeIp=true&ep.cookieFlags=samesite%3Dnone%3Bsecure&ep.platform=desktop&ep.userid_hit=HNtjTAV6BsTQmEIi&ep.userid_user=HNtjTAV6BsTQmEIi&ep.GTM_event_trigger=GTM%20data%20ready%20to%20GA&ep.property=385&ep.is_slideshow=false&ep.finite_scroll_data_exists=false&ep.article_template=none&ep.mmSessionID=iFanJXfgQh7GhsHA&ep.mmUserID=132212017918024950121974213119.&up.affiliate_id_user=&up.experiment_version_user=&up.property=Winter%20is%20Coming&up.geo_detected_user=NL&tfd=2043&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 10:45:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NB8RD6J3M6&cid=2112727712.1720608307&gtm=45je4730v881192982z872382166za200zb72382166&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 10:45:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NB8RD6J3M6&cid=2112727712.1720608307&gtm=45je4730v881192982z872382166za200zb72382166&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&z=1460954109
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 10:45:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X878ZPFT48&gtm=45je4730v894323542z872382166za200zb72382166&_p=1720608305882&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=2112727712.1720608307&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&dr=&sid=1720608306&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.sample_rate=100&ep.page_language=en&ep.page_type=HomePage&ep.distribution_channels=none%2C&ep.anonimized=true&ep.traffic_source_to_dfp=Direct&ep.traffic_id_to_dfp=&ep.affiliate_id_hit=&ep.is_article_infinite_scroll_page=false&epn.number_of_article_on_page=1&ep.player_ownership=O%26O&ep.experiment_version_hit=&ep.maxmind_geo_detected_hit=NL&epn.unique_event_id_hit=21&ep.post_fs_site_id=385&ep.post_vertical=ENTERTAINMENT&ep.anonymizeIp=true&ep.cookieFlags=samesite%3Dnone%3Bsecure&ep.platform=desktop&ep.user_is_connected=no%20attempt&ep.article_template=none&ep.inarticle_links_number=0&ep.inarticle_links=none&ep.advertiser_id=0&ep.previous_page_traffic_source_to_dfp=none&ep.is_slideshow=false&ep.finite_scroll_data_exists=false&ep.mm_user_identifier=132212017918024950121974213119.&ep.agnostic_creative_id=0&ep.userid_hit=HNtjTAV6BsTQmEIi&ep.GTM_event_trigger=GTM%20data%20ready%20to%20GA&ep.property=385&ep.mmSessionID=iFanJXfgQh7GhsHA&ep.mmUserID=132212017918024950121974213119.&up.affiliate_id_user=&up.experiment_version_user=&up.property=Winter%20is%20Coming&up.mmUserID=132212017918024950121974213119.&up.geo_detected_user=NL&tfd=2069&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X878ZPFT48&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 10:45:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
739763452834773
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/739763452834773?v=2.9.160&r=stable&domain=winteriscoming.net&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a07876993f6f62c477ad2d7b426c39bb8c8f3bd9a3efc15dc625506f95fdd89a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 Jul 2024 10:45:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12472
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=47, mss=1297, tbw=63847, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
ooPGdpp4M4nKmzjFafxt0TA1AmN7NT8TBdM6vtPgchSMe8z2ZIv2aUrcwcW8ajot43jiz4WKdtHqSMY6Bikzbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=739763452834773&ev=PageView&dl=https%3A%2F%2Fwinteriscoming.net%2F&rl=&if=false&ts=1720608306842&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720608306841.933925914592598090&ler=empty&cdl=API_unavailable&it=1720608306802&coo=false&rqm=GET
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 Jul 2024 10:45:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/login/
Redirect Chain
  • https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=739763452834773&ev=PageView&dl=https%3A%2F%2Fwinteriscoming.net%2F&rl=&if=false&ts=1720608306842&sw=1600&sh=1200&v=2.9.160&r=stab...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D739763452834773%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwinteriscomin...
0
0
p0xG3SZhEr
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/p0xG3SZhEr
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:3a4b:a641:a48f:59be Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f70cd456a4cf39f9f682852fb2e7ed5d2fb330d62ab498543dbd1a0ec8111540

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
etag
W/"694-Gw0CnmDA1aouI07tvD3sRxMgFcw"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usre6e027f359c445f
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
1684
x-service-version
uw-pr
/
bqstreamer.com/tr/ 		0
275 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbBzQHttjiq11WClG03ZP4Ss86rS08aCK8BMP%2Baeej6VZX9rzlrXhGgKbNqaNov%2BpZNba%2B5mWzWMc9yElxwVs%2FKlJzakCfjMErzz4DPVPAWcfi1msOJy1pBP0e3eW1ADu0MByBIYXMrkQAA0"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65f5ab6364d-FRA
/
bqstreamer.com/tr/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUpYzpbXeyKVSvABL8D58japlm1ipnqJOgEbze4NPCfnpQ6c1%2F7r7g3qFcPpJ2fKo%2FS5pL%2FDgBfWYJW2p0T3P0fR%2BemR4%2BZQN0hxuWq0qW70cto5uvPKKlvAsBjZUQi5hzHaytMQu6UIsuGF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65f6abb364d-FRA
/
bqstreamer.com/tr/ 		0
402 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNe7K3Q5ybRgkpv6ScAQIBgY8e6FyaqC6%2Bgbbi%2FnoJeu3S481A1%2FBhYpFzYCVFAnqmLzfvOSnxaqNlxLUu%2BkM2pzjLKf7pn3%2FltqwDPpFv083SGfvniNRQzWZKQr4IU27F%2BgODLHuiuyLBJv"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65f6abf364d-FRA
/
bqstreamer.com/tr/ 		0
275 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHJC82f2Rq9qss9CXRhaqwUBOxnE9slhYxMwLyYy6mqw8az2MFC8jbdZo2I%2Fuhu7TisUiRKiSTwMBaXOdWbbrro2bqC%2B%2BGhaQ3JdFdJIKWcIyAJQ%2B9p1noulbycEaqZZ9Y41uxMGIVYus8fz"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65f6ac2364d-FRA
/
bqstreamer.com/tr/ 		0
279 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2j5H%2FPNYBvRbhL1bw8Cz4MnS4BpKXSb1hInh5HP%2F56sc1b%2BA%2BfDou40b0D1aRTkuP43EHhAeuYCUgwlGrB8nJnzzZz62brJy40AhdKKxA7Lv6Anz0ETmWRVawSqSJq4KpmUzqd%2FSR1MTsZ%2Fy"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff65f6ac8364d-FRA
apstag.js
c.aps.amazon-adsystem.com/ 		326 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aps.amazon-adsystem.com/apstag.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bd1d4177f0d80cba31cb90cb6f63a3895fd1a1e439fcc62d5249b7c39372f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:19:54 GMT
content-encoding
br
via
1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
x-amz-version-id
Ig4p84Sj2c_0F4OD4PLNK6bsapSJwtfk
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P10
age
1514
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 08 Jul 2024 17:54:37 GMT
server
AmazonS3
etag
W/"e67aa2e9438d441b441e1fb7c4688736"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
49S4lM0r6DjXLDa3BNY67Cpes-2OB9LoDiDt6pjkptbYW64Y-4IBsg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 05:04:52 GMT
x-amz-cf-pop
FRA56-P6
age
20447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
fEuzNm_IbdvbvtEh1QpXPCpG6T-7gUzHUXjbxl90u0bY-PSRL2MIFw==
3777
config.aps.amazon-adsystem.com/configs/ 		531 B
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3777
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-92.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
fc28bae6a69e446e58797c13d4117dc7a8c51f78624f326cee9307e90868a0c6

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:25:19 GMT
via
1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
1188
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
531
x-amz-cf-id
qDRnb1Kvyv7maCICVZqtioJ2vh7MEasdP72ynOcHFRJixdh2r8cWyg==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2Fwinteriscoming.net
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
bb30806a921a35e06a5446d679b0c669ddcad0dd480bd7d80b9f37791cb0e435

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 09:39:16 GMT
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
3950
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://winteriscoming.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3335
x-amz-cf-id
ODAW1YM0xOu-ZFxNdh-s_d0LYADU71LipoTmk91vfcWVarlEva4ZDw==
/
bqstreamer.com/tr/ 		0
275 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3CiyH8usyWfZ%2F96iYDNbXHOk25nX968DP9Y%2FwVgmhyxeUfr5Br0GapfGjLKnM%2FRdYVxa3W2S228gpHl3ZLYJtFLyBeZFOsHWNFiLUud1Pd3SZ5Il%2FlcaW7toz1FBgaGLbokHlTwUcaaNJld"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a0ff660ece5364d-FRA
en-US.json
cdn.userway.org/widgetapp/2024-07-05-09-03-18/locales/ 		621 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:07 GMT
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
240
x-amz-server-side-encryption
AES256
x-accel-date-max
1720172844
x-77-cache
HIT
x-cache
HIT
x-age
435463
x-accel-date
1720172844
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3B6UGAAwBnJIhJwH3jQgAAA
x-accel-expires
@1746090655
x-77-age
435463
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray
90833930a22187ee33668e660647c01c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
31shi0nbtnecgAb8xwYEM8eG9M_Ng7XilKgIsIgZUUQ_c2296-yFBw==
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/39474863-a748-40f1-9018-27d1ee3c474c/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/39474863-a748-40f1-9018-27d1ee3c474c/launchpad-liveramp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-84.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1864c515cb8d27edeeb06d1c47b0eac409d3611d6d979efb9e38c66c2484e01a

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6IIMIgDAOpo3GDT6YNylrbTHNZvzX7pI
content-encoding
gzip
via
1.1 54539657e1cb0d581a1136c9b6cc01a6.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 04:39:29 GMT
x-amz-cf-pop
MXP63-P1
age
21939
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Mon, 01 Jul 2024 14:04:14 GMT
server
AmazonS3
etag
W/"8889243b46347876dc5fb4ad3d75e93b"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
DMOwffg_4sgFaX6fYvikr6AZcANzrXt1f0Al4fk6kGzyVWfV0i9LVQ==
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d621ece174f701a9bb80e8a4db61772f79e70d59a25287cd9a63b465beb6d3a

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 18:45:07 GMT
content-encoding
gzip
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 18:17:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
57601
etag
W/"ba8d0ff42c9c25a1add6ec7e064ff56f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
IAsF_CqjVQ_UNT8Z0mIgkNoBv_4Rm9y2eZjw_M3jx3sEZcl73oNRug==
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwinteriscoming.net%2F&ref=&_it=amazon&partner_id=454
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNMNHQXA94JVW78
age
4199
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8a0ff662cf4e9bc8-FRA
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Wed, 10 Jul 2024 11:00:07 GMT
favicon_2-7584840191d9f13dce826391650b7201.ico
images2.minutemediacdn.com/image/upload/c_fill,w_1440,ar_1:1,f_auto,q_auto,g_auto/shape/cover/sport/ 		10 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://images2.minutemediacdn.com/image/upload/c_fill,w_1440,ar_1:1,f_auto,q_auto,g_auto/shape/cover/sport/favicon_2-7584840191d9f13dce826391650b7201.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:5c00:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b9208aee0398bda39abb57c76a1af722d0e7a03a49644ce2f531ca20913004ec

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 23:19:55 GMT
via
1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront), 1.1 varnish, 1.1 9dba3ae645587c3cf23f9d232c9cb4e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
18703512
x-cache
Hit from cloudfront
content-disposition
inline; filename="favicon_2-7584840191d9f13dce826391650b7201.webp"
content-length
10140
x-served-by
cache-iad-kiad7000032-IAD
last-modified
Mon, 01 May 2023 17:55:58 GMT
server
CloudFront
surrogate-reporting
width=1440,height=1440,owidth=256,oheight=256,obytes=100657
x-timer
S1701904795.258367,VS0,VE1
etag
"58c5978188a0efdf85364a6888a22140"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
PawegHspI00xL_4RoG6iCDsCbDimfiBDdcIgyXTQKsvluhxVqUs6jw==
x-cache-hits
1
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Wed, 10 Jul 2024 11:00:07 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.45.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-45-15.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c00fba3c8b63f04d1a6a1ad381687ddf281b9797b9946bf9f4191df6e07e8e03

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 10:45:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache
x-server
10.45.17.204
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ 		103 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=winteriscoming.net&url=https://winteriscoming.net/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwinteriscoming.net%2F&ref=&_it=amazon&partner_id=454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5507ffe86bee952e2678ffe4dd71356b8e2e79d8be4c0a8d21716c125a37a705

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8a0ff664494f9f31-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=winteriscoming.net&url=https://winteriscoming.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://winteriscoming.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8a0ff66378119f31-FRA
content-length
0
content-type
application/json
date
Wed, 10 Jul 2024 10:45:07 GMT
debug
OPTIONS block
expires
Thu, 10 Jul 2025 10:45:07 GMT
server
cloudflare
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		155 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/39474863-a748-40f1-9018-27d1ee3c474c/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f3b1f8338765052b8997f05c84f174819a9ddf6be230a213a28e08e18814b15

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
_TI.1jbqvSJo.LKwY0QUykU_4fkAFecP
content-encoding
br
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
date
Wed, 10 Jul 2024 10:07:02 GMT
last-modified
Mon, 01 Jul 2024 11:09:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2286
x-amz-server-side-encryption
AES256
etag
W/"252663f5c16b21323bb27421a73bf2b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
hUyJspRfhaVBMzAi2roKV8c-eqaeC1gWZx3ERxx2YR8cDUlOxeib9g==
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Wed, 10 Jul 2024 11:15:07 GMT
/
geo.privacymanager.io/ 		28 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-43.mxp63.r.cloudfront.net
Software
/
Resource Hash
2c65586be9297925e51e5d5e91165d440da4f00a7e536f8412754e33985fd3a3

Request headers

Accept
application/json
Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jul 2024 04:07:23 GMT
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront), 1.1 57df6814b1514a53c272681e0f33a546.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MXP63-P3
age
23865
x-amzn-trace-id
Root=1-668e08fb-72b95e6764f6bf99059c44c7;Parent=0e774a58eab7f6f7;Sampled=0;lineage=06620786:0
x-amzn-requestid
b38a9f3c-4cb1-46c3-89bc-b5ba74b1d210
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
arZXRGA_joEEcDw=
content-length
28
x-amz-cf-id
iWZoWhl35pxaRRoz7938WeUjAli-_eRj-oMof_X4YBboBE0nN1u05g==
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-43.mxp63.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://winteriscoming.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 10 Jul 2024 10:45:08 GMT
via
1.1 34d457763037634fb4577f449ab0e6c4.cloudfront.net (CloudFront), 1.1 57df6814b1514a53c272681e0f33a546.cloudfront.net (CloudFront)
x-amz-apigw-id
asToLEA9DoEEsww=
x-amz-cf-id
F7fxVi6I_7sGLLPP5Kq2TQkL-MTQ4f6bBR-zKzOwqG9a3VHNBDOycQ==
x-amz-cf-pop
MXP53-P1 MXP63-P3
x-amzn-requestid
d9eb0f01-077a-494b-b58b-f0aa02e00971
x-cache
Miss from cloudfront
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:07 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Wed, 10 Jul 2024 11:00:07 GMT
remediation_1720170198437.js
cdn.userway.org/widgetapp/2024-07-05-09-03-18/remediation/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/remediation/remediation_1720170198437.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e72e0468933897033b8b749247591afd87f46e083a75f7155a6e205b12269eb6

Request headers

Referer
https://winteriscoming.net/
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:07 GMT
via
1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
229
x-amz-server-side-encryption
AES256
x-accel-date-max
1720172841
x-77-cache
HIT
x-cache
HIT
x-age
435466
x-accel-date
1720172841
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3CqUGAAwB1GY4EQH3iggAAA
x-accel-expires
@1746090655
x-77-age
435466
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"a97ff4066a313f42c9e638589621f3da"
x-77-nzt-ray
90833930a22187ee33668e664055db3a
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
DS3TkvpiryXbT0mX90wxp6bacCQcX9fFbH8mraT1-I7qO5UohJmSyA==
hldKGtTKXEyHS3Zc.json
cdn.userway.org/remediations/consolidated/3505957/ 		1 MB
257 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/3505957/hldKGtTKXEyHS3Zc.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c974c7056ae19409b41f43c0f0e059a8521b7a6e14c5a7073abca4bf45712900

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:07 GMT
via
1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720561773
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
46534
x-accel-date
1720561773
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3xrUAAAwBJRPCMQH3mwYAAA
x-accel-expires
@1752096082
x-77-age
46534
last-modified
Tue, 09 Jul 2024 21:21:19 GMT
server
CDN77-Turbo
etag
W/"a74348218d8fbfd7e2bfbfb95e6c2b66"
x-77-nzt-ray
90833930a22187ee33668e66b415c93a
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
BYuU0VGfOhTy0SGbGg_ka078kPc191ZcOl8E-k4kX7x8Kk0r6LLb8Q==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:08 GMT
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720172840
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
435468
x-accel-date
1720172840
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3DKUGAAwBnJIhJwH3jggAAA
x-accel-expires
@1746090650
x-77-age
435468
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
90833930552f08e734668e661fc4f800
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
AyFyno5p1fbfAUVOI1kcGEsk3W0Hzp0HcZrzg7KqtULTx_ziAhOfQg==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:08 GMT
via
1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720172839
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
435469
x-accel-date
1720172839
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3DaUGAAwBnJIhJwH3jQgAAA
x-accel-expires
@1746090650
x-77-age
435469
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
90833930552f08e734668e66564f0001
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
gQjoVotf2srr_wLW1xgpIIKMtfvQlTnrmnVGiRDl2Rs-4I5vNAym8w==
454
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/454?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d896fad876cf42b27ef5e0e72449990a68e2b57d9a92a574c1c50e4dbda5a5

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jul 2024 10:40:26 GMT
server
cloudflare
age
15
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8a0ff6658d2b18ef-FRA
remediation-tool.js
cdn.userway.org/remediation/2024-07-05-09-03-18/paid/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-07-05-09-03-18/paid/remediation-tool.js?ts=1720170198437
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e095a6c7dc595c08b4b707eb1018c38129cbf024c95fb34968aeed9496789897

Request headers

Referer
https://winteriscoming.net/
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:08 GMT
via
1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
229
x-amz-server-side-encryption
AES256
x-accel-date-max
1720172841
x-77-cache
HIT
x-cache
HIT
x-age
435467
x-accel-date
1720172841
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3C6UGAAwB1GY4EQH3iQgAAA
x-accel-expires
@1746090656
x-77-age
435467
last-modified
Fri, 05 Jul 2024 09:05:28 GMT
server
CDN77-Turbo
etag
W/"a265208a00efc4bed995b31bfe16794c"
x-77-nzt-ray
90833930a22187ee34668e668d94b709
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
_SNQsLRCN7MSyI4uaQJ1emrLEFA96T6_gpgNnnEYXKg22gMVaLhtkA==
hldKGtTKXEyHS3Zc.json
cdn.userway.org/remediations/consolidated/3505957/ 		1 MB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/3505957/hldKGtTKXEyHS3Zc.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-05-09-03-18/paid/remediation-tool.js?ts=1720170198437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c974c7056ae19409b41f43c0f0e059a8521b7a6e14c5a7073abca4bf45712900

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:07 GMT
via
1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1720561773
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
46534
x-accel-date
1720561773
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3xrUAAAwBJRPCMQH3mwYAAA
x-accel-expires
@1752096082
x-77-age
46534
last-modified
Tue, 09 Jul 2024 21:21:19 GMT
server
CDN77-Turbo
etag
W/"a74348218d8fbfd7e2bfbfb95e6c2b66"
x-77-nzt-ray
90833930a22187ee33668e66b415c93a
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
BYuU0VGfOhTy0SGbGg_ka078kPc191ZcOl8E-k4kX7x8Kk0r6LLb8Q==
nav_menu_helper_1720170198437.js
cdn.userway.org/widgetapp/2024-07-05-09-03-18/remediation/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/remediation/nav_menu_helper_1720170198437.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

Referer
https://winteriscoming.net/
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:09 GMT
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
229
x-amz-server-side-encryption
AES256
x-accel-date-max
1720172845
x-77-cache
HIT
x-cache
HIT
x-age
435464
x-accel-date
1720172845
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBw7WvDgH3CKUGAAwBnJIhHwH3jAgAAA
x-accel-expires
@1746090657
x-77-age
435464
last-modified
Fri, 05 Jul 2024 09:05:24 GMT
server
CDN77-Turbo
etag
W/"d5babf1f477d0f7bf4044b0693b956d9"
x-77-nzt-ray
90833930a22187ee35668e66d26fc909
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
SvRPYb21cJ6WW9XQnTuSwf44mcxicNKWoSYHFrPLuvjFAVcRMTFBWQ==
alts.json
cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/oWJWEGyCBMMDqOFP/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/oWJWEGyCBMMDqOFP/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_1920%2Ch_1080%2Cx_0%2Cy_0%2Fc_fill%2Cw_720%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FImageExchange%252Fmmsport%252F385%252F01j2c8xgvfycrp5d25pa.jpg%22%2C%22alt%22%3A%22House%20of%20the%20Dragon%20season%202%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwinteriscoming.net%2F%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://winteriscoming.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=604800
date
Wed, 10 Jul 2024 10:45:09 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
EggBw7WvDgAACAHUZjgRAAA
x-77-nzt-ray
90833930972e91d435668e666a319d31
x-77-pop
frankfurtDE
x-service-version
img-dscr-srv-c596a939
alts.json
cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/oWJWEGyCBMMDqOFP/ 		368 B
877 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505957/oWJWEGyCBMMDqOFP/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_1920%2Ch_1080%2Cx_0%2Cy_0%2Fc_fill%2Cw_720%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FImageExchange%252Fmmsport%252F385%252F01j2c8xgvfycrp5d25pa.jpg%22%2C%22alt%22%3A%22House%20of%20the%20Dragon%20season%202%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwinteriscoming.net%2F%22%7D
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-05-09-03-18/paid/remediation-tool.js?ts=1720170198437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f6268190a35f97118885203805f457e71e58fc6a6dd30681a449e89c1217ea3e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-77-pop
frankfurtDE
date
Wed, 10 Jul 2024 10:45:10 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
MISS
x-accel-date
1720555393
alt-svc
h3=":443"; ma=86400
x-service-version
img-dscr-srv-c596a939
x-77-nzt
EggBw7WvDgFBDAHUZjgRAfe1zgAA
x-accel-expires
@1721160193
x-77-age
52917
server
CDN77-Turbo
etag
W/"170-rPYjg0oHveXTCsN/DCdd2E2d/rg"
x-77-nzt-ray
90833930972e91d436668e66fc59d201
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=604800
vary
Accept-Encoding
access-control-allow-headers
*
3505957
api.userway.org/api/br-links/v0/contribute/ 		51 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/contribute/3505957
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-05-09-03-18/paid/remediation-tool.js?ts=1720170198437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:3a4b:a641:a48f:59be Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:10 GMT
etag
W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
51
x-service-version
apps-ddb67952
3505957
api.userway.org/api/br-links/v0/links/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links/3505957
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-05-09-03-18/paid/remediation-tool.js?ts=1720170198437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:3a4b:a641:a48f:59be Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a9f56152cbb4b343d9272980d78899c0d969ec2e8de1cf0d51f70140982bc35c

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:10 GMT
content-encoding
gzip
etag
W/"8b0-JDA3cM70Fe1vrG6R60/U5RFkfpI"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=300, public
vary
Accept-Encoding
access-control-allow-headers
*
x-service-version
apps-ddb67952
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=45je4730v881192982z872382166za200zb72382166&_p=1720608305882&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=2112727712.1720608307&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dl=https%3A%2F%2Fwinteriscoming.net%2F&dt=Game%20of%20Thrones%20and%20sci-fi%2Ffantasy%20news%2C%20TV%2C%20and%20movies&dr=&sid=1720608306&sct=1&seg=0&_s=2&tfd=7046&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jul 2024 10:45:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwinteriscoming.net%2F/DESKTOP/WIDGET_ON/ 		77 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwinteriscoming.net%2F/DESKTOP/WIDGET_ON/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-05-09-03-18/widget_app_base_1720170198437.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:3a4b:a641:a48f:59be Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 10:45:13 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-e487c77f

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D739763452834773%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwinteriscoming.net%252F%26rl%26if%3Dfalse%26ts%3D1720608306842%26sw%3D1600%26sh%3D1200%26v%3D2.9.160%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1720608306841.933925914592598090%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720608306802%26coo%3Dfalse%26rqm%3DFGET

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| webVitals string| id function| __tcfapi function| __uspapi object| dataLayer object| mmClientApi object| placeholders object| grumi object| __RENDERED_CLASS_NAMES__ object| __PRELOADED_STATE__ object| googletag object| win object| doc object| device object| mmPrebid object| _pbjsGlobals object| regeneratorRuntime object| mmCmd object| mmA9Data function| mmTrack object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| mmLineItemsData object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners object| DidomiSanitizing object| didomiState object| google_tag_manager object| google_tag_data object| __mmClientApiSubscriptions__ object| mmPageData function| postscribe object| google_tag_manager_external function| fbq function| _fbq function| mmTrackError function| mmGetDefaultData function| mmTrackEvent function| validateElementType object| params string| country string| platform string| distributionChannels string| mmSessionId string| mmUserId function| onAdImpressionReports function| trackPlayerEmbed function| registerToEventsPlayer object| ggeac object| google_js_reporting_queue object| UserWayWidgetApp object| gaGlobal object| webpackJsonp object| google_reactive_ads_global_state function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| __uspapiBuffer object| apstag object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha object| cnvr_launcher_options object| conversant function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ja object| sync16576_ka object| sync16576_r object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_ea function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_ga function| sync16576_fa function| sync16576_ha function| sync16576_ia function| sync16576_s function| sync16576_u function| sync16576_v function| sync16576_w function| sync16576_la function| sync16576_ma function| sync16576_x function| sync16576_na function| sync16576_y function| sync16576_z function| sync16576_t function| sync16576_B function| sync16576_oa function| sync16576_pa function| sync16576_qa function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_ra function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_J function| sync16576_L function| sync16576_K function| sync16576_M function| sync16576_N function| sync16576_I function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_O function| sync16576_P function| sync16576_ya function| sync16576_Q function| sync16576_za function| sync16576_Aa function| sync16576_Ba function| sync16576_R function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_Fa function| sync16576_S function| sync16576_Ga function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Ha function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_Ia function| sync16576_2 function| sync16576_Ka function| sync16576_Ja function| sync16576_3 function| sync16576_4 function| sync16576_La function| sync16576_Oa function| sync16576_Na function| sync16576_Ma function| sync16576_Qa function| sync16576_Sa function| sync16576_Pa function| sync16576_6 function| sync16576_Ra function| sync16576_Va function| sync16576_Ua function| sync16576_Ta function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Wa function| sync16576_Xa function| sync16576_Ya function| sync16576_Za function| sync16576_9 function| sync16576__a function| sync16576_$ function| sync16576_0a function| sync16576_1a function| sync16576_2a object| hadron boolean| __halo_loaded__ object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| publink_options object| coreid object| UserWay object| au function| __awaiter function| __generator function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| runMenuRemediationScript

15 Cookies

Domain/Path Name / Value
winteriscoming.net/ Name: cityCode
Value: NA
winteriscoming.net/ Name: stateCode
Value: NA
winteriscoming.net/ Name: countryCode
Value: NL
winteriscoming.net/ Name: mm-session-id
Value: iFanJXfgQh7GhsHA
winteriscoming.net/ Name: mm-user-id
Value: HNtjTAV6BsTQmEIi
winteriscoming.net/ Name: mm-session-interval
Value: 4
winteriscoming.net/ Name: mm-user-interval
Value: 91
winteriscoming.net/ Name: mm-referrer
Value: noreferrer
.winteriscoming.net/ Name: _ga
Value: GA1.1.2112727712.1720608307
.winteriscoming.net/ Name: _ga_X878ZPFT48
Value: GS1.1.1720608306.1.0.1720608306.0.0.0
.winteriscoming.net/ Name: _fbp
Value: fb.1.1720608306841.933925914592598090
winteriscoming.net/ Name: mm-policy
Value: default
winteriscoming.net/ Name: mmSession
Value: iFanJXfgQh7GhsHA
.winteriscoming.net/ Name: _ga_NB8RD6J3M6
Value: GS1.1.1720608306.1.0.1720608307.59.0.0
.ad.gt/ Name: au_3p_check
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
api.userway.org
app.fansided.com
assets.minutemediacdn.com
bcp.crwdcntrl.net
bqstreamer.com
c.amazon-adsystem.com
c.aps.amazon-adsystem.com
cdn.hadronid.net
cdn.mmctsvc.com
cdn.userway.org
cdn77.api.userway.org
config.aps.amazon-adsystem.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
id.hadron.ad.gt
images2.minutemediacdn.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
proc.ad.cpe.dotomi.com
region1.analytics.google.com
region1.google-analytics.com
rumcdn.geoedge.be
sdk.privacy-center.org
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.crwdcntrl.net
winteriscoming.com
winteriscoming.net
www.facebook.com
www.google.nl
www.googletagmanager.com
www.facebook.com
108.138.6.136
108.139.243.43
13.32.27.70
142.250.184.226
18.165.227.28
18.245.31.92
18.66.196.84
2001:4860:4802:32::36
23.215.22.18
2600:1f14:5db:eb11:3a4b:a641:a48f:59be
2600:9000:20eb:9600:19:4ac0:c3c0:93a1
2600:9000:214f:3800:1b:3a6c:1300:93a1
2600:9000:21f3:ea00:a:3342:cb00:93a1
2600:9000:2250:3a00:18:ed96:9000:93a1
2600:9000:2449:5c00:14:3f07:afc0:93a1
2600:9000:2491:6600:4:b37b:9440:93a1
2600:9000:26e8:d400:5:b7cc:d3c0:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:267
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:828::2003
2a00:1450:400c:c04::9d
2a02:6ea0:c700::10
2a02:fa8:8806:21::1780
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3121::3
3.161.82.120
3.161.82.55
52.49.45.15
65.9.66.68
01ab6627bfe5f7f04f87b2075541473aa62968503a12c3759e8140d5cbf3cc26
021b513b570824f1f7cbb8128dac19336096b6f520b2642d907e82dbed76df17
04d896fad876cf42b27ef5e0e72449990a68e2b57d9a92a574c1c50e4dbda5a5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a96342754999d22562fcec863f6edcf608e21b9501c3f66ce8448453b9bea72
0d621ece174f701a9bb80e8a4db61772f79e70d59a25287cd9a63b465beb6d3a
1864c515cb8d27edeeb06d1c47b0eac409d3611d6d979efb9e38c66c2484e01a
1b8e4563a4a7691afd5f46d27af8ac68945150647410ffd81c8179fa3a1baeab
21d39a5fe1d0b7cb9d808919716f3e7fbbbe15c6d2d965692cd6dde8c03c7323
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2298daf078520d7f4917dfcd48a518e8159c14b789a0286dce3b2999965ac98e
22c794cffc6969dc33b797e1bd6a57c0bda452a92de70cedf89eb0d3c9dbe376
25eb835d036f9696f166d1955c42500845e00e4473d93fb20ad43939cf7f1acd
296231ba09bcfc319d9a13e36cac057d9c9ebd34655e264cca6bcd21b1a032ed
2c65586be9297925e51e5d5e91165d440da4f00a7e536f8412754e33985fd3a3
306b0b93a52cbff8ca715df368598b3c48747f77c6b9b6aeabba3d8285606b6c
38b6d8f60b4713a3dbaedfe8883f9ef679bc57d79f80c04613bb2f1b1fa6576e
3a1835fa1aefc9b2c27bedbc20d4d69d21bc4a65977e77b055a0b1bf01838d59
3c765ac23b9fe8fba7666a899f8e1930d40a42db782887476b43ccbe06eb0e1d
40fd2df95e9e9aa804c9c6007e04eee3a154b8533cd48984520ecb56a9cb0946
44851a2cf2e14a53e9c3914765f37ce158e4abe1e2fb5fcb575b384e98043f1d
465fcc22a8d03db25f15da540b733de0c636465839c7ef99c6dcb233a50af04c
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4ad423ec7bd6ed6ffbbe09bd620eb7fbc1f6b840fb779c89d133aae8f9263b77
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
544dc5dcb79bffd5d7d760ec32e9f41458f77262e712d566799dbe9ee870279e
5507ffe86bee952e2678ffe4dd71356b8e2e79d8be4c0a8d21716c125a37a705
59dfe59ce65410f4cd3c08e526990ad29147b182b0374ebae8723aeb6fcffe0d
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
646992ac1f8a44556f3eb29d69eeb9f97e6c869ee11a18ec4581174f9a5e9499
6ca15fb8bec943405b0a2ab78082119971f18ebf0d1eb7d771a1292890c683dd
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7c827d521caf28e87c879d95081ec4cd755e869428059d3ade16012f8d6358b6
7e930961df21ef795cecf6d80a22330647d0b077e53164f3b5290b596e6f8e18
8064822666206cffb0c8129fad6ca73adbc03bacbc0a707780f118d3ad4fb6bb
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
83463d6e8e4fef3ace0dfcbd5ddc249509e89be62718893765dd1963894005b4
86725df14d37f74e0bbf3771f73a97c64eb26c514e6c4c2125909c088cd9e889
8923f3d0ba39ebf9b01795a763daee435124285f4ea530bced6812077cf39f47
8e4ae968c44c730791048c4a5aa7e0e981455db389a3a19ef25ce6000ef91821
928a0e0ef93a12c07bf3de13365cf5dfacd3ddf1348ceb9b2375e27b60ce1bc8
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
996aac5478fc6850d2af68a17443b0ce132601379a7b2a6a50c02bb6e3dcdaa7
9b145b60b8fd3c31f5eab8b3ab2291d901b81965bcc712180ee37eff8cfa6089
9b484fe8b833192180baa0c957e396b4bae4955010a25b35cc33503d12a32cf4
9bd1d4177f0d80cba31cb90cb6f63a3895fd1a1e439fcc62d5249b7c39372f1b
9c5837b840d01cddd50bac3b63fecfbf48d79b05c2df7bc65ab30a84d9e4e46d
9f3b1f8338765052b8997f05c84f174819a9ddf6be230a213a28e08e18814b15
a07876993f6f62c477ad2d7b426c39bb8c8f3bd9a3efc15dc625506f95fdd89a
a2807189054c393597b0d0c705622337fbcccbd830d2fc4096fe04ea272764f2
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a9f56152cbb4b343d9272980d78899c0d969ec2e8de1cf0d51f70140982bc35c
ab828a6248c5b0b5276efb11988eedcc6aa53f08098ecd67ff454ed65a89e8ae
abf4d6ba8af51baf687ac22a8029b32dc239696e6d0eac085036f778dd2d58e3
ae66a6bfeda36f14aee99589a98078c3d8ffa82a4ce443e11229864de21b68f8
b11477ff618dfcd4c21694a326c74a914f5d903b8a90f8c9532768524556e6db
b7a1332c9ac38288340b06dd71628a986be2459c54438d526016272393018e0f
b9208aee0398bda39abb57c76a1af722d0e7a03a49644ce2f531ca20913004ec
bad1a45722abd15022bf889fefa530301f4bfbdec458a41a2c302a678cd481dc
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb30806a921a35e06a5446d679b0c669ddcad0dd480bd7d80b9f37791cb0e435
bb4c4381a3e8d1f1578c25e31101344b7815a54e436b052632c19847a3b6c7f5
bd2ead78cad296168690d755c8811f6853cddfbf4e12e84d447df77689424967
be1b2858679b4df2631f0fe63d0df1af25ef9f3155164d6e9abc088a155b4849
c00fba3c8b63f04d1a6a1ad381687ddf281b9797b9946bf9f4191df6e07e8e03
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46c8ce447846b5d0c03a5e585dd2350d8f217944665e365729e1a7f05ac6c07
c4a5ad56cd8026f757032435604adbdaa8a73177b6740b651111b26d9e221ca6
c974c7056ae19409b41f43c0f0e059a8521b7a6e14c5a7073abca4bf45712900
cca9481fed0f980f3f0283b84e40799c2cca0e1fc5a1cd2538ae12fb19289005
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d624f6b214f995cf806fbe990eca196954f1af230ff939de8bd8b28f37102d0b
d7988bfa1e7bdefad6eee21d30705d6d27bf9aeff0076cc4a374f901a041a270
dfb651a5c762cc020b6fd889a4151fcfb040587d87e68e821b85f95936aa727c
e095a6c7dc595c08b4b707eb1018c38129cbf024c95fb34968aeed9496789897
e30020960c2d46da685d797a968f174549d1052a97e986131ef16e93cf1693f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72e0468933897033b8b749247591afd87f46e083a75f7155a6e205b12269eb6
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a632b834b69b827d5dbfaaf5792ca5e87009c31bc2777c381f23ff50798e57
f24d23d21c0a0acf94f9e3e2fba4532ad917c7179d6937e27300c9cf7b277383
f6268190a35f97118885203805f457e71e58fc6a6dd30681a449e89c1217ea3e
f645dfeb6370b13f58de88582673023f283dac902390b83454e2c05cc8b82e64
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70cd456a4cf39f9f682852fb2e7ed5d2fb330d62ab498543dbd1a0ec8111540
f8ed2e4e6bc7d75dc8dab7d97ad92e7a611d82ff93d8692535fa9466ab3a3591
fc28bae6a69e446e58797c13d4117dc7a8c51f78624f326cee9307e90868a0c6