winteriscoming.net Open in urlscan Pro
2a02:26f0:ef::5c7b:c27a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winteriscoming.net/
Effective URL:
https://winteriscoming.net/
Submission Tags: tranco_l324
Submission: On November 03 via api (November 3rd 2021, 11:39:18 am UTC) from DE — Scanned from DE

Summary HTTP 153 Redirects Links 91 Behaviour Indicators

Summary

This website contacted 49 IPs in 4 countries across 32 domains to perform 153 HTTP transactions. The main IP is 2a02:26f0:ef::5c7b:c27a, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is winteriscoming.net.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.

This is the only time winteriscoming.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c27a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
19	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c2bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
12	2.16.186.24 2.16.186.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:236... 2600:9000:236e:d400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.80 52.222.206.80	16509 (AMAZON-02) (AMAZON-02)
5	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.204.98.90 143.204.98.90	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6814:6a3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
2	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	35.190.48.184 35.190.48.184	15169 (GOOGLE) (GOOGLE)
1	23.37.32.235 23.37.32.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2606:4700:20:... 2606:4700:20::ac43:4771	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.225.50 92.123.225.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:10:... 2606:4700:10::6814:6b3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:7400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	34.247.9.63 34.247.9.63	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:da00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:e600:17:62f0:2dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
4	18.66.97.52 18.66.97.52	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.97.80 18.66.97.80	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:2250:ac00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.120.117.212 34.120.117.212	15169 (GOOGLE) (GOOGLE)
5	35.155.79.112 35.155.79.112	16509 (AMAZON-02) (AMAZON-02)
1	54.72.188.165 54.72.188.165	16509 (AMAZON-02) (AMAZON-02)
3	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:3200:b:13ba:bb40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:fc00:1b:3a6c:1300:93a1	16509 (AMAZON-02) (AMAZON-02)
153	49

7 2a02:26f0:ef::5c7b:c27a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

winteriscoming.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:ef::5c7b:c2bb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fansided.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.16.186.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-24.deploy.static.akamaitechnologies.com

images2.minutemediacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:236e:d400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-80.fra56.r.cloudfront.net

d3ujids68p6xmq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-90.fra50.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6814:6a3e (United States)

ASN13335 (CLOUDFLARENET, US)

omny.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.omny.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.48.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.48.190.35.bc.googleusercontent.com

gammamaximum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.32.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-32-235.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4771 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.225.50 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-50.deploy.static.akamaitechnologies.com

middycdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:6b3e (United States)

ASN13335 (CLOUDFLARENET, US)

assets.omny.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.247.9.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:da00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:e600:17:62f0:2dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.raygun.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.80 (United States)

ASN16509 (AMAZON-02, US)

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:ac00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.117.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.117.120.34.bc.googleusercontent.com

ls.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.155.79.112 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-79-112.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.188.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-188-165.eu-west-1.compute.amazonaws.com

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:3200:b:13ba:bb40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.omnycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

memorizeneck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:fc00:1b:3a6c:1300:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.fansided.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	fansided.com cdn.fansided.com app.fansided.com	193 KB
12	minutemediacdn.com images2.minutemediacdn.com	140 KB
10	browsiprod.com cdn.browsiprod.com events.browsiprod.com yield-manager.browsiprod.com	85 KB
10	revcontent.com assets.revcontent.com trends.revcontent.com img.revcontent.com cdn.revcontent.com images.revcontent.com	148 KB
9	skimresources.com s.skimresources.com t.skimresources.com p.skimresources.com r.skimresources.com ls.skimresources.com	22 KB
8	gstatic.com fonts.gstatic.com	186 KB
8	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net	147 KB
7	google-analytics.com www.google-analytics.com	59 KB
7	omny.fm omny.fm assets.omny.fm	393 KB
7	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	178 KB
7	winteriscoming.net 1 redirects winteriscoming.net	47 KB
6	ad-score.com js.ad-score.com data.ad-score.com	115 KB
6	equalweb.com cdn.equalweb.com	28 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	9 KB
4	googletagmanager.com www.googletagmanager.com	225 KB
3	google.de www.google.de	715 B
3	google.com analytics.google.com www.google.com	957 B
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	memorizeneck.com memorizeneck.com	651 B
2	facebook.com www.facebook.com	399 B
2	facebook.net connect.facebook.net	114 KB
2	amazon-adsystem.com c.amazon-adsystem.com	39 KB
1	omnycontent.com www.omnycontent.com	16 KB
1	raygun.io cdn.raygun.io	20 KB
1	adsafeprotected.com static.adsafeprotected.com	482 B
1	akamaihd.net middycdn-a.akamaihd.net	1 KB
1	optimizely.com cdn3.optimizely.com	700 B
1	gammamaximum.com gammamaximum.com	30 KB
1	sharethrough.com native.sharethrough.com	74 KB
1	cloudfront.net d3ujids68p6xmq.cloudfront.net	42 KB
1	webcontentassessor.com scripts.webcontentassessor.com	60 KB
153	32

	Domain	Requested by
19	cdn.fansided.com	winteriscoming.net cdn.fansided.com
12	images2.minutemediacdn.com	winteriscoming.net
8	fonts.gstatic.com	fonts.googleapis.com cdn.fansided.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com assets.omny.fm cdn.raygun.io
7	winteriscoming.net	1 redirects winteriscoming.net
6	trends.revcontent.com	assets.revcontent.com
6	cdn.equalweb.com	winteriscoming.net cdn.equalweb.com
5	events.browsiprod.com	cdn.browsiprod.com
5	quantcast.mgr.consensu.org	winteriscoming.net quantcast.mgr.consensu.org
4	cdn.browsiprod.com	middycdn-a.akamaihd.net cdn.browsiprod.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com cdn.raygun.io
4	assets.omny.fm	omny.fm assets.omny.fm
4	www.googletagmanager.com	winteriscoming.net www.googletagmanager.com omny.fm
4	fonts.googleapis.com	winteriscoming.net cdn.fansided.com ajax.googleapis.com
3	data.ad-score.com	js.ad-score.com
3	js.ad-score.com	assets.revcontent.com js.ad-score.com
3	t.skimresources.com	winteriscoming.net s.skimresources.com
3	www.google.de	winteriscoming.net
3	sb.scorecardresearch.com	1 redirects winteriscoming.net
3	omny.fm	winteriscoming.net assets.omny.fm
3	securepubads.g.doubleclick.net	winteriscoming.net securepubads.g.doubleclick.net
2	memorizeneck.com	gammamaximum.com
2	ls.skimresources.com	s.skimresources.com
2	www.google.com	winteriscoming.net
2	www.facebook.com	winteriscoming.net
2	p.skimresources.com	winteriscoming.net
2	connect.facebook.net	winteriscoming.net connect.facebook.net
2	platform.twitter.com	winteriscoming.net platform.twitter.com
2	c.amazon-adsystem.com	winteriscoming.net c.amazon-adsystem.com
1	app.fansided.com	www.googletagmanager.com
1	www.omnycontent.com	cdn.raygun.io
1	images.revcontent.com	winteriscoming.net
1	yield-manager.browsiprod.com	cdn.browsiprod.com
1	cdn.revcontent.com	winteriscoming.net
1	img.revcontent.com	winteriscoming.net
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	syndication.twitter.com	platform.twitter.com
1	r.skimresources.com	s.skimresources.com
1	ajax.googleapis.com	omny.fm
1	analytics.google.com	www.googletagmanager.com
1	cdn.raygun.io	omny.fm
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	static.adsafeprotected.com	winteriscoming.net
1	middycdn-a.akamaihd.net	winteriscoming.net
1	s.skimresources.com	www.googletagmanager.com
1	ad.doubleclick.net	winteriscoming.net
1	cdn3.optimizely.com	d3ujids68p6xmq.cloudfront.net
1	gammamaximum.com	winteriscoming.net
1	native.sharethrough.com	winteriscoming.net
1	assets.revcontent.com	winteriscoming.net
1	d3ujids68p6xmq.cloudfront.net	winteriscoming.net
1	scripts.webcontentassessor.com	winteriscoming.net
153	52

This site contains links to these domains. Also see Links.

Domain
fansided.com
quiz.hiddenremote.com
www.facebook.com
twitter.com
instagram.com
hiddenremote.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
culturess.com
shop.minutemedia.com
daily.fansided.com
itunes.apple.com
play.google.com
netflixlife.com
amazonadviser.com
dorksideoftheforce.com
wizardsandwhatnot.com
bamsmackpow.com
1428elm.com
onechicagocenter.com
precincttv.com
lastnighton.com
undeadwalking.com
claireandjamie.com
showsnob.com
kardashiandish.com
champagneandshade.com
acceptthisrose.com
survivingtribal.com
redshirtsalwaysdie.com
www.dbltap.com
viridianforest.com
apptrigger.com
blogoflegends.com
diredota.com
foreverfortnite.com
foodsided.com
dogoday.com
www.mentalfloss.com
guiltyeats.com
bricksareawesome.com
smartcarting.com
underthelaces.com
rhymejunkie.com
www.90min.com
saturdayblitz.com
bustingbrackets.com
thebiglead.com
theplayerstribune.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
rushthekop.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
blogoflegends.com R3	`2021-10-13` - `2022-01-11`	3 months	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-31` - `2022-12-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.90min.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
assets.revcontent.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
omny.fm Cloudflare Inc ECC CA-3	`2021-10-19` - `2022-10-18`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-07-29`	a year	crt.sh
gammamaximum.com R3	`2021-10-11` - `2022-01-09`	3 months	crt.sh
*.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-01` - `2022-06-30`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.raygun.io RapidSSL RSA CA 2018	`2019-11-24` - `2021-12-14`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.browsiprod.com Amazon	`2021-03-15` - `2022-04-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
img.revcontent.com R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
cdn.revcontent.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
*.gobrowsi.com Amazon	`2021-01-14` - `2022-02-12`	a year	crt.sh
images.revcontent.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
omnycontent.com Amazon	`2021-05-02` - `2022-05-31`	a year	crt.sh
memorizeneck.com R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh
*.fansided.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://winteriscoming.net/
Frame ID: 066B776B66AE3E6338E5FDFBDE7C4CEE
Requests: 126 HTTP requests in this frame

Frame: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Frame ID: C7402ABEE755C0133F2FD7DF18320C7C
Requests: 20 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1635939552863
Frame ID: 3D044EE72FB3166B9058CC12C0D425BD
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwinteriscoming.net
Frame ID: 6FD412017F28F900BAB37CBC3EC5DBBB
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.13905333437238832
Frame ID: 7F03F308DFE550B72074F4BFED46F8D0
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: 571B0B7DB7E098BC0F3F3FEC16F9FD4F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 77381DF451E9F3F81B75C55845C5EA24
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Game of Thrones news, gossip, videos, photos and more

Page URL History Show full URLs

http://winteriscoming.net/ HTTP 301
https://winteriscoming.net/ Page URL

Page Statistics

153
Requests

99 %
HTTPS

48 %
IPv6

32
Domains

52
Subdomains

49
IPs

4
Countries

2509 kB
Transfer

8416 kB
Size

42
Cookies

91 Outgoing links

These are links going to different origins than the main page.

URL: https://fansided.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://quiz.hiddenremote.com/what-should-i-binge-tv-quiz/
Title: What Should I Binge?

Search URL Search Domain Scan URL

URL: https://fansided.com/fansided-openings/
Title: Write for us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WiCnet
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/WiCnet
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/wicnet
Title: Instagram

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/2021/10/28/house-of-the-dragon-not-coming-november/

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=78S5P804B4ZpjAFb%2FSlwQNZQFhzRKO63TEq2mFMyqcsxEHHfw6ivZPo%2FV09bmK%2F7LK7V%2BHxl9C727FYufh%2BOzR4eHO6hfxpgvZfUIcUJqZxcwLktHBWzGUgMIiyJxsTUDKztXTJ8vTZL2Tshw%2Bftsj0HovzMw9FhDrgpQ%2BN%2BNO5rFf111py47El%2FcGsqEGJL7reuV%2B5LUZlSJzoLi%2BmRsSC344ed6GnC6l8d%2Faq%2FQjGDWPrXXvhU8NXlCfnuDkSWHXEGkvNsssQt3do5dgzSd1d0teVFWpRuQdL6rIAzoqh%2BW0UqG9V%2BGBWR8YtaUdzldQsjYpdgaBTCjZDcGjlS2dLn2iMmsXLatvhtpilRrubj26ReVnIc6Odsr8fiby1YZ2gExPUFHWGdzen1FK61jvhZQZvI%2BMzEgbKHiellURg2U2AHlW4nAfH3X7pUynNlLZuScUV6ky46GCeJTlloHDsLlj11iRwAlrlYkfX0f4%2F0falmrnLcClKSMZV7OFqPNf9wG2%2FFcn3wkEvFV7GlX%2Fxy6eIDMFB7w6uk%2F9tm5GSCDknPIowuPlRxjkZ2%2BH5rr5SCiH6THVmqH6LvJLkHxn9pS4WBS8E%2FGXCNP4f2IxEpTT4mixtVKinhgCQPjwe75GLr8CCsncKvdf8QaqHSTY6b6UMG3o9owN%2BpkZApqPRRJseC0KQSxgum5PcRxCltyawN7SCDz%2BqaUkEPPJ69Kj4verM2YgG5T1S2jSGewasGO24JpS6hwIDkej4xh%2FfHqLc6xju2jHI6kswP3XVNrkS88rpvCres2m7wOnmzI5wNuCk476RX6hSW%2FfzQda7fElabNLNe4rVfeOnLbhwlqUv7r%2BOjmX3zcRCuOOj8o7XEXSRwdc%2FwRzTcTr6OZzDCeD2PcD09s7LnHVnwHoWzTKWdAe8FTCyBJWn0L9zNUhFOO3QbYSecWRpydEY8zmJC1Q3S49cUGwdLR3nhJfpc1vhvvCP5NdD6haLA2T0PV7eV%2BPU3G9rQEES4ZCtQVlWZIia06mvc90FI0%2FI8buPHdO7bt%2BqKs1bzMsIKR3vGFLpomWTLOfm3VptbGeX8JmvtGWA6PxLP4bzXkq2EDPuBMYqr3mXnP4wU85ddPREseAPmZVrogwl4KmvQ6GB0QdYL0Yb2MbL2tinXfbmUOAoGzligmIeGVGjbqDtyMa2y%2B8Hdu0SRBCfP8Bx3qg7v6GeO&s2s=1
Title: Unglaubliches Miniaturteleskop Lässt Sie Meilenweit SehenStarscope

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/2021/10/07/daenerys-targaryen-jon-snow-diy-halloween-costumes/

Search URL Search Domain Scan URL

URL: https://culturess.com/2021/10/06/diy-halloween-costumes-jon-snow-daenerys-targaryen/

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/2021/10/06/house-of-the-dragon-not-coming-october/

Search URL Search Domain Scan URL

URL: https://fansided.com/

Search URL Search Domain Scan URL

URL: https://fansided.com/about-fansided/
Title: About

Search URL Search Domain Scan URL

URL: https://fansided.com/about-fansided#masthead
Title: Masthead

Search URL Search Domain Scan URL

URL: https://fansided.com/join-fansided/
Title: Openings

Search URL Search Domain Scan URL

URL: https://shop.minutemedia.com/
Title: Swag

Search URL Search Domain Scan URL

URL: https://fansided.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://fansided.com/network/
Title: Our 300+ Sites

Search URL Search Domain Scan URL

URL: https://fansided.com/mobile/
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://daily.fansided.com/
Title: FanSided Daily

Search URL Search Domain Scan URL

URL: https://fansided.com/how-to-pitch-a-story-to-fansided/
Title: Pitch a Story

Search URL Search Domain Scan URL

URL: https://fansided.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://fansided.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/website-disclaimer/
Title: Legal Disclaimer

Search URL Search Domain Scan URL

URL: https://fansided.com/eu-privacy-policy/#data-subject-requests
Title: EU Data Subject Requests

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/fansided-sports/id553311886?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.noticesoftware.FanSided

Search URL Search Domain Scan URL

URL: https://fansided.com/network/entertainment/
Title: Streaming

Search URL Search Domain Scan URL

URL: https://netflixlife.com/
Title: More Netflix News »

Search URL Search Domain Scan URL

URL: https://amazonadviser.com/
Title: More Amazon News »

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/streaming/
Title: Streaming

Search URL Search Domain Scan URL

URL: https://fansided.com/entertainment/
Title: More FS Movie News »

Search URL Search Domain Scan URL

URL: https://culturess.com/movies/
Title: Movies News

Search URL Search Domain Scan URL

URL: https://netflixlife.com/movies/
Title: Netflix Movies

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/movies/
Title: All-Time Movies

Search URL Search Domain Scan URL

URL: https://dorksideoftheforce.com/
Title: Star Wars Movies

Search URL Search Domain Scan URL

URL: https://wizardsandwhatnot.com/
Title: Harry Potter Movies

Search URL Search Domain Scan URL

URL: https://bamsmackpow.com/
Title: Superhero & Comics

Search URL Search Domain Scan URL

URL: https://1428elm.com/horror-movies/
Title: Horror Movies

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/
Title: TV Shows News

Search URL Search Domain Scan URL

URL: https://netflixlife.com/tv/
Title: Netflix TV Shows

Search URL Search Domain Scan URL

URL: https://onechicagocenter.com/
Title: Chicago TV Shows

Search URL Search Domain Scan URL

URL: https://precincttv.com/
Title: Cops TV Shows

Search URL Search Domain Scan URL

URL: https://lastnighton.com/
Title: Saturday Night Live

Search URL Search Domain Scan URL

URL: https://undeadwalking.com/
Title: Walking Dead News

Search URL Search Domain Scan URL

URL: https://claireandjamie.com/
Title: Outlander News

Search URL Search Domain Scan URL

URL: https://showsnob.com/
Title: TV Shows Recaps

Search URL Search Domain Scan URL

URL: https://kardashiandish.com/celebrities/
Title: Celebrities News

Search URL Search Domain Scan URL

URL: https://champagneandshade.com/
Title: The Real Housewives News

Search URL Search Domain Scan URL

URL: https://kardashiandish.com/
Title: Kardashians News

Search URL Search Domain Scan URL

URL: https://acceptthisrose.com/
Title: The Bachelor & The Bachelorette

Search URL Search Domain Scan URL

URL: https://survivingtribal.com/
Title: Survivor TV Show News

Search URL Search Domain Scan URL

URL: https://1428elm.com/
Title: Horror Sci-Fi Movies

Search URL Search Domain Scan URL

URL: https://redshirtsalwaysdie.com/
Title: Star Trek Sci-Fi Movies

Search URL Search Domain Scan URL

URL: https://www.dbltap.com/
Title: Esports & Gaming

Search URL Search Domain Scan URL

URL: https://viridianforest.com/
Title: Pokemon Gaming News

Search URL Search Domain Scan URL

URL: https://apptrigger.com/
Title: Gaming News

Search URL Search Domain Scan URL

URL: https://blogoflegends.com/
Title: League of Legends News

Search URL Search Domain Scan URL

URL: https://diredota.com/
Title: Dota 2 News

Search URL Search Domain Scan URL

URL: https://foreverfortnite.com/
Title: Fortnite News

Search URL Search Domain Scan URL

URL: https://dorksideoftheforce.com/video-games/
Title: Star Wars Video Games

Search URL Search Domain Scan URL

URL: https://redshirtsalwaysdie.com/gaming/
Title: Star Trek Online Gaming

Search URL Search Domain Scan URL

URL: https://fansided.com/network/lifestyle/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://foodsided.com/
Title: More Food News »

Search URL Search Domain Scan URL

URL: https://dogoday.com/
Title: More Dog News »

Search URL Search Domain Scan URL

URL: https://www.mentalfloss.com/
Title: Facts & Trivia

Search URL Search Domain Scan URL

URL: https://guiltyeats.com/
Title: Guilty Food News

Search URL Search Domain Scan URL

URL: https://bricksareawesome.com/
Title: Lego News & Rumors

Search URL Search Domain Scan URL

URL: https://smartcarting.com/
Title: All Shopping News

Search URL Search Domain Scan URL

URL: https://underthelaces.com/
Title: Sneakers News

Search URL Search Domain Scan URL

URL: https://culturess.com/music/
Title: More Music News »

Search URL Search Domain Scan URL

URL: https://fansided.com/mlb/mlb-draft/
Title: More FS Music News »

Search URL Search Domain Scan URL

URL: https://rhymejunkie.com/
Title: Hip Hop Music News

Search URL Search Domain Scan URL

URL: https://fansided.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://fansided.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://fansided.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://fansided.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://www.90min.com/
Title: Soccer

Search URL Search Domain Scan URL

URL: https://saturdayblitz.com/
Title: CFB

Search URL Search Domain Scan URL

URL: https://bustingbrackets.com/
Title: CBB

Search URL Search Domain Scan URL

URL: https://thebiglead.com/
Title: Sports Media News

Search URL Search Domain Scan URL

URL: https://theplayerstribune.com/
Title: The Players Tribune

Search URL Search Domain Scan URL

URL: https://fansided.com/fansided-openings/#featured-jobs
Title: Openings

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fansided?_rdr=p
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/fansided
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fansided/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fansidedblogs
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winteriscoming.net/ HTTP 301
https://winteriscoming.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1635939552952&ns_c=UTF-8&cv=3.5&c8=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&c7=https%3A%2F%2Fwinteriscoming.net%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1635939552952&ns_c=UTF-8&cv=3.5&c8=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&c7=https%3A%2F%2Fwinteriscoming.net%2F&c9=

153 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
winteriscoming.net/
Redirect Chain

http://winteriscoming.net/
https://winteriscoming.net/

157 KB
28 KB

779ms
523ms

Document
text/html

2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai /

Resource Hash

b1433e652b299bc325c66f0c8c6cd5b1126d0624618ca7cb59a228bcfbc0a441

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-user-agent: standard
x-cache-config: 0 0
content-encoding: gzip
content-length: 27505
expires: Wed, 03 Nov 2021 11:39:12 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Wed, 03 Nov 2021 11:39:12 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
server: Akamai

Redirect headers

Content-Length: 0
Location: https://winteriscoming.net/
Date: Wed, 03 Nov 2021 11:39:11 GMT
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Server: Akamai

GET
H2 200 style.css
winteriscoming.net/wp-content/plugins/mm-video/styles/ 116 B
628 B 9ms
7ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://winteriscoming.net/wp-content/plugins/mm-video/styles/style.css?ver=1622067645
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: "60aec9bd-74"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2340924
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 120
expires: Tue, 30 Nov 2021 13:54:36 GMT

GET
H2 200 block.css
winteriscoming.net/wp-content/plugins/mm-video/styles/ 6 KB
2 KB 10ms
8ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://winteriscoming.net/wp-content/plugins/mm-video/styles/block.css?ver=1622067645
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 131ed8e00c533d7b5c15c868d5d6c11bd969db51f2edba24c22b81e8a4599ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: W/"60aec9bd-1819"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=805453
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 1686
expires: Fri, 12 Nov 2021 19:23:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 65ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&ver=2.68.4

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 11:16:05 GMT
server: ESF
date: Wed, 03 Nov 2021 11:39:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 722 B
453 B 72ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web&ver=2.68.4

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:37:41 GMT
server: ESF
date: Wed, 03 Nov 2021 11:39:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H2 200 style-wic.css
cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/ 435 KB
69 KB 113ms
12ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b7ad4dc3be5714d020f07c5d0e03d5df690c88ca7284b19eccd377ddb08c0eae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:55:00 GMT
server: Akamai
etag: W/"61785d14-6cc0c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1930999
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 69766
expires: Thu, 25 Nov 2021 20:02:31 GMT

GET
H2 200 shortcodes-84cd76b29f.css
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist/ 59 KB
10 KB 11ms
9ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist/shortcodes-84cd76b29f.css
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: dab5a6eb20f9941a03af10b068d9f825421a2a3391fc5be034389cbfbb19e640

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Sep 2021 19:33:44 GMT
server: Akamai
etag: W/"61561118-ed69"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2015987
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 9538
expires: Fri, 26 Nov 2021 19:38:59 GMT

GET
H2 200 network-nav.css
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 40 KB
7 KB 109ms
8ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 0a919ef477d47a8e6e7cdfb4da000abe193428a1b14ee072016c843d90bc5953

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:55:11 GMT
server: Akamai
etag: W/"61785d1f-9e5e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1930510
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 6598
expires: Thu, 25 Nov 2021 19:54:22 GMT

GET
H2 200 mm-video.js Show response
cdn.fansided.com/wp-content/plugins/mm-video/scripts/ 75 B
578 B 110ms
10ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/plugins/mm-video/scripts/mm-video.js?ver=1.4.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 04e94049f021c04df2fd03c9eb6736233808ec2ad4671fdfff7488627c4bcae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: "60aec9bd-4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2541716
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 60
expires: Thu, 02 Dec 2021 21:41:08 GMT

GET
H2 200 jquery.js Show response
cdn.fansided.com/wp-includes/js/jquery/ 95 KB
34 KB 120ms
20ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-17a6a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2411225
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 34019
expires: Wed, 01 Dec 2021 09:26:17 GMT

GET
H2 200 iframeSizer.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 11 KB
5 KB 125ms
25ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.18
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Oct 2021 21:21:41 GMT
server: Akamai
etag: W/"616f36e5-2d5b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1664058
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 4629
expires: Mon, 22 Nov 2021 17:53:30 GMT

GET
H2 200 a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35 Show response
scripts.webcontentassessor.com/scripts/ 241 KB
60 KB 57ms
7ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 335fc3bb35064b238344bc27fbe29a243f6122f217a4222483ed6e75f4f9012d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: gzip
age: 1996
x-cache: HIT
content-length: 61246
x-amz-id-2: jP+aPz3XU+Fm6pswbxHyCyc9o1lyIbY4sPOuD06wPpWNIFdyUuQQ93AlMYD6STZ7SZd6MxzBv7I=
x-served-by: cache-hhn4046-HHN
last-modified: Wed, 03 Nov 2021 10:54:01 GMT
server: AmazonS3
x-timer: S1635939552.479375,VS0,VE0
etag: "f96df97d3fe2938778fdf16eb92255c9"
vary: Accept-Encoding
x-amz-request-id: H0B416A919NBXFTB
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 11

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 139ms
100ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

76f8cf4b3881c1b76ceadc8f9c19df31f1278b1a6ee0747c42e5d526b1335047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1032 / 433 of 1000 / last-modified: 1635937517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27305
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H2 200 logo_winteriscoming-net__150x150.png
images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/winteriscoming/ 2 KB
2 KB 96ms
34ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/winteriscoming/logo_winteriscoming-net__150x150.png
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b8ed5b9a1b3af80ad20de85350e9b9ad53c8307f58d8cd5be06c11dcf87999ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
last-modified: Tue, 25 Feb 2020 18:09:54 GMT
x-timer: S1619796907.349939,VS0,VE82
etag: "b034105e89934deb07c9c8460a3f857b"
x-served-by: cache-wdc5536-WDC
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31480699
x-cache-hits: 0
content-disposition: inline; filename="logo_winteriscoming-net__150x150.webp"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
content-length: 1948
expires: Wed, 10 Nov 2021 11:39:12 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 30ms
9ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: nY_PcrO6M1v8rxrnAfvFh4iOgrD_tFp3
content-encoding: gzip
etag: 3900a2c2d757386fb762bfd86288f882
age: 548
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1VM5BS12HEZ88N28BR94
date: Wed, 03 Nov 2021 11:30:09 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 8j49WuneTKU0QJJu1xx3L0wwCOfMGuXq0BBAC7mXX6iCRCORSzEo-A==

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/winteriscoming.net/ 10 KB
4 KB 58ms
11ms Script
application/javascript 2600:9000:236e:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/winteriscoming.net/choice.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c93684561dcb20c18aeb6598b268603bf018c6261e85c69e939ab061b7865aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 11:53:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"0e2751246b89203131c2660ae72bff62"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: LF-lsvv14Uq7boEBbr3mIIdIv-7eRKt9JxAkFf9ZGJcRnZCLrZeQCA==

GET
H2 200 twemoji.js Show response
cdn.fansided.com/wp-includes/js/ 25 KB
8 KB 14ms
11ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/twemoji.js?ver=4.9.18
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-64c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=942728
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 7682
expires: Sun, 14 Nov 2021 09:31:20 GMT

GET
H2 200 wp-emoji.js Show response
cdn.fansided.com/wp-includes/js/ 7 KB
3 KB 14ms
11ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/wp-emoji.js?ver=4.9.18
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-1a68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=845647
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 2637
expires: Sat, 13 Nov 2021 06:33:19 GMT

GET
H2 200 logo_winteriscoming-net__150x150.png
cdn.fansided.com/wp-content/assets/site_images/winteriscoming/ 3 KB
3 KB 18ms
16ms Image
image/png 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/assets/site_images/winteriscoming/logo_winteriscoming-net__150x150.png
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 447a6c6e30f0a5e502248effde8e143948e1bb084646edc30761bb5b316ff9f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Jun 2017 23:05:53 GMT
server: Akamai
etag: "593886d1-b6c"
content-type: image/png
cache-control: max-age=2458718
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 2924
expires: Wed, 01 Dec 2021 22:37:50 GMT

GET
H2 200 fansided-logo.svg
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/ 8 KB
3 KB 15ms
13ms Image
image/svg+xml 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/fansided-logo.svg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:54:40 GMT
server: Akamai
etag: W/"61785d00-2191"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2129195
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 3016
expires: Sun, 28 Nov 2021 03:05:47 GMT

GET
H2 200 apple-app.png
winteriscoming.net/wp-content/themes/fansided-v5/assets/images/ 2 KB
2 KB 10ms
8ms Image
image/png 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winteriscoming.net/wp-content/themes/fansided-v5/assets/images/apple-app.png
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:54:40 GMT
server: Akamai
etag: "61785d00-682"
content-type: image/png
cache-control: max-age=1989405
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 1666
expires: Fri, 26 Nov 2021 12:15:57 GMT

GET
H2 200 android-app.png
winteriscoming.net/wp-content/themes/fansided-v5/assets/images/ 4 KB
4 KB 12ms
9ms Image
image/png 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winteriscoming.net/wp-content/themes/fansided-v5/assets/images/android-app.png
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:54:40 GMT
server: Akamai
etag: "61785d00-f1f"
content-type: image/png
cache-control: max-age=2185571
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 3871
expires: Sun, 28 Nov 2021 18:45:23 GMT

GET
H/1.1 200
OK abw.js Show response
d3ujids68p6xmq.cloudfront.net/ 223 KB
42 KB 52ms
10ms Script
application/javascript 52.222.206.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:21:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2018 14:40:14 GMT
Server: AmazonS3
Age: 33483
ETag: "e817b0f323fb2559fcb2e5701865527a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 33febf2d58aeb0618cba096d54cae019.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
Content-Length: 42771
X-Amz-Cf-Id: 20oPV23ZIJCX8iB2OmG96rimv2LgI-2mdKEId-NXlGd76H64L-DrMA==

GET
H2 200 front.js Show response
cdn.fansided.com/wp-content/plugins/mm-video/scripts/ 1 KB
919 B 7ms
7ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/plugins/mm-video/scripts/front.js?ver=1622067645
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 May 2021 22:20:45 GMT
server: Akamai
etag: W/"60aec9bd-41a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1921315
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 405
expires: Thu, 25 Nov 2021 17:21:07 GMT

GET
H2 200 longform.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 272 B
720 B 7ms
7ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/longform.min.js?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:54:55 GMT
server: Akamai
etag: "61785d0f-110"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1930632
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 202
expires: Thu, 25 Nov 2021 19:56:24 GMT

GET
H2 200 fs-event-preview.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 1 KB
1000 B 8ms
7ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/fs-event-preview.min.js?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:54:55 GMT
server: Akamai
etag: W/"61785d0f-5ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1930581
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 485
expires: Thu, 25 Nov 2021 19:55:33 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 374 KB
109 KB 81ms
10ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b58d89b696ad4f1655b4d6bcf65fb264f65f40a83dfe8bcde26c4025c3b0abfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 16:16:17 GMT
server: AmazonS3
x-amz-request-id: 9W90S7ZB2B4KHBWT
etag: "e37d491dff78a448fda5cde3ace08b7c"
x-hw: 1635939552.cds005.fr8.hn,1635939552.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 111497
x-amz-id-2: WQOC0cGw6PJxxJ8lQJgkGk37hQp+pSFh2LpBWkciCkVS3FG/KmXVvq1OHIpD3i7gGFxTmds8pzs=

GET
H2 200 slick.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 39 KB
10 KB 13ms
9ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/slick.min.js?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: ee5cee59a5aae5b3a05e9ba3de8f668ccb79b0f03a304d243e4633e081981440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:54:40 GMT
server: Akamai
etag: W/"61785d00-9be7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1930819
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 9725
expires: Thu, 25 Nov 2021 19:59:31 GMT

GET
H2 200 main.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 27 KB
9 KB 11ms
7ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/main.min.js?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 14e6ca0167f6a25b412bfd7b0061ab643215a6de77d9799977a393096f4ae781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:54:56 GMT
server: Akamai
etag: W/"61785d10-6c16"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1930545
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 8719
expires: Thu, 25 Nov 2021 19:54:57 GMT

GET
H2 200 network-nav.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 38 KB
14 KB 17ms
15ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.min.js?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: cdcfe798d0f7bac375a28b5ebe918d9b150d67f7cb8eea40ea956ac579f65f95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:55:11 GMT
server: Akamai
etag: W/"61785d1f-9805"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1930657
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 13911
expires: Thu, 25 Nov 2021 19:56:49 GMT

GET
H2 200 bundled-scripts.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 946 B
970 B 13ms
9ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/bundled-scripts.min.js?ver=2.68.4
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 19:55:03 GMT
server: Akamai
etag: W/"61785d17-3b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1930547
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 455
expires: Thu, 25 Nov 2021 19:54:59 GMT

GET
H2 200 wp-embed.js Show response
cdn.fansided.com/wp-includes/js/ 3 KB
2 KB 14ms
10ms Script
application/javascript 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/wp-embed.js?ver=4.9.18
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 12:10:01 GMT
server: Akamai
etag: W/"609e6899-c68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=824107
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
content-length: 1243
expires: Sat, 13 Nov 2021 00:34:19 GMT

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 266 KB
74 KB 54ms
9ms Script
application/javascript 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js?ver=4.9.18
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65b8470967f6951ba5aa4fa9b003b100a462409068e3b5f2887f52e56e8fa7b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:35:12 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 21:35:05 GMT
server: AmazonS3
age: 240
etag: W/"edab2c33f4ae100949c1db7e9d2dc5e4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6yLEL9arsHwd4kU13UG9Zx7tKoR7bwGn8oBnPPoMdk-NtORep0Dsrw==
expires: Mon, 01 Nov 2021 22:35:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
957 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b45d23b42010fbd26ad3a9c5233b4fbdce446122c4ebd0714c4a05caae421c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 11:39:12 GMT
server: ESF
date: Wed, 03 Nov 2021 11:39:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 390 KB
81 KB 64ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b80835bcc1d8a960c1dd6887c1dcd124a80ec14d0050d0894807e5768002dfaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82107
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 09:12:54 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F10%2Fie_76892.jpeg
images2.minutemediacdn.com/image/fetch/w_290,h_300,c_fill,g_auto,f_auto/ 7 KB
7 KB 100ms
45ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_290,h_300,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F10%2Fie_76892.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 596ebdc41f1151b28dff45a01929b534b35317866dc1d21abd887b1934a7218c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
last-modified: Mon, 18 Oct 2021 18:23:45 GMT
x-timer: S1635913913.809896,VS0,VE72
etag: "dd6269ea9ddd04cf884aacbf77a1cdd0"
x-served-by: cache-wdc5556-WDC
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31480699
x-cache-hits: 0
content-disposition: inline; filename="ie_76892.webp"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
content-length: 6966
expires: Wed, 10 Nov 2021 11:39:12 GMT

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Fwp-content%2Fuploads%2Fgetty-images%2F2018%2F08%2F535281466.jpeg
images2.minutemediacdn.com/image/fetch/w_290,h_180,c_fill,g_auto,f_auto/ 5 KB
5 KB 119ms
64ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_290,h_180,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Fwp-content%2Fuploads%2Fgetty-images%2F2018%2F08%2F535281466.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3f33c5b51e4602f59ca596715c10d10b0d05495e92fa2ca0d670cc5b149c5a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
last-modified: Fri, 24 Sep 2021 15:28:17 GMT
x-timer: S1635913913.787537,VS0,VE52
etag: "fe450b73fafd977beb0750ba8ceb1239"
x-served-by: cache-wdc5562-WDC
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31480699
x-cache-hits: 0
content-disposition: inline; filename="535281466.webp"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
content-length: 5222
expires: Wed, 10 Nov 2021 11:39:12 GMT

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_79361.jpeg
images2.minutemediacdn.com/image/fetch/w_580,h_480,c_fill,g_auto,f_auto/ 32 KB
33 KB 82ms
54ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_580,h_480,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2018%2F08%2Fie_79361.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fa5635b7c396ca07c31a8239f408fb2414af05bd296ed59803c862c0df336943

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
status: 200 OK
content-disposition: inline; filename="ie_79361.webp"
content-length: 33134
x-request-id: 3cc2e4fa98698068d67d46f1ecdbd852
x-served-by: cache-wdc5556-WDC
last-modified: Mon, 01 Nov 2021 14:29:43 GMT
x-timer: S1635777279.846015,VS0,VE1084
etag: "7aa1231a2f059562d662e453d0f112bf"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:12 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Fwp-content%2Fuploads%2Fgetty-images%2F2020%2F04%2F1199320821.jpeg
images2.minutemediacdn.com/image/fetch/w_290,h_300,c_fill,g_auto,f_auto/ 9 KB
9 KB 59ms
32ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_290,h_300,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Fwp-content%2Fuploads%2Fgetty-images%2F2020%2F04%2F1199320821.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b10c702e6f34b9a212351e9ebbd195aae9521bf8a09e7312277df607f632871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
last-modified: Tue, 28 Apr 2020 14:03:14 GMT
x-timer: S1635872433.044782,VS0,VE62
etag: "aa7eee8de3a002550ea0ed4063c36e7b"
x-served-by: cache-wdc5527-WDC
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31480699
x-cache-hits: 0
content-disposition: inline; filename="1199320821.webp"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
content-length: 9070
expires: Wed, 10 Nov 2021 11:39:12 GMT

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F11%2Fie_79584.jpeg
images2.minutemediacdn.com/image/fetch/w_290,h_180,c_fill,g_auto,f_auto/ 3 KB
4 KB 73ms
45ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_290,h_180,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F11%2Fie_79584.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 49d3ff5dcffc4e5812f6f5173ee12902577ed3a894ee57d2e90b666dd7fdaf79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
status: 200 OK
content-disposition: inline; filename="ie_79584.webp"
content-length: 3322
x-request-id: 16b6c56c99ea113f79fbacd4e6ac9edb
x-served-by: cache-wdc5549-WDC
last-modified: Tue, 02 Nov 2021 17:12:26 GMT
x-timer: S1635873143.333554,VS0,VE1695
etag: "265b007d600d43571b7e345f3889647d"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:12 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v11/ 13 KB
13 KB 40ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67902d0eff4e6841fff7a38d9dba092e0f772e741b6c02ba44906d663c8c37ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 23:50:29 GMT
x-content-type-options: nosniff
age: 560923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13220
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:56:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 23:50:29 GMT

GET
H2 200 FontSided1dot5.woff
cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/ 19 KB
20 KB 35ms
9ms Font
application/font-woff 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/FontSided1dot5.woff?v=1.5
Requested by: Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Oct 2021 20:02:51 GMT
server: Akamai
etag: "615b5deb-4bec"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=360538
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 19436
expires: Sun, 07 Nov 2021 15:48:10 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 138435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

GET
H2 200 bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 39 KB
22 KB 42ms
20ms Font
font/ttf 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v10/bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22073
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:36:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 04:35:36 GMT

GET
H2 200 embed Show response
omny.fm/shows/take-the-black-podcast/playlists/podcast/ Frame C740 3 KB
2 KB 85ms
37ms Document
text/html 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12f5d170cf284998463a6eb668a4245f5e58bf75e40060cdf8abf837992a3dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900
expires: Wed, 03 Nov 2021 11:35:58 GMT
last-modified: Wed, 03 Nov 2021 11:20:58 GMT
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR"
cf-cache-status: HIT
age: 695
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a85521c7bd45a13-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 30 KB
18 KB 12ms
11ms Font
font/ttf 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v10/HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18810
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:38:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 06:41:51 GMT

GET
H2 200 7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
15 KB 9ms
9ms Font
font/woff 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:12:08 GMT
x-content-type-options: nosniff
age: 138424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15504
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:53:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:12:08 GMT

GET
H2 200 anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
15 KB 13ms
13ms Font
font/woff 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 12:11:39 GMT
x-content-type-options: nosniff
age: 516453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:51:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 12:11:39 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 26ms
8ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 04:08:54 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 33224
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: WohHCgwPF03F25cgFEwF5ZEb9VmFwSDPVdB4Y5GSFL4WQB-U4aKL9Q==

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 41ms
15ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 18:33:56 GMT
etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=1800
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 29104
tw-cdn: FT
x-served-by: cache-bwi5136-BWI, cache-hhn11552-HHN

GET
H2 200 ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea Show response
gammamaximum.com/ 103 KB
30 KB 61ms
19ms Script
text/javascript 35.190.48.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.48.190.35.bc.googleusercontent.com

Software

Resource Hash

9ce4363334d76dddd8e7b5f7f825c01276eb79dd85ee380ce9ac995093719b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "7885e116818475e46b7fae9356b061ce33eb638a767255f4be0df13e1ce9723e"
vary: Accept-Encoding, Accept-Language
x-hostname: 94ecd830
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 03 Nov 2021 11:39:12 GMT
timing-allow-origin: *

GET
H2 200 accessibility-light.svg
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/ 612 B
869 B 7ms
7ms Image
image/svg+xml 2a02:26f0:ef::5c7b:c2bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/accessibility-light.svg
Requested by: Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.68.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.68.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Oct 2021 20:03:28 GMT
server: Akamai
etag: "615b5e10-264"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=594481
date: Wed, 03 Nov 2021 11:39:12 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 351
expires: Wed, 10 Nov 2021 08:47:13 GMT

GET
H2 200 anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
fonts.gstatic.com/s/titilliumweb/v4/ 14 KB
14 KB 8ms
8ms Font
font/woff 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.68.4
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 23:50:33 GMT
x-content-type-options: nosniff
age: 560919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14692
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:51:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 23:50:33 GMT

GET
H2 200 https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_69782-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 6 KB
7 KB 78ms
77ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fhiddenremote.com%2Ffiles%2Fimage-exchange%2F2017%2F07%2Fie_69782-850x560.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a8f9cc75ab074c223b46eada8c82edbaaa36f7e7ba3f59bfef40a28bb9530b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
status: 200 OK
content-disposition: inline; filename="ie_69782-850x560.webp"
content-length: 6514
x-request-id: 0081cea366bae44e52560ce0092bca29
x-served-by: cache-wdc5539-WDC
last-modified: Thu, 28 Oct 2021 17:14:23 GMT
x-timer: S1635498330.707896,VS0,VE618
etag: "efbf00b001a5ee9afbf5ce295cf776fa"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:12 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fhiddenremote.com%2Ffiles%2F2016%2F04%2Ff81c60e82f01489e0894317f257c25bebcd22db3f1bef6d41aa07cffed6534a48625739d6bc4aaa4c131258f54ba17df-850x560.jpg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 8 KB
8 KB 319ms
317ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fhiddenremote.com%2Ffiles%2F2016%2F04%2Ff81c60e82f01489e0894317f257c25bebcd22db3f1bef6d41aa07cffed6534a48625739d6bc4aaa4c131258f54ba17df-850x560.jpg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 100ad7bd82cb6e596e4f4b193b6ea3a0f08f8275ec9aefa938f4d9021514e076

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
status: 200 OK
content-disposition: inline; filename="f81c60e82f01489e0894317f257c25bebcd22db3f1bef6d41aa07cffed6534a48625739d6bc4aaa4c131258f54ba17df-850x560.webp"
content-length: 8172
x-request-id: 5c5620373a8265b3b0750ee3ff94bb08
x-served-by: cache-wdc5540-WDC
last-modified: Sat, 22 Feb 2020 16:24:35 GMT
x-timer: S1633638254.675959,VS0,VE497
etag: "e8111ffbd2a9d1040029d5108d79b2de"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:13 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2020%2F07%2Fie_16203-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 2 KB
3 KB 30ms
28ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fculturess.com%2Ffiles%2Fimage-exchange%2F2020%2F07%2Fie_16203-850x560.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4309747c4b1d9469507c7fe04d6472a4dc4df6b05b69c54cd0eaaa5ee081af9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
status: 200 OK
content-disposition: inline; filename="ie_16203-850x560.webp"
content-length: 2476
x-request-id: 93a2510ad77bb43a57de5bda461eabd6
x-served-by: cache-wdc5565-WDC
last-modified: Fri, 24 Jul 2020 18:03:47 GMT
x-timer: S1633557728.768515,VS0,VE405
etag: "4649a314d3858e92cabfc06a55fa639e"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:12 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F09%2Fie_57757.jpeg
images2.minutemediacdn.com/image/fetch/w_510,h_260,c_fill,g_auto,f_auto/ 9 KB
9 KB 83ms
82ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_510,h_260,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F09%2Fie_57757.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e277a2f3fd2998bbb8c6c74ecb2307a3bb17c5642b48547f15777308c5c92a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
status: 200 OK
content-disposition: inline; filename="ie_57757.webp"
content-length: 9118
x-request-id: 67df12d68722111fc9d6c52efcdab802
x-served-by: cache-wdc5557-WDC
last-modified: Wed, 22 Sep 2021 13:01:44 GMT
x-timer: S1632315815.269464,VS0,VE3511
etag: "39156eb75547aa9be130c65e73ac040f"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:12 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2021%2F11%2FGame-of-Thrones-Arya-Ed-Sheeran.jpeg
images2.minutemediacdn.com/image/fetch/w_510,h_260,c_fill,g_auto,f_auto/ 33 KB
33 KB 59ms
58ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_510,h_260,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2021%2F11%2FGame-of-Thrones-Arya-Ed-Sheeran.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f709510dfb520a578a0c5fdef04a31b330da4f3f7500d491cd110eb97e3c1de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
status: 200 OK
content-disposition: inline; filename="Game-of-Thrones-Arya-Ed-Sheeran.webp"
content-length: 33832
x-request-id: a0e7a7ae029cddf418b33331afc6fdca
x-served-by: cache-wdc5532-WDC
last-modified: Tue, 02 Nov 2021 15:36:50 GMT
x-timer: S1635867408.566432,VS0,VE1975
etag: "f33d8e90f3f016966ebdf64ac53ce291"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:12 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F11%2Fie_76531.jpeg
images2.minutemediacdn.com/image/fetch/w_510,h_260,c_fill,g_auto,f_auto/ 19 KB
19 KB 31ms
30ms Image
image/webp 2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/w_510,h_260,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F11%2Fie_76531.jpeg
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c203be1e625bd6fe0e61b6eb02455d21901727ac08a7afc21903e45163f52a07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
status: 200 OK
content-disposition: inline; filename="ie_76531.webp"
content-length: 19070
x-request-id: eb252ab13bd0ff489d2836c14b767125
x-served-by: cache-wdc5539-WDC
last-modified: Mon, 01 Nov 2021 20:37:12 GMT
x-timer: S1635799030.806722,VS0,VE1855
etag: "e550c9c0e122694a9d618b4b0459b695"
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 10 Nov 2021 11:39:12 GMT
cache-control: private, max-age=31480699
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 179 KB
43 KB 11ms
10ms Script
text/javascript 2600:9000:236e:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/winteriscoming.net/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b5ea38631a92e351ee2023ed5cc1f7560d1bc370b41a33c83484832a1651b85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:24:14 GMT
content-encoding: br
age: 993
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Wed, 06 Oct 2021 21:06:21 GMT
server: AmazonS3
etag: W/"9df4b83343b9d8a844bc16680bd3358a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: TEqeasyBT5qca6524xPyxOzvfR8uqVR3LI68n5VzuSXV-lTq_AQx0Q==

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ Frame 3D04 293 B
700 B 137ms
111ms Script
application/javascript 23.37.32.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js?cb=1635939552863
Requested by: Host: d3ujids68p6xmq.cloudfront.net
URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.37.32.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-32-235.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 55ad22cba594ee369441d15314da77d2dc7df216a93d0ea92aa632141e0782a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: 6A1AA1F810754193
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=64874
Date: Wed, 03 Nov 2021 11:39:12 GMT
Connection: keep-alive
Content-Length: 293
x-amz-id-2: ZXi0usPohSuAesZIiMOoUe7rm5pVbZJKk5/swzraA3dBkb05ZJ80j/UhN0E+j1RwRsydsZwrM/Y=

GET
H2 200 ;ord=1635939552864
ad.doubleclick.net/ddm/ad/cieifr/mgkqcypu/ 43 B
628 B 46ms
16ms Image
image/gif 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/cieifr/mgkqcypu/;ord=1635939552864?

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
8ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 39758
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Wed, 03 Nov 2021 10:54:02 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: r4T62ZbkAVuavKbKYeONzdze5WSBhLd8AZFvxxWVInRqUS1CIDAdBg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
52 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8223e8f7d82b2783e43b2eaf98610424b782b42be7cef11ac125e159cc494b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53594
x-xss-protection: 0
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 5886
date: Wed, 03 Nov 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 12:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: EO0Qao75Dun9H4Rb9Oz0hb/vliDB+nf3JbbpdJ1KYmGe/sDblB13eK/HE5lGV3rrxky6pOP8dYJv9ftY5j2q5A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Nov 2021 11:39:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 124578X1617579.skimlinks.js Show response
s.skimresources.com/js/ 55 KB
20 KB 80ms
21ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5896848930c90cde811bebd8423c831fdbb596b1e0d92a1327e52f3b8e42847b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:34:27 GMT
server: AmazonS3
x-amz-request-id: P146R3YF2MC06CE0
etag: "5f8e92970c2760fb7cff17a3aba452de"
x-hw: 1635939553.cds002.lo4.hn,1635939553.cds101.lo4.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20602
x-amz-id-2: qhcGMkkvXcN7BxO831xkufEXN3Xl6ASaFJQuAcmyxRmEJz3s0I3Aq7eHfNvVo10O/psh/+nSp7U=

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/3.0.3/ 34 KB
13 KB 80ms
32ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/3.0.3/accessibility.js

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winteriscoming.net/
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1133420
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 30 May 2021 11:33:38 GMT
server: cloudflare
x-frame-options: deny
etag: W/"0155a24755d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qW%2BtCaW%2F63Zg4%2FZquUKmZuq2d9AowDzKsUOi%2BmtSAkQ96P6I6qiMpv199gdCp%2FcmYxoxTrJT285WBc%2FfcYe9cv7YZZbwrkaJDAyH4MNHN9RvfQARf7kICeU2MgOBSjEfWcFiUi1snKltHWYjh3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6a85521e3d7f5a43-MXP

GET
H/1.1 200
OK minutemediaplus.js Show response
middycdn-a.akamaihd.net/publishers/ 445 B
1 KB 287ms
7ms Script
application/javascript 92.123.225.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://middycdn-a.akamaihd.net/publishers/minutemediaplus.js
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.225.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-50.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58f5d902861046c3903729e215261ae7d00dcc58ce09c6967c0609a75b5c30e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: XwF.UGdO0ErfOkUZxZqwbfaOUi65DdWH
ETag: "ab73e24f74663b0845f928a4aa94d86c"
x-amz-request-id: HM22TN4JQZQK26KJ
Connection: keep-alive
Content-Length: 445
x-amz-id-2: Fy26eYtCLvpkAVEn8htBbzTW+WMhNuEPtcAduO4NeP6iBxumswmaOdLp6IKP/LPMdNW27srKk9Q=
Last-Modified: Wed, 04 Aug 2021 14:51:27 GMT
Server: AmazonS3
Date: Wed, 03 Nov 2021 11:39:13 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 03 Nov 2021 12:39:13 GMT

GET
H2 200 embed-0c3dd13a55.css
assets.omny.fm/bundles/ Frame C740 49 KB
9 KB 55ms
46ms Stylesheet
text/css 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed-0c3dd13a55.css
Requested by: Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d10f4ec4e25b50966bfaa6fdee4f96061888778f10f00616e91b6df37979565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
via: 1.1 fe45f5956e3b67d2cd2349a8dd45ee97.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 6846
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 02:04:09 GMT
server: cloudflare
etag: W/"0150d679720ee883eddce0849195dd5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-cf-pop: TLV50-C1
cf-ray: 6a85521dffcb5a13-MXP
x-amz-cf-id: 90u6QtcWg4RPup7SGJjQShDBIIxLIbQKCP36oBnM7iX658sKi-JR5A==

GET
H2 200 embed.vendor-302d7b340f.js Show response
assets.omny.fm/bundles/ Frame C740 778 KB
239 KB 118ms
66ms Script
application/x-javascript 2606:4700:10::6814:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed.vendor-302d7b340f.js
Requested by: Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee2c26f605e3c220fbc18af86c4a5a3e759f296739fa18987e459f477ba3e118

Request headers

Referer: https://omny.fm/
Origin: https://omny.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 6c3e48e00c5cc82a938a68d74aa420d9.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 6257
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 25 Oct 2021 04:51:12 GMT
server: cloudflare
etag: W/"d133404e52c2faabd5a04450f35f621e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
x-amz-cf-pop: MXP64-C1
cf-ray: 6a85521e48c5374b-MXP
x-amz-cf-id: v-zPn3mWQedXltuQXM2f2qgE3IP9KmVmAaI04BU8YeffwQohbUH5zQ==

GET
H2 200 embed-3ae6abfa44.js Show response
assets.omny.fm/bundles/ Frame C740 259 KB
61 KB 99ms
47ms Script
application/x-javascript 2606:4700:10::6814:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed-3ae6abfa44.js
Requested by: Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d40868359f3422fb0df86a68a7b8a61fac9b857fe4baf182bf45ae09abd153

Request headers

Referer: https://omny.fm/
Origin: https://omny.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 1b96443527f684c809162d975cdd968f.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 5790
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 02:04:09 GMT
server: cloudflare
etag: W/"0a40f56da04b110665b3d988bf0d24dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
x-amz-cf-pop: MXP64-C1
cf-ray: 6a85521e48ca374b-MXP
x-amz-cf-id: tkD6_onmHJxA4dU4F2lXNQebNvuZih0vJy77fMJJO8RExjzdZYSuBA==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1635939552952&ns_c=UTF-8&cv=3.5&c8=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&c7=https%3A%2F%2Fwi...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1635939552952&ns_c=UTF-8&cv=3.5&c8=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&c7=https%3A%2F%2Fw...

64 B
331 B

12ms
12ms

Image
image/gif

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1635939552952&ns_c=UTF-8&cv=3.5&c8=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&c7=https%3A%2F%2Fwinteriscoming.net%2F&c9=
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 8vWBXEzIcYBuQqtqARhVfkyVSCHKFoRFOie5MCedEgON_Sd9D6zSQw==

Redirect headers

date: Wed, 03 Nov 2021 11:39:12 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1635939552952&ns_c=UTF-8&cv=3.5&c8=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&c7=https%3A%2F%2Fwinteriscoming.net%2F&c9=
content-length: 243
x-amz-cf-id: IRVTWIASiQ_oUcdJ3QbGxTRS10p1F3mN0VyTvGavGPHNJznrHGFWVA==

GET
H2 200 pubads_impl_2021102801.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
118 KB 18ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 202 B
151 B 32ms
17ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=winteriscoming.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a9c5916570de55dfec84a34937e2186442d1e5f0195616e3d3c01ef034c8ba9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 11:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
expires: Wed, 03 Nov 2021 11:39:12 GMT

GET
H2 200 widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 6FD4 319 KB
103 KB 18ms
18ms Document
text/html 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwinteriscoming.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/

Response headers

last-modified: Mon, 18 Oct 2021 18:32:00 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Wed, 03 Nov 2021 11:39:12 GMT
x-served-by: cache-bwi5183-BWI, cache-hhn11552-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105433

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 57ms
7ms Image
image/gif 2600:9000:223f:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
age: 7673079
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 2V-1BLp922I8MwFMg5PM_sCTuaU8wst6QNj7qq1tafUWSCdkvYqVJw==

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
268 B 100ms
31ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=142176

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:13 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 96ms
28ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:13 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 8 KB
3 KB 50ms
7ms XHR
application/json 2600:9000:225e:da00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:da00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:00:36 GMT
content-encoding: gzip
age: 31118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 19:52:30 GMT
server: AmazonS3
etag: W/"ce2e4fb9fc40c4c0ec7bab6578115f67"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: Yiey4KudmKN67Y4sDLFJsLRxwfDFqUt8
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: q12oMZRcEfOMK9vOihSBNvLHVlOX1VdJAGvgZozDFTs3Timk9knRFA==

GET
H2 200 2811814612385369 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2811814612385369?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c98caa3264bbb9d4e5dff06fa071e1c038683fb6563dcce40a8d7300eb0c80c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89103
x-xss-protection: 0
pragma: public
x-fb-debug: DBvn+J6buLufCs0nN015eqxXQfE9t8jN1luMSGruCII4sVbwqwEwkWLF+CaIDwfQ8kDAsiBD0aRhG9gkJRUYqg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Nov 2021 11:39:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame C740 120 KB
43 KB 214ms
22ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N

Requested by

Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72c2cdeaf9599fb4ac149770bfefe80ccc888152449dae5331907261fb33c8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44327
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Nov 2021 11:39:13 GMT

GET
H2 200 raygun.min.js Show response
cdn.raygun.io/raygun4js/ Frame C740 65 KB
20 KB 192ms
11ms Script
application/javascript 2600:9000:223d:e600:17:62f0:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by: Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:e600:17:62f0:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ebf246d26f494d0c715e03433ac0d4379b7672ee7702986d31d387177a49e66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 20:50:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 23:44:13 GMT
server: AmazonS3
age: 117891
etag: W/"b078fe0c70dbcda88f75a0f7eb6efaef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 474733f16f494ddb794b4f7dfd7de967.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 3Cpj3p1_hi4Nh3zdo2Z1yMz_rGjK4gxx0HZT-kz-WP_1ykfquItYNg==

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 172ms
14ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=ear&_p=2042329910&sr=1600x1200&_gaz=1&ul=en-us&cid=412210099.1635939553&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&dt=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&sid=1635939552&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 184ms
21ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NB8RD6J3M6&cid=412210099.1635939553&gtm=ear&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 375ms
212ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NB8RD6J3M6&cid=412210099.1635939553&gtm=ear&aip=1&z=1382048614

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 21ms
20ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=2042329910&t=pageview&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&ul=en-us&de=UTF-8&dt=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1902189966&gjid=295391527&cid=412210099.1635939553&tid=UA-1577313-14&_gid=2037678278.1635939553&_r=1&gtm=GarKXFQXHB&cd1=none&cd2=323&cd3=none&cd4=none&cd5=ENTERTAINMENT&cd6=TV%20and%20Streaming&cd7=none&cd8=Homepage&cd9=Payable%20Non%20Article&cd10=web-staticPHP&cd11=Winter%20is%20Coming&cd12=none&cd13=385&cd14=none&cd15=none&cd16=none&cd17=none&cd27=Homepage&cd73=0&cd75=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&cd76=%2F&cd78=2&cm1=0&z=2043309773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 21ms
21ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=2042329910&t=pageview&_s=1&dl=https%3A%2F%2Fwinteriscoming.net%2F&ul=en-us&de=UTF-8&dt=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=116549091&gjid=916978996&cid=412210099.1635939553&tid=UA-6383965-2&_gid=2037678278.1635939553&_r=1&gtm=GarKXFQXHB&cd1=none&cd2=323&cd3=none&cd4=none&cd5=ENTERTAINMENT&cd6=TV%20and%20Streaming&cd7=none&cd8=Homepage&cd9=Payable%20Non%20Article&cd10=web-staticPHP&cd11=Winter%20is%20Coming&cd12=none&cd13=385&cd14=none&cd15=none&cd16=none&cd17=none&cm1=0&z=1049977685

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 21ms
20ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/35/ 220 KB
57 KB 9ms
9ms Script
text/javascript 2600:9000:236e:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/35/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2d37be207c0669c1f7902516f35e903fd5ce30e89f56091c5649c5c565b8daa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 18:34:04 GMT
content-encoding: gzip
age: 61510
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 06 Oct 2021 21:05:50 GMT
server: AmazonS3
etag: W/"aead2f2fb8790a956cf1fa881814cf9d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: nvJQNOk1d5PgEH5DqWOngYu9TWrNPzFniwJLsBCrQpwlb8zU84uc9w==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 274 KB
32 KB 26ms
10ms XHR
application/json 2600:9000:236e:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 291b6c31a5fc1656f5ddcd7bb567678aa1983f067516e84ccbf9214d6f70c61e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:00:43 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 31111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 03:00:32 GMT
server: AmazonS3
etag: W/"657e045a2b7d2755e82d020e7e0bb101"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: oSPIlgywLQAGUUQArPRQxPBB-l-7Ki8LCKFms3NE3KCkdwlgGImgWw==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
37 KB 32ms
17ms XHR
application/json 2600:9000:236e:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef9912bf876f6089f6a88ef55bb61eb40044952e3eb472ee7edc40b3e18622b6

Request headers

Accept: application/json, text/plain, */*
Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:00:29 GMT
content-encoding: gzip
age: 31125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 03:00:27 GMT
server: AmazonS3
etag: W/"9955ae4f2d1dabde56587b2ae7dc1a0b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: wfwA5-2cFOBZvz1p-m-zVFzZPB6wif3wL3glMrvd9yCf0lkJ_5eBug==

GET
H2 200 default.css Show response
cdn.equalweb.com/style/ 11 KB
3 KB 25ms
24ms Fetch
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/default.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1437800
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 09 May 2021 14:33:43 GMT
server: cloudflare
x-frame-options: deny
etag: W/"807da04fe044d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOl3pF%2BYvXcB44Kk%2FhXg%2Bxi%2BbX3oQQLKISYOqbxxs3mVtHkyDOvyocTQ90ITNhdlkTTNGlDbi6ZX6b6BPK5Q8TobE6m4%2FoabVr%2BFMEO3jtbei3qBkDb5NJ7RuLlLoVmqDCBzytXzlyKQ08Gs800%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6a85521f28175a43-MXP

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
436 B 24ms
24ms Fetch
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1437800
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3f26cd3dfbc1d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WUNY0yeVus%2FWwfit%2F7aBU6Z%2Fq0MkI1Ev2ndu3KdJYLKkrakfSiho4fF3IZbHujPtJn0c1QVfQjAUqu0PoRGTN2l9TmxsrnpYYwZl79Iq0%2Brgf31Jtm3DuVECOiJ7Q88UWDlQU%2BSg3v9rWBI7AY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6a85521f281b5a43-MXP

GET
H2 200 locale.js Show response
cdn.equalweb.com/assets/scripts/ 29 KB
10 KB 31ms
30ms Fetch
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/locale.js

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1437800
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 07:22:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"80d59982334d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv%2FxZzE7lh0mCuQ9ZVsJ63RhSN1Db3BAsbbR3QMGU%2BJORVN5NOiwxgGXT%2BZ3XCwTXTUvGBKKraZiHP8%2Bapd7HW2%2Bkl5N2uIL%2BaivQM%2BSmygRIEiVnA%2F9cVYyzCkIIBatI7rScnjsTys8rf7ELuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6a85521f281d5a43-MXP

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 7F03 0
102 B 90ms
18ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.13905333437238832
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 87ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=4.9816131919935485
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 86ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=4.9816131919935485
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 embed.icons-sprite.svg Show response
assets.omny.fm/bundles/ Frame C740 315 KB
46 KB 352ms
50ms XHR
image/svg+xml 2606:4700:10::6814:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.omny.fm/bundles/embed.icons-sprite.svg?v=d46ac8c38c2a02a822765efc982fecf62aac2479
Requested by: Host: assets.omny.fm
URL: https://assets.omny.fm/bundles/embed.vendor-302d7b340f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e11b7e61d20c17894996aa2ccb7209aa276eb56d76390e9a67e595694c99d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 69b8255864bcbab6fa21e4a2a96c169e.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 5916
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 21 Oct 2021 03:22:01 GMT
server: cloudflare
etag: W/"8c2a6a236bc9eed8adeee2b050886793"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: MXP63-P2
cf-ray: 6a855221c946374b-MXP
x-amz-cf-id: knJrpfc5qC7MPI1x5vichzVLB91CCIIwE1RsN3k79yG9fuV_epFINg==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame C740 13 KB
6 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 18:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 02 Nov 2022 18:30:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2811814612385369&ev=PageView&dl=https%3A%2F%2Fwinteriscoming.net%2F&rl=&if=false&ts=1635939553272&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635939553271.547818154&it=1635939553036&coo=false&rqm=GET

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 11:39:13 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 194 B
369 B 40ms
16ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

3e507692cb026ae53a32d140da1e6e251e96d5b5e0fafc41addb11ef8ba5ea24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://winteriscoming.net
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 7 KB
4 KB 93ms
92ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=142176&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwinteriscoming.net%2F&icr_url=&revsub[hostname]=winteriscoming.net&va=0&time=1635939553287&up=pc&bn=chrome&bv=95&widget_width=300&style_id=0

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

003de53b7bc53a562c93be65a09abbc7ada4cd915628228c8fa7caa50a1d882e

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://winteriscoming.net
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 3501

GET
H2 200 podcast Show response
omny.fm/api/embed/shows/take-the-black-podcast/playlist/ Frame C740 329 KB
18 KB 521ms
219ms XHR
application/json 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://omny.fm/api/embed/shows/take-the-black-podcast/playlist/podcast
Requested by: Host: assets.omny.fm
URL: https://assets.omny.fm/bundles/embed.vendor-302d7b340f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c30e6390f3faf13b21c8e993589627dfaa7738d1b87546d18a6cab8282171e

Request headers

Accept: application/json, text/plain, */*
Referer: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 11:37:51 GMT
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=120
cf-ray: 6a8552222b2a5a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 22ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-1577313-14&cid=412210099.1635939553&jid=1902189966&gjid=295391527&_gid=2037678278.1635939553&_u=YADAAEAAAAAAAC~&z=1561217659

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Nov 2021 11:39:13 GMT
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6FD4 232 B
447 B 135ms
119ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7cebf5f55e997433efe022921f93855db838d473

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwinteriscoming.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 11:39:13 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bde8e71dd200e1bc8e86c9dcc47f2ab4fb1e3b85cc04089ba03f416d1a8edb6d
content-length: 166

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-6383965-2&cid=412210099.1635939553&jid=116549091&gjid=916978996&_gid=2037678278.1635939553&_u=YADAAEABAAAAAC~&z=1091680738

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Nov 2021 11:39:13 GMT
content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 38 KB
11 KB 36ms
8ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/publishers/minutemediaplus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 325d617db2fca03e37c30904b620539367d9223b36a0e61e59cf70b1c94826d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: zusDjbpjUwTUlRyU2.Zf4Wf_3ijBorgd
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 10:21:47 GMT
server: AmazonS3
age: 246
etag: W/"4d2571963ed7754497568692609ff171"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cache-control: public,max-age=3600
date: Wed, 03 Nov 2021 11:35:08 GMT
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: kguJTv2v25DIBPw7dHe2PAfNJx9F1ISxDra62Olw6SH6_TYnM68jqw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 77ms
40ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1577313-14&cid=412210099.1635939553&jid=1902189966&_u=YADAAEAAAAAAAC~&z=712700366

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
65ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1577313-14&cid=412210099.1635939553&jid=1902189966&_u=YADAAEAAAAAAAC~&z=712700366

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C740 8 KB
801 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:30 GMT
server: ESF
date: Wed, 03 Nov 2021 11:39:13 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 11:39:13 GMT

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
368 B 18ms
18ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://winteriscoming.net
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H2 200 4.svg Show response
cdn.equalweb.com/assets/images/ 386 B
601 B 60ms
59ms Fetch
image/svg+xml 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/images/4.svg

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1437731
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2019 12:49:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"dade21906748d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UHPEUYeEDT1lNajmBjngT1hMhk0Ef%2BHhz%2BG%2Bjgi%2FD70fol3rEO3%2FPCAkPxIDwOcublj2jMIva8DO9NiGbN7D15wIFsoab%2FOGRdb52%2BwH9QZHJk0XSpB78EI04ldlB80J0KTR4lphXaMoFdkLO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6a8552213dad5a43-MXP

GET
H2 200 custombtnstyle.css Show response
cdn.equalweb.com/style/ 4 KB
1 KB 26ms
26ms Fetch
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/custombtnstyle.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1437731
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Mar 2020 09:11:26 GMT
server: cloudflare
x-frame-options: deny
etag: W/"0b350e0bbf6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFBu16q4Kl6gi5wyC%2BLyKSPMP8kLeKLi1HQF94L6FYhkXCtT5k%2BwfYR%2Fd2RpDC6LgwV111TDkebvtPGX5J2Mbh%2Fc2sdMt8eUnQRlR6cSRyOE5Anc8LoOpls89OBRC5zl6OJNziuuAaaGMHhLw34%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6a8552213db05a43-MXP

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
506 B 92ms
9ms XHR
text/html 18.66.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22f3-DFdjnrLazk%22%2C%22domain%22%3A%22winteriscoming.net%22%2C%22publisher%22%3A%22Winter%20is%20Coming%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.35%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%223mKEMXXMeOlYIhmyzbHMMw%22%2C%22clientTimestamp%22%3A1635939553476%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-6h0dg7om0ldeop6rm35l%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/35/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 05:13:29 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 28072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: OWlNftubsvfCK09HPEBrxDzf6uMnfzlcCipr-VthjepxmGvhX1yARg==

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 104ms
36ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:13 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 309 KB
106 KB 64ms
10ms Script
application/javascript 2600:9000:2250:ac00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5812391ff8291ec30407a725b0eb8e4e1ef0f32e83ab63ccacdab86052251030

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 18:07:56 GMT
Content-Encoding: gzip
Age: 63077
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 02 Nov 2021 18:07:56 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA60-P2
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: 4eMDKYw1y0WQRuZKpmEwZptNYYzX4NZIVvqH-9O8Z9pLf-xxwdEidg==
Expires: Wed, 03 Nov 2021 18:07:56 GMT

GET
H2 200 /
img.revcontent.com/ 20 KB
20 KB 55ms
10ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1635939553.cds098.fr8.hn,1635939553.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 57ms
12ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
last-modified: Wed, 27 Oct 2021 16:47:48 GMT
etag: "1635353268"
x-hw: 1635939553.cds168.fr8.hn,1635939553.cds130.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=43166
accept-ranges: bytes
content-length: 4298

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C740 125 KB
49 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3QV3RVYDQ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffd8d9e985d0d0139ad2e90391ccb8aa02d37c2d43c8a50683257637e0d6f24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49640
x-xss-protection: 0
expires: Wed, 03 Nov 2021 11:39:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C740 48 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 5887
date: Wed, 03 Nov 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 12:01:06 GMT

POST
H2 200 api Show response
ls.skimresources.com/ 2 B
348 B 38ms
17ms XHR
application/json 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ls.skimresources.com/api

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.117.120.34.bc.googleusercontent.com

Software

Python/3.8 aiohttp/3.6.3 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.8 aiohttp/3.6.3
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winteriscoming.net
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

OPTIONS
H2 206 api
ls.skimresources.com/ Frame 0
0 41ms
16ms Preflight
text/plain 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.skimresources.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.117.120.34.bc.googleusercontent.com
Software: Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://winteriscoming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://winteriscoming.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-credentials: true
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
date: Wed, 03 Nov 2021 11:39:13 GMT
server: Python/3.8 aiohttp/3.6.3
via: 1.1 google
alt-svc: clear

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
88 B 21ms
21ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://winteriscoming.net
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
103 B 525ms
169ms XHR
text/plain 35.155.79.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=biYBOLpLfF
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.79.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-79-112.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:14 GMT
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 2 KB
1 KB 102ms
35ms XHR
application/json 54.72.188.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=winteriscoming&url=https%3A%2F%2Fwinteriscoming.net%2F&bid=biYBOLpLfF&at=Game%20of%20Thrones%20news%2C%20gossip%2C%20videos%2C%20photos%20and%20more&sw=1600&sh=1200
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.188.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-188-165.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: c24cd98ad7e505b35e3a86b8c6f0d94ea567c915637514e7f4ae94ddee6c5d6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.1
content-type: application/json

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame C740 44 KB
44 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://omny.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 138436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

GET
H2 200 60e752c73b6886-63273411.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 58ms
12ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/60e752c73b6886-63273411.jpg

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

44ec7e5471b8b0ed3b472ef3152bb2a206c34f9f76ea4c5662d9b922cfe04e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jul 2021 21:00:49 GMT
server: Cloudinary
etag: "6d56fc11134d5da853de98f83c5447b2"
strict-transport-security: max-age=604800
x-hw: 1635939553.cds154.fr8.hn,1635939553.cds254.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=184;cpu=1;start=2021-08-10T19:23:39.671Z;desc=miss,rtt;dur=0,cloudinary;dur=93;start=2021-08-10T19:23:39.716Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 9880

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
721 B 468ms
118ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=qasmkSbbZUYKVOJTiUQPzXnxzsJOfuLU-FE7fPshldVrqKDsY037JGk3F-E0zCOcVgbVblMA==&pm_ct=0620eb56cadec8e86c415e4b&pm_pl=1635939553681&pm_td=7&pid=1000177&en=1.1&callback=__pm_glbl_9aJbmpvc1zsCN26gqjwfDMrF._gc1&tt=opt&v=e6b1558
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 1c27dcffef520c8d3a33198a35aa63e9fe742838bb221ab54dcd3690b96cc01a

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 11:39:14 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://winteriscoming.net
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 571B 16 KB
8 KB 10ms
9ms Document
text/html 2600:9000:2250:ac00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 995336a0cc4fea8844aa379cc2df08a6c4b0604f0e3e72d9296f4edcae4259b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 15:51:23 GMT
Date: Tue, 02 Nov 2021 18:07:56 GMT
X-Cache: Hit from cloudfront
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Cf-Id: _uZhQE5qsETD9VALjJp9QEt3oolFPCq-glE2HJjxzSAWSrHAsp6IeQ==
Age: 63077

GET
H2 200 middy-desktop-3.10.5.js Show response
cdn.browsiprod.com/sd/apps/middy/ 301 KB
68 KB 28ms
10ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.10.5.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 386e9abeb0ceeac70f6984c946b44ce1a707e116ab217fb390557c6598b66f8a

Request headers

Referer: https://winteriscoming.net/
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:44:27 GMT
content-encoding: br
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1904087
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 12 Oct 2021 09:06:13 GMT
server: AmazonS3
etag: W/"f63692048da417bb426ba93b19441892"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 91121taHo3LBxsSk_7t1RTYPsJHUpIHY
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: 7h3nQNmzVRVij-UhPGHVMUsuXKVu11MY3jiBxRBJSBYU4qzSX8Aoog==

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
274 B 491ms
154ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=qasmkSbbZUYKVOJTiUQPzXnxzsJOfuLU-FE7fPshldVrqKDsY037JGk3F-E0zCOcVgbVblMA==&pm_ct=0620eb56cadec8e86c415e4b&pm_pl=1635939553681&pm_td=57&pid=1000177&en=1.1&callback=__pm_glbl_9aJbmpvc1zsCN26gqjwfDMrF._gc2&tt=opt&v=e6b1558
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://winteriscoming.net
Date: Wed, 03 Nov 2021 11:39:14 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 7738 0
86 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: winteriscoming.net
URL: https://winteriscoming.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://winteriscoming.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/

Response headers

content-type: text/plain
access-control-allow-origin: https://winteriscoming.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Wed, 03 Nov 2021 11:39:13 GMT

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 571B 0
565 B 8ms
8ms XHR
text/html 2600:9000:2250:ac00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000177
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?pid=1000177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 18:07:56 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 02 Nov 2021 15:51:23 GMT
Age: 63077
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: Yc7-uaHDB9_un7HRuNeXnkN2_cma-LmCKMtxPUb1ZLJjGLfxruVCHg==
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
103 B 265ms
168ms XHR
text/plain 35.155.79.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1ad66a87-2407-4281-9d98-81f344494856
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.10.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.79.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-79-112.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:14 GMT
access-control-allow-credentials: true

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 10ms
10ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.10.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer: https://winteriscoming.net/
Origin: https://winteriscoming.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding: gzip
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
age: 3365
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
server: AmazonS3
date: Wed, 03 Nov 2021 11:24:18 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: MJ71LEpc5GQsaz_YjyMUYCxEInaDCUAc-JDh3CLICpampdszdymRjw==

GET
H2 200 web-vitals-1.1.1.js Show response
cdn.browsiprod.com/web-vitals/ 4 KB
2 KB 9ms
8ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/web-vitals/web-vitals-1.1.1.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.10.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 06:13:40 GMT
content-encoding: gzip
last-modified: Sun, 01 Aug 2021 07:57:40 GMT
server: AmazonS3
age: 6672334
etag: W/"07586eaa1229e70590831945798043e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: _tJhsFWk81hj6NJJoeVM7iuST6SacQio
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: HQ7q5cozdm2ifkHHcDGkwQmN94JhG397_WUu2fZbB1QzQpk26HcE7A==

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
104 B 262ms
168ms XHR
text/plain 35.155.79.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1ad66a87-2407-4281-9d98-81f344494856
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.10.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.79.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-79-112.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:14 GMT
access-control-allow-credentials: true

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
103 B 488ms
394ms XHR
text/plain 35.155.79.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1ad66a87-2407-4281-9d98-81f344494856
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.10.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.79.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-79-112.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:14 GMT
access-control-allow-credentials: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C740 48 KB
19 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.omny.fm
URL: https://assets.omny.fm/bundles/embed-3ae6abfa44.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 5887
date: Wed, 03 Nov 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 12:01:06 GMT

GET
H2 200 image.jpg
omny.fm/shows/take-the-black-podcast/playlists/podcast/ Frame C740 18 KB
18 KB 37ms
37ms Image
image/jpeg 2606:4700:10::6814:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/image.jpg?t=1599119997&size=Small
Requested by: Host: winteriscoming.net
URL: https://winteriscoming.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 11:39:13 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Sep 2021 06:21:28 GMT
server: cloudflare
age: 1446995
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *, Accept-Encoding
content-type: image/jpeg
expires: Tue, 19 Oct 2021 06:21:28 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6a855223ffdc5a13-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17957
cf-bgj: h2pri

GET
H2 200 waveform Show response
www.omnycontent.com/d/clips/33250137-f269-48a3-86dc-abcd016c932f/da29fca5-54db-4b26-aa65-ac2b008398a4/40b6c56f-21ee-4091-815c-adcf0144ce39/ Frame C740 18 KB
16 KB 54ms
9ms XHR
application/json 2600:9000:225e:3200:b:13ba:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omnycontent.com/d/clips/33250137-f269-48a3-86dc-abcd016c932f/da29fca5-54db-4b26-aa65-ac2b008398a4/40b6c56f-21ee-4091-815c-adcf0144ce39/waveform?t=1635450514&token=GUITYuXRH5RnmSuLDzXu2vt1FGoeBdyp
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:b:13ba:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d6485f19a363856253432507358a6f081494e8b64b7b7d73351ee9ba11876ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 19:49:45 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
age: 488969
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 28 Oct 2021 19:48:34 GMT
server: cloudflare
etag: "0x8D99A4BEDA2A70B"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
content-type: application/json
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
cache-control: public, max-age=5184000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
cf-ray: 6a56b06d3a014e9d-FRA
x-amz-cf-id: ngfFoHtRqFGPUspO1m7w-1QQTm3Ip08n_0xKWLRo2XHDmnt1pk7t6g==

POST
H2 200 v2eqirD8MQ_hxRsQsV44cUE1F6-FYH-6Ui3f39kgqBNrA5beL5Vyi11yZodnJX1x87za1Sme_ Show response
memorizeneck.com/ 216 B
615 B 61ms
19ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://memorizeneck.com/v2eqirD8MQ_hxRsQsV44cUE1F6-FYH-6Ui3f39kgqBNrA5beL5Vyi11yZodnJX1x87za1Sme_

Requested by

Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

b015e18caf53e3b0fb3b8c1166e23eaedae27b3da3cd5503c38e4b08f371587d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 03 Nov 2021 11:39:14 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winteriscoming.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 03 Nov 2021 11:39:13 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
274 B 229ms
115ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=qasmkSbbZUYKVOJTiUQPzXnxzsJOfuLU-FE7fPshldVrqKDsY037JGk3F-E0zCOcVgbVblMA==&pm_ct=0620eb56cadec8e86c415e4b&pm_pl=1635939553681&pm_td=363&pid=1000177&en=1.1&callback=__pm_glbl_9aJbmpvc1zsCN26gqjwfDMrF._gc3&tt=opt&v=e6b1558
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://winteriscoming.net
Date: Wed, 03 Nov 2021 11:39:14 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 flyoutInjector.js Show response
app.fansided.com/scripts/ 3 KB
2 KB 59ms
8ms Script
application/javascript 2600:9000:2251:fc00:1b:3a6c:1300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fansided.com/scripts/flyoutInjector.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:fc00:1b:3a6c:1300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winteriscoming.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 10:45:33 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 19:19:16 GMT
server: AmazonS3
age: 6735
etag: W/"ffad40a56d1cafd94dfb7932bd879384"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: NxpzXKBqXrAcSxKhOv48WFltr8_dMXle6EsDyKXTyw5CbDhkL32mxQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame C740 4 B
83 B 22ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1007338070&t=pageview&_s=1&dl=https%3A%2F%2Fomny.fm%2Fshows%2Ftake-the-black-podcast%2Fplaylists%2Fpodcast%2Fembed%3Fstyle%3Dcover&dr=https%3A%2F%2Fwinteriscoming.net%2F&ul=en-us&de=UTF-8&dt=Take%20the%20Black%20Podcast&sd=24-bit&sr=1600x1200&vp=800x180&je=0&_u=YAhAAAABCAAAAC~&jid=1737254782&gjid=1564325682&cid=1244348034.1635939554&tid=UA-23669758-4&_gid=737644723.1635939554&_r=1&_slc=1&z=42170803

Requested by

Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://omny.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://omny.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 34ms
34ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:14 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 37ms
36ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.68.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:14 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame C740 4 B
82 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-23669758-4&cid=1244348034.1635939554&jid=1737254782&gjid=1564325682&_gid=737644723.1635939554&_u=YAhAAAAACAAAAC~&z=1768712359

Requested by

Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://omny.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Nov 2021 11:39:14 GMT
content-type: text/plain
access-control-allow-origin: https://omny.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2ignj6Dp_cb1Qu4dslRDQW47DfKyRZYwMhO_RZPeDA-ht6lmZlH0hIBxye6jQYLCwSv-vRBs Show response
memorizeneck.com/ 3 B
36 B 122ms
122ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://memorizeneck.com/v2ignj6Dp_cb1Qu4dslRDQW47DfKyRZYwMhO_RZPeDA-ht6lmZlH0hIBxye6jQYLCwSv-vRBs

Requested by

Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Wed, 03 Nov 2021 11:39:14 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winteriscoming.net
access-control-allow-credentials: true
x-hostname: 94ecd830
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 200 ga-audiences
www.google.com/ads/ Frame C740 42 B
107 B 37ms
36ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23669758-4&cid=1244348034.1635939554&jid=1737254782&_u=YAhAAAAACAAAAC~&z=90921058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame C740 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23669758-4&cid=1244348034.1635939554&jid=1737254782&_u=YAhAAAAACAAAAC~&z=90921058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omny.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 11:39:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
103 B 168ms
168ms XHR
text/plain 35.155.79.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=1ad66a87-2407-4281-9d98-81f344494856
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-3.10.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.79.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-79-112.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winteriscoming.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://winteriscoming.net
date: Wed, 03 Nov 2021 11:39:14 GMT
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist	1970-01-19 22:35:44	Name: stateCode Value: HE
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist	1970-01-19 22:35:44	Name: countryCode Value: DE
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist	1970-01-19 22:35:44	Name: cityCode Value: FRANKFURT
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist	1970-01-19 22:35:44	Name: isMobile Value: false
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist	1970-01-19 22:35:44	Name: isTablet Value: false
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist	1970-01-19 22:35:44	Name: userDevice Value: desktop
winteriscoming.net/wp-content/themes/fansided-v5/assets/images	1970-01-19 22:35:44	Name: stateCode Value: HE
winteriscoming.net/wp-content/themes/fansided-v5/assets/images	1970-01-19 22:35:44	Name: countryCode Value: DE
winteriscoming.net/wp-content/themes/fansided-v5/assets/images	1970-01-19 22:35:44	Name: cityCode Value: FRANKFURT
winteriscoming.net/wp-content/themes/fansided-v5/assets/images	1970-01-19 22:35:44	Name: isMobile Value: false
winteriscoming.net/wp-content/themes/fansided-v5/assets/images	1970-01-19 22:35:44	Name: isTablet Value: false
winteriscoming.net/wp-content/themes/fansided-v5/assets/images	1970-01-19 22:35:44	Name: userDevice Value: desktop
winteriscoming.net/wp-content/plugins/mm-video/styles	1970-01-19 22:35:44	Name: stateCode Value: HE
winteriscoming.net/wp-content/plugins/mm-video/styles	1970-01-19 22:35:44	Name: countryCode Value: DE
winteriscoming.net/wp-content/plugins/mm-video/styles	1970-01-19 22:35:44	Name: cityCode Value: FRANKFURT
winteriscoming.net/wp-content/plugins/mm-video/styles	1970-01-19 22:35:44	Name: isMobile Value: false
winteriscoming.net/wp-content/plugins/mm-video/styles	1970-01-19 22:35:44	Name: isTablet Value: false
winteriscoming.net/wp-content/plugins/mm-video/styles	1970-01-19 22:35:44	Name: userDevice Value: desktop
winteriscoming.net/	1970-01-19 22:35:44	Name: stateCode Value: HE
winteriscoming.net/	1970-01-19 22:35:44	Name: countryCode Value: DE
winteriscoming.net/	1970-01-19 22:35:44	Name: cityCode Value: FRANKFURT
winteriscoming.net/	1970-01-19 22:35:44	Name: isMobile Value: false
winteriscoming.net/	1970-01-19 22:35:44	Name: isTablet Value: false
winteriscoming.net/	1970-01-19 22:35:44	Name: userDevice Value: desktop
.doubleclick.net/	1970-01-19 22:25:40	Name: test_cookie Value: CheckForPermission
.scorecardresearch.com/	1970-01-20 15:42:27	Name: UID Value: 1IRVTWIASIQOUCDJ3QBGXTg1635939553
.winteriscoming.net/	1970-01-20 15:56:51	Name: _ga_NB8RD6J3M6 Value: GS1.1.1635939552.1.0.1635939552.60
.winteriscoming.net/	1970-01-20 15:56:51	Name: _ga Value: GA1.2.412210099.1635939553
.winteriscoming.net/	1970-01-19 22:27:05	Name: _gid Value: GA1.2.2037678278.1635939553
.winteriscoming.net/	1970-01-19 22:25:39	Name: _gat_UA-1577313-14 Value: 1
.winteriscoming.net/	1970-01-19 22:25:39	Name: _gat_UA-6383965-2 Value: 1
.winteriscoming.net/	1970-01-19 22:25:39	Name: _gat_UA-36315219-49 Value: 1
.winteriscoming.net/	1970-01-20 00:35:15	Name: _fbp Value: fb.1.1635939553271.547818154
js.ad-score.com/	1970-01-21 18:14:52	Name: token Value: bqcrNJkvdOgZZ-zcmc-zKxdnuIAIiGzg
winteriscoming.net/	1970-01-19 22:27:05	Name: pmtimesig Value: [[1635939553689,0]]
winteriscoming.net/	1970-01-19 22:25:41	Name: __browsiSessionID Value: 33b26efa-d278-4323-b73e-ff959f5ea7ea&false&false&DEFAULT&de&desktop-3.10.5&false
winteriscoming.net/	1970-01-20 07:11:15	Name: __browsiUID Value: 4cfedb30-7f6e-4870-8b7b-0c497b785ad1
.omny.fm/	1970-01-20 15:56:51	Name: _ga Value: GA1.2.1244348034.1635939554
.omny.fm/	1970-01-19 22:27:05	Name: _gid Value: GA1.2.737644723.1635939554
.omny.fm/	1970-01-19 22:25:39	Name: _gat Value: 1
.winteriscoming.net/	1970-01-21 00:42:27	Name: _awl Value: 2.1635939554.0.4-2ce6927f-fcf486c17f7dce9e5c08ef1ad2bffe67-6763652d6575726f70652d7765737431-618274e2-0
data.ad-score.com/	1970-01-21 18:14:13	Name: token Value: DgROlArgSaKCo-xt3x-NdMTwTtJPZCRw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.18 Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://omny.fm') does not match the recipient window's origin ('https://winteriscoming.net').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
analytics.google.com
app.fansided.com
assets.omny.fm
assets.revcontent.com
audit-tcfv2.quantcast.mgr.consensu.org
c.amazon-adsystem.com
cdn.browsiprod.com
cdn.equalweb.com
cdn.fansided.com
cdn.raygun.io
cdn.revcontent.com
cdn3.optimizely.com
connect.facebook.net
d3ujids68p6xmq.cloudfront.net
data.ad-score.com
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
gammamaximum.com
images.revcontent.com
images2.minutemediacdn.com
img.revcontent.com
js.ad-score.com
ls.skimresources.com
memorizeneck.com
middycdn-a.akamaihd.net
native.sharethrough.com
omny.fm
p.skimresources.com
platform.twitter.com
quantcast.mgr.consensu.org
r.skimresources.com
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
test.quantcast.mgr.consensu.org
trends.revcontent.com
winteriscoming.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.omnycontent.com
yield-manager.browsiprod.com
104.244.42.72
13.32.99.90
130.211.115.4
142.250.186.134
143.204.98.90
151.101.66.217
151.139.128.11
172.217.18.98
18.66.109.174
18.66.97.52
18.66.97.80
199.232.136.157
2.16.186.24
23.37.32.235
2600:9000:223d:e600:17:62f0:2dc0:93a1
2600:9000:223f:7400:8:48e:53c0:93a1
2600:9000:2250:ac00:a:deb0:3380:93a1
2600:9000:2251:fc00:1b:3a6c:1300:93a1
2600:9000:225e:3200:b:13ba:bb40:93a1
2600:9000:225e:da00:3:a4cd:8380:93a1
2600:9000:236e:d400:9:46dc:4700:93a1
2606:4700:10::6814:6a3e
2606:4700:10::6814:6b3e
2606:4700:20::ac43:4771
2a00:1450:4001:802::2003
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9d
2a02:26f0:ef::5c7b:c27a
2a02:26f0:ef::5c7b:c2bb
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.117.212
34.247.9.63
35.155.79.112
35.190.48.184
35.190.59.101
35.190.91.160
35.201.67.47
35.201.98.64
52.222.206.80
54.72.188.165
92.123.225.50
003de53b7bc53a562c93be65a09abbc7ada4cd915628228c8fa7caa50a1d882e
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
04e94049f021c04df2fd03c9eb6736233808ec2ad4671fdfff7488627c4bcae4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a919ef477d47a8e6e7cdfb4da000abe193428a1b14ee072016c843d90bc5953
0b10c702e6f34b9a212351e9ebbd195aae9521bf8a09e7312277df607f632871
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be
0b5ea38631a92e351ee2023ed5cc1f7560d1bc370b41a33c83484832a1651b85
0d10f4ec4e25b50966bfaa6fdee4f96061888778f10f00616e91b6df37979565
100ad7bd82cb6e596e4f4b193b6ea3a0f08f8275ec9aefa938f4d9021514e076
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
131ed8e00c533d7b5c15c868d5d6c11bd969db51f2edba24c22b81e8a4599ebf
14e6ca0167f6a25b412bfd7b0061ab643215a6de77d9799977a393096f4ae781
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae
1c27dcffef520c8d3a33198a35aa63e9fe742838bb221ab54dcd3690b96cc01a
1d6485f19a363856253432507358a6f081494e8b64b7b7d73351ee9ba11876ee
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5
291b6c31a5fc1656f5ddcd7bb567678aa1983f067516e84ccbf9214d6f70c61e
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141
325d617db2fca03e37c30904b620539367d9223b36a0e61e59cf70b1c94826d7
335fc3bb35064b238344bc27fbe29a243f6122f217a4222483ed6e75f4f9012d
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66
386e9abeb0ceeac70f6984c946b44ce1a707e116ab217fb390557c6598b66f8a
3c98caa3264bbb9d4e5dff06fa071e1c038683fb6563dcce40a8d7300eb0c80c
3e507692cb026ae53a32d140da1e6e251e96d5b5e0fafc41addb11ef8ba5ea24
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4309747c4b1d9469507c7fe04d6472a4dc4df6b05b69c54cd0eaaa5ee081af9f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447a6c6e30f0a5e502248effde8e143948e1bb084646edc30761bb5b316ff9f7
44ec7e5471b8b0ed3b472ef3152bb2a206c34f9f76ea4c5662d9b922cfe04e3b
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
49d3ff5dcffc4e5812f6f5173ee12902577ed3a894ee57d2e90b666dd7fdaf79
4e277a2f3fd2998bbb8c6c74ecb2307a3bb17c5642b48547f15777308c5c92a1
55ad22cba594ee369441d15314da77d2dc7df216a93d0ea92aa632141e0782a9
5812391ff8291ec30407a725b0eb8e4e1ef0f32e83ab63ccacdab86052251030
5896848930c90cde811bebd8423c831fdbb596b1e0d92a1327e52f3b8e42847b
58f5d902861046c3903729e215261ae7d00dcc58ce09c6967c0609a75b5c30e3
596ebdc41f1151b28dff45a01929b534b35317866dc1d21abd887b1934a7218c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
65b8470967f6951ba5aa4fa9b003b100a462409068e3b5f2887f52e56e8fa7b9
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67902d0eff4e6841fff7a38d9dba092e0f772e741b6c02ba44906d663c8c37ac
68d40868359f3422fb0df86a68a7b8a61fac9b857fe4baf182bf45ae09abd153
68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72c2cdeaf9599fb4ac149770bfefe80ccc888152449dae5331907261fb33c8fb
731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6
76f8cf4b3881c1b76ceadc8f9c19df31f1278b1a6ee0747c42e5d526b1335047
7a8f9cc75ab074c223b46eada8c82edbaaa36f7e7ba3f59bfef40a28bb9530b4
7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
8223e8f7d82b2783e43b2eaf98610424b782b42be7cef11ac125e159cc494b33
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9
8ebf246d26f494d0c715e03433ac0d4379b7672ee7702986d31d387177a49e66
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
995336a0cc4fea8844aa379cc2df08a6c4b0604f0e3e72d9296f4edcae4259b0
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9ce4363334d76dddd8e7b5f7f825c01276eb79dd85ee380ce9ac995093719b7c
9f709510dfb520a578a0c5fdef04a31b330da4f3f7500d491cd110eb97e3c1de
a12f5d170cf284998463a6eb668a4245f5e58bf75e40060cdf8abf837992a3dd
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a9c5916570de55dfec84a34937e2186442d1e5f0195616e3d3c01ef034c8ba9d
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b015e18caf53e3b0fb3b8c1166e23eaedae27b3da3cd5503c38e4b08f371587d
b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec
b1433e652b299bc325c66f0c8c6cd5b1126d0624618ca7cb59a228bcfbc0a441
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c
b3f33c5b51e4602f59ca596715c10d10b0d05495e92fa2ca0d670cc5b149c5a1
b45d23b42010fbd26ad3a9c5233b4fbdce446122c4ebd0714c4a05caae421c7d
b58d89b696ad4f1655b4d6bcf65fb264f65f40a83dfe8bcde26c4025c3b0abfc
b7ad4dc3be5714d020f07c5d0e03d5df690c88ca7284b19eccd377ddb08c0eae
b80835bcc1d8a960c1dd6887c1dcd124a80ec14d0050d0894807e5768002dfaf
b8ed5b9a1b3af80ad20de85350e9b9ad53c8307f58d8cd5be06c11dcf87999ca
bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786
beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20
c203be1e625bd6fe0e61b6eb02455d21901727ac08a7afc21903e45163f52a07
c24cd98ad7e505b35e3a86b8c6f0d94ea567c915637514e7f4ae94ddee6c5d6c
c2d37be207c0669c1f7902516f35e903fd5ce30e89f56091c5649c5c565b8daa
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c93684561dcb20c18aeb6598b268603bf018c6261e85c69e939ab061b7865aed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdcfe798d0f7bac375a28b5ebe918d9b150d67f7cb8eea40ea956ac579f65f95
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d3e11b7e61d20c17894996aa2ccb7209aa276eb56d76390e9a67e595694c99d3
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec
dab5a6eb20f9941a03af10b068d9f825421a2a3391fc5be034389cbfbb19e640
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c30e6390f3faf13b21c8e993589627dfaa7738d1b87546d18a6cab8282171e
ecd8799f73c6448e0900077d29c47a134dc4e755c1a3d2d1b17171fad091f65a
ee2c26f605e3c220fbc18af86c4a5a3e759f296739fa18987e459f477ba3e118
ee5cee59a5aae5b3a05e9ba3de8f668ccb79b0f03a304d243e4633e081981440
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9912bf876f6089f6a88ef55bb61eb40044952e3eb472ee7edc40b3e18622b6
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc
fa5635b7c396ca07c31a8239f408fb2414af05bd296ed59803c862c0df336943
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffd8d9e985d0d0139ad2e90391ccb8aa02d37c2d43c8a50683257637e0d6f24d

winteriscoming.net Open in urlscan Pro 2a02:26f0:ef::5c7b:c27a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

153 Requests

99 %HTTPS

48 %IPv6

32 Domains

52 Subdomains

49 IPs

4 Countries

2509 kBTransfer

8416 kBSize

42 Cookies

91 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winteriscoming.net Open in urlscan Pro
2a02:26f0:ef::5c7b:c27a Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

99 %
HTTPS

48 %
IPv6

32
Domains

52
Subdomains

49
IPs

4
Countries

2509 kB
Transfer

8416 kB
Size

42
Cookies

153 HTTP transactions
1 data transactions