URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Submission: On August 05 via api from US — Scanned from NL

Summary

This website contacted 18 IPs in 6 countries across 14 domains to perform 89 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wintermu.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2023. Valid for: a year.
This is the only time wintermu.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
30 wintermu.net
wintermu.net
712 KB
17 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2908
60 KB
11 discord.com
discord.com — Cisco Umbrella Rank: 2174
192 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
213 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
6 KB
4 gstatic.com
fonts.gstatic.com
52 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 55
region1.google-analytics.com — Cisco Umbrella Rank: 1869
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 745
script.hotjar.com — Cisco Umbrella Rank: 967
59 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 726
scontent.fpdv1-1.fna.fbcdn.net — Cisco Umbrella Rank: 360356
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
142 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1192
606 B
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11021
84 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
89 14
Domain Requested by
30 wintermu.net wintermu.net
17 cdn.discordapp.com wintermu.net
11 discord.com 1 redirects wintermu.net
discord.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 pagead2.googlesyndication.com wintermu.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com wintermu.net
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com wintermu.net
1 scontent.fpdv1-1.fna.fbcdn.net wintermu.net
1 static.xx.fbcdn.net wintermu.net
1 i.ibb.co wintermu.net
1 fonts.googleapis.com wintermu.net
89 18

This site contains links to these domains. Also see Links.

Domain
i.ibb.co
www.facebook.com
discord.gg
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-27 -
2024-02-27
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
i.ibb.co
R3
2023-06-11 -
2023-09-09
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-05-14 -
2023-08-12
3 months crt.sh
*.fpdv1-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA
2023-07-01 -
2023-09-29
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
www.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh

This page contains 11 frames:

Primary Page: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Frame ID: F0C1563600DBD43E2A527BAF07CE48CF
Requests: 51 HTTP requests in this frame

Frame: https://discord.com/widget?id=1131247541556629675&theme=dark
Frame ID: 9A377CA2FC6B0827FDE8096BE43B70E0
Requests: 25 HTTP requests in this frame

Frame: https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Frame ID: F73FA9DFE224AECA30375B1D01548B72
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: 13E16B7E6465C8AED741B4A66B11BF86
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&adk=1812271804&adf=3025194257&lmt=1691226412&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412534&bpp=3&bdt=1595&idt=316&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1884152824817&frm=20&pv=2&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=342
Frame ID: 392EBF087809E7F6C9AD14C8B1863CD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=5544981003&adk=2573118991&adf=3634608947&pi=t.ma~as.5544981003&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412537&bpp=2&bdt=1598&idt=353&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=I9tfnrIFzs&p=https%3A//wintermu.net&dtd=358
Frame ID: 443D7DD1DC090C07B99638AED8BA4881
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=1830986859&adf=2300108534&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412540&bpp=1&bdt=1601&idt=362&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AIWzYCCn9a&p=https%3A//wintermu.net&dtd=366
Frame ID: BA9B9F887905C924C848DF1EA99FA0B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=1830986859&adf=2084190065&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412541&bpp=1&bdt=1602&idt=368&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JCcP7gxPew&p=https%3A//wintermu.net&dtd=400
Frame ID: 508888CB95799FB10C25466A97189524
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=2154399238&adf=2084764165&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412541&bpp=1&bdt=1602&idt=405&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127%2C777x127%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JkbcynEt28&p=https%3A//wintermu.net&dtd=408
Frame ID: E9BC98D3A4982F29715D4E1C99F1A28B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1FB9D0F567E45E065E1A14428FCFA6E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C938D1C53CECB4FD876AD7D1402593EE
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

WinterMu.NET

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

89
Requests

99 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

18
IPs

6
Countries

1546 kB
Transfer

3445 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://discord.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

89 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wintermu.net/
193 KB
8 KB
Document
General
Full URL
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.16
Resource Hash
bca999ba53ba5d23ad5fd63c4c10dd654b48cfd5a111005708eea76b74c509a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
7f1de2e7581f0e2f-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 05 Aug 2023 09:06:50 GMT
expires
Sat, 05 Aug 2023 09:06:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kpk20Qesliy8Cn%2FnriFV37iwv8UlgXVVExUSqHk5p%2F5Ib36iQDcKIpQgeEWHfTywKC9ZgVIgk9%2B6oMGn5z86JE1Uwp6KfiDYfibZL8S9RKIwfxhMlWK0NqIhqGZinNqX%2Buf6oKp8HyrIcos%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.16
bootstrap.min.css
wintermu.net/css/
156 KB
24 KB
Stylesheet
General
Full URL
https://wintermu.net/css/bootstrap.min.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-26f21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BW5Z4Y8Jux1iJlx10SBT%2BRxYd%2BcbrIPnjTiNS0YrRZE5VliwYNRPFEraGVBQSroitFOjzzVIv2ZOV1qBKcJvhFSiSuir44cC2fukwkavR4WgaDKpBzbBuzHMNu6mSgsrTSr7z5IUo36Qns%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f640e2f-AMS
alt-svc
h3=":443"; ma=86400
bootstrap-reboot.min.css
wintermu.net/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://wintermu.net/css/bootstrap-reboot.min.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9430c4e27c3d558184eac01bec190ddeb490408ddfc75d65d8342ecb302f894d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-f5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENstrnak7CfG%2Fb7448gsVTnA9tm8JYWR%2Fk6JI9LEXF5JUbogL6Il8e%2BQC6LZ84YYO1ZRVhmnvJIcEVh%2Bom3G7i4uo0YqpomEh1Cqp5kObEwUx8jvgez1Do7XbUfg6lwNN3BbOsLjYih3S1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f650e2f-AMS
alt-svc
h3=":443"; ma=86400
bootstrap-grid.min.css
wintermu.net/css/
50 KB
7 KB
Stylesheet
General
Full URL
https://wintermu.net/css/bootstrap-grid.min.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6ba90d2d98b4947d955848bc7f8d4f6dd46c65b292f723e40984d192dbec32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-c6fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahpcxNjx9fP6Ib6MJj2wAYGyF8CfMmsevAWgHhADX7D%2BSv7D%2F95eySH99w5RnEvU3LcC2T9nFjRb7q0bCXlMoY4CoKh0N9g0hVhpgTKiNFwQhe26dyJRWnqzTGkJzMSX3LyK18Vb5FA1Pd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f660e2f-AMS
alt-svc
h3=":443"; ma=86400
all.css
wintermu.net/css/
74 KB
13 KB
Stylesheet
General
Full URL
https://wintermu.net/css/all.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4cfad899d8b13f9d87dcd334d6b6915ca2f1dd13bc3b7126a46061881b9ce4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-12759"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZ64g7Zgtiys7Sgn2TVjg4gIv6PO3lYwMeEKV85xLkGce6cf8wSEblXBD1E2iHAehw0ShK4QqYeTK4HVkKfwNb%2FMbZcY%2FwRDcUDDXUyuxGV8im6isIdgS6OHxZh%2F%2Fdfh1Egp6yU3nJDmi08%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f670e2f-AMS
alt-svc
h3=":443"; ma=86400
jquery-ui.min.css
wintermu.net/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://wintermu.net/css/jquery-ui.min.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1042ffe4df1408543d221405f2970ed86ffdcd66380459c3b9295d6cd2067189

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-7821"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUGpflhRAX6HYojc6MBK8Zfy%2BglhbP8ESXeGA4VMUlsvG3WCjqnoX7%2Bm%2BkJPC7hQHym3XUGDAc6cB7ZekP1VtKNCVIqCVS%2BIu%2FqsKN7ewgMLwt4gRboX%2Fg8N3C1RGdoM%2FYcTDx4f6n4vGXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f680e2f-AMS
alt-svc
h3=":443"; ma=86400
jquery-ui.theme.min.css
wintermu.net/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://wintermu.net/css/jquery-ui.theme.min.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7ea6952b3f12189d531efd4905db834272b8ab0432c34046a3e7c95dec1633f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-361b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZQjTONlxFGzHBxR0JNfB4xXOW4xAlv3cp8lniFnhDV8Ie3A56eZ8Zfc4lS0aLVYJ0pXbcW3jyI25co%2B6Xyj6GAe%2BIyIe6jYrpgfOMy4Hy%2BnsoP4CAyKgIDRMXuZvEfU7mpHYmdS0Ac%2Bbn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f690e2f-AMS
alt-svc
h3=":443"; ma=86400
jquery-ui.structure.min.css
wintermu.net/css/
15 KB
5 KB
Stylesheet
General
Full URL
https://wintermu.net/css/jquery-ui.structure.min.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
829990603089761ab2406bf8b695c71e5c360f76a5c352da1beb1df394047fce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-3cc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xN803Fx10tpVngRc%2BUMU4TMFBuyI5cHnrSfFG8eKCmmeeTrXlyLjaFKiAhq6O8cX558eJlTynB6c9M4tWuKss215RRRBeV%2FaZ6lOzdWyZRHiEiSw8qvYLJ5cSND14qjGNldm3fDYvgLIFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f6a0e2f-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Play:400,700&display=swap&subset=cyrillic,cyrillic-ext
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8397e4f324463ad7c95564375e1275f675cf31196d62677ec588df46505d7792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 05 Aug 2023 09:06:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 05 Aug 2023 09:06:51 GMT
select2.css
wintermu.net/css/
15 KB
2 KB
Stylesheet
General
Full URL
https://wintermu.net/css/select2.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-3a75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4WN5Jm0tmJmqKou3rsfCROR%2F3YSvYJtUgxZgA5snioDw7uhFSORrcmvFDMZsn%2BdP8cjAsMWMg5dL6HPPfVjInnLxvHsf7tllMbK6OM8sbzQ6CxgutzKdLWrwBPU5ZJYfsOg0Pb%2B4rgcEWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f6b0e2f-AMS
alt-svc
h3=":443"; ma=86400
timeTo.css
wintermu.net/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://wintermu.net/css/timeTo.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a346346c08a521651ccc84e58b04bd1d7c04e1d4c47b1fc5909638b9f5912eab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-10b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX92VXt2gMSLhaesd2uyiXDXZNOtz8Iq2vgzlWaT2jI3c4iIQ7UfijXvbl2zUrsZktnMC2KiWu%2B14U275SuV2r1vkFfeKh04UjoaaGS375EpCYEgiSYcKXrtCazVcbnG0uIIoChSIDcnqgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f6c0e2f-AMS
alt-svc
h3=":443"; ma=86400
style.css
wintermu.net/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://wintermu.net/css/style.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c6b10806c463a265a817201603ae73c333dff1049a2560f237d63963118a0e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 23 Jul 2023 14:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64bd33da-624b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY2GaTcnF0DH67ujztPWT3vTI6B3tFRCr2AyrFRcMh4DHaKw0Gv2JG5NAKqDdvmt7XkD%2BeitlUAKfbRQxINckJEYO7sc6u43Z1Jdl%2FXYxMYDZvDSKamcKU9eQB%2F4TQbXSxLOIcHsQjXjUXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ec8f6d0e2f-AMS
alt-svc
h3=":443"; ma=86400
helpers.css
wintermu.net/css/
990 B
728 B
Stylesheet
General
Full URL
https://wintermu.net/css/helpers.css
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d931a6198b81453b6a3a9ff22a9b23b02e75c2e3f515351d2c966d8eaf6217

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca555-3de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpHAoUwzusQ0vIGEQ9P4WjLa57evVsM8r2rMAaOk5LRu2nDwpGZ5auYz3kBaDF5t1RrnX8LXQLn0gLy0hKRlUzDQLq3sJRVvFP3ZQKT9UL7kvew4AzPjFU2Ac9EGFL4W5O591%2F8bLlsxEgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7f1de2ecafa30e2f-AMS
alt-svc
h3=":443"; ma=86400
jquery-3.4.1.min.js
wintermu.net/js/
86 KB
31 KB
Script
General
Full URL
https://wintermu.net/js/jquery-3.4.1.min.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQZPhAHfLSqYlMyz9m7l%2BPVeCKpGjsGIIBGdcKHyzL%2BI9816cerSoATHzOpj3leK6muYsIwWiXRWjElRnMMsW%2FgmXqiBPa9vIrFKExxbkWgsNTi9ou65Zs30zeimGfIX13XeJcRsTG8ek6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2ecafa40e2f-AMS
alt-svc
h3=":443"; ma=86400
jquery-ui.min.js
wintermu.net/js/
248 KB
68 KB
Script
General
Full URL
https://wintermu.net/js/jquery-ui.min.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9df9dd09bfb72a4c9be67062b12599b8dad2123709bc4d85639f5281c713a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-3def0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2kVC28HGUo4jBc7fuO31Ha%2BvxXWTSJaMmf3PHqpCcTmIcGNPeq08NffceziShi66wkarTzkE%2BQRs4ttNuP93BBM0L%2FuSFJiTK3qoQO5RVKWjH5R5FFvQoiQH6PwHPJZGQjzyoq%2BSZSL9zs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2ecafa50e2f-AMS
alt-svc
h3=":443"; ma=86400
jquery.collection.js
wintermu.net/js/
46 KB
9 KB
Script
General
Full URL
https://wintermu.net/js/jquery.collection.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89faaa6e9f8cc7e8fb9104f314c617490bd774d5a1943907f5c479631d906ee3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-b9ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bTvVdUSpfD%2F%2BwdZx6ZKhFpsyupXI9nlrqIl6RlYVMovuDzCOtVHn%2B6PQbG9TRa%2BfgdbKc4N2QT6mcQ4KxyuAhUubEjHaucZyytIue3q93QvlPNyS0x6li7MzWGr7O%2BsWuwUB9wV4XlB9hM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2ecafa90e2f-AMS
alt-svc
h3=":443"; ma=86400
jquery.time-to.min.js
wintermu.net/js/
10 KB
4 KB
Script
General
Full URL
https://wintermu.net/js/jquery.time-to.min.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
657020c0e022a54f14c4d69b3d099c60d5f8e884f9a26bfd4429aadb6e3b153f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-2779"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX8BP2rXnO6F9MOsT%2BbqwCnJ2n8nrG1FoSnK3PIef%2BLz3qzzwPn1sq3NwalZb6hW7qblSm3QsnglKOqTzfBfQ5W%2FP6STCPTaFkpUzBBkCEFVJ9naVzRgpA7GVGbm7p7X8dL%2BSZg%2BqBguF9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2ecafac0e2f-AMS
alt-svc
h3=":443"; ma=86400
app.js
wintermu.net/js/
781 B
616 B
Script
General
Full URL
https://wintermu.net/js/app.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f1a793da3cd95b5d3a4f0d3b5447e53a1d93e9cde5b9d75eae6fd632384ba46

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-30d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzQivgJzIgBkMfbTDuC159xBLF5mvqoWBVWjBACNqiElRxOpqtl9ZjRvqtf5rf1hZFHyrxzJ26UXtGH0TaBS%2FOr1la1NEaT0qKa0sb1Ya94sN%2BxlIuOlRRy%2FbgX7eKNPElbveqLv6D%2BFrds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2ecafad0e2f-AMS
alt-svc
h3=":443"; ma=86400
select2.js
wintermu.net/js/
69 KB
20 KB
Script
General
Full URL
https://wintermu.net/js/select2.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-114c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUBylQR31%2B4Fd1FlN7Lr3XWHpCiM%2BpBOsnGmRLtpHrLaFftJSyT5ek4RL2fwvt31IAcPXLYxZCtEnv4AKkEirABTT%2FxPPgqUOXG71IdIFl9%2Fo0fNLUfgFHaV%2FXEpXECkZ9IR3CBwf03r9PQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2ecafae0e2f-AMS
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbe3aca986802b4970841411e114ac9ca11eb9b04b9d9ca49faa636a7e650901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50534
x-xss-protection
0
server
cafe
etag
17019839891400606325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 05 Aug 2023 09:06:52 GMT
js
www.googletagmanager.com/gtag/
179 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-166024579-1
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ca738855262c6337002d070987052c220214b3f537b3544982e6b3c535a0cef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66528
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 05 Aug 2023 09:06:52 GMT
header.png
wintermu.net/img/
316 KB
316 KB
Image
General
Full URL
https://wintermu.net/img/header.png
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ca100fb9972c5a6153803ee3bf77ed05d5d705afbaa28a75cd886d822b4e55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Mon, 12 Jun 2023 16:37:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"648749bb-4eef6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuBja3gMlyyqtBfRMYbt%2BHOVBucLldIjibFfjBbjBCbQ8w85fqhGciOGqX133XkhFAPZQ301FhFrxIEGsBOAWN2AhksPItSH8ma1kqxLVeSA7la7YdwkEypkcBTo9D%2F%2FwOGI%2FvTZLPaoCt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45be1b76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
323318
1.gif
wintermu.net/img/classes/
9 KB
9 KB
Image
General
Full URL
https://wintermu.net/img/classes/1.gif
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188af122f2dc84bcffc78ad98e4403619ad3cf8543342bd5cb68ab9149895318

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-229e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Bq8Ur6gVKc%2FkdpWdPalyLFRwNfeqdyZVAE3SFtRdiCGdfI5Ssb3dUyciirY1oU%2BSINHxMvc1PucFF0YBZM6MSWpMEPyD90I5LcxU4ZFMnbFjcDJARStouXXnGJdTCfczIxZJipsPGwJDns%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45be2b76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
8862
17.gif
wintermu.net/img/classes/
9 KB
10 KB
Image
General
Full URL
https://wintermu.net/img/classes/17.gif
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74dd33957a17e836d3f5bdf162439e98a5562d4d7f91beb6b8da3d0edda6cf71

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-25c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gka8UjxoqqEaQ4jlGfszS6xTbZ8KNabeg%2FZHpzBzB0UKI0gswYQZxNW7I9X8Bb%2FnsoZcxI6AylEE%2BNt8EVaya1jObb79ZUO03UWonMAHtYXdSgeY35EZAU1qRswjFT4DCEeLg8C0K%2B3xeMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45be4b76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
9666
33.gif
wintermu.net/img/classes/
8 KB
8 KB
Image
General
Full URL
https://wintermu.net/img/classes/33.gif
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c948b945f378ca56aef04925bb2c69ae0b41e7eb910db153a25643f75b51c48a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-1f8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hb3%2BmnWYP4DSpSejDmUVXlC0aY9EvWkISldIzYL2ggbGwOKgcE4GuIDOT52N8KQat681VUjAeEGygClHQNomr6cD7k5GRU5QrdoTo75y%2B7pD8T7y%2ByZ0dwybo4kkezsfCQixl4tgRoI%2B%2F8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45be7b76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
8075
48.gif
wintermu.net/img/classes/
11 KB
11 KB
Image
General
Full URL
https://wintermu.net/img/classes/48.gif
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc482da11e6bebd1b7b6690d3771b31395be6be6e6661b14c5c55e6ca8e9448

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-2af5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUgj3YRUbAS3OW%2BoJjG032ZylQCtndU%2B8P3eBqfE2yYguULfNoeJL0H3RGyYN2ub47m2QqKeKVD3wAA2eWSdg60D5fg%2BBg9I4XJO%2FBdfw5BLhs3jPWtEhw7OU7xk%2Bj4kSpv4ZpxATIrUHYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45be9b76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
10997
runas.png
i.ibb.co/3Thfy11/
84 KB
84 KB
Image
General
Full URL
https://i.ibb.co/3Thfy11/runas.png
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096667.ip-162-19-58.eu
Software
nginx /
Resource Hash
c2ceba5762fdd40feac1f34f6322f6f8f882b3f5f94163683c7e969086f42eea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
last-modified
Thu, 03 Aug 2023 17:08:50 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
85885
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f60e.png
static.xx.fbcdn.net/images/emoji.php/v9/t83/1/16/
585 B
1 KB
Image
General
Full URL
https://static.xx.fbcdn.net/images/emoji.php/v9/t83/1/16/1f60e.png
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
428c38c00825a619e34dd67f1ddcd2ae2d0e5b50101a9235c73d00f1259aaf53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 05 Aug 2023 09:06:52 GMT
x-content-type-options
nosniff
content-md5
ptBZrD568+epBEAreUv0sQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
585
x-fb-debug
RiH6sgA925HjWhYqsBRj/5YnkCg2rNwIWUJS4P3r731+1KZ8mC+XfdafZEclnwAgyahQwFuWRcXAQYH0a2WAXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy
same-origin
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 04 Aug 2024 02:32:47 GMT
363398579_711863547623369_8140255879536477666_n.jpg
scontent.fpdv1-1.fna.fbcdn.net/v/t39.30808-6/
21 B
21 B
Image
General
Full URL
https://scontent.fpdv1-1.fna.fbcdn.net/v/t39.30808-6/363398579_711863547623369_8140255879536477666_n.jpg?_nc_cat=105&cb=99be929b-3346023f&ccb=1-7&_nc_sid=730e14&_nc_ohc=yLZe6suKW6MAX9HhAsx&_nc_ht=scontent.fpdv1-1.fna&oh=00_AfBDKuVZxdtUtIfn15tyunTR_A62izAW8muGmpCt7Ro4sg&oe=64C575B5
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.62.251.145 Varna, Bulgaria, ASN29244 (TELENORBG-AS, BG),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 05 Aug 2023 09:06:52 GMT
content-type
text/plain
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400
content-length
21
proxy-status
http_request_error; e_clientaddr="AcLXOjNubs5wj6GXPVUbXEx9LKDEPdggOXeMvHXMBGsWwLIhXWJSCbj52u6lJHqjZJdvmxJ2xaYPnfotr3I"; e_fb_vipaddr="AcLD5864z7ieUAY_nfulNEHgbmXDpXWlM8mvbqi4ja-DRCJdkRe_F7ppd0A0qTefjjMqbvHppNM"; e_fb_builduser="AcL3-ZvF-5BMbMf-ouWzftz6jdRfpJTtlNsCx1PuJOAuUuxVx9Xyz2o3_co8w3fb7qM"; e_fb_binaryversion="AcKqwm2C_Wwym0N0gSOVT61a-RNyDbOa34pmRIRHcNpM9tPyIa44bmZrXVUv1HZL8acY1EdIDyw1l6cREYmVUR-6IfNsCuk3MwA"; e_proxy="AcKmRrOtH4P2sIzyZvPrqgBiZB_53R7DVQcCd7Q3ERXBpHuUEHinhNbTT8yYknZaUR2J3fkMPU6g"
developer-logo.png
wintermu.net/img/
3 KB
3 KB
Image
General
Full URL
https://wintermu.net/img/developer-logo.png
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2875783f24b8956a6ac68e9c0202b93bdf9775cac289c6119a4eece9ecbcb43

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-b41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrzuUIcsCtNmjexED6Lv23ssWUoGQ8rvNewrdOivO%2BDckP3H2dvmZTi6WPSJlDnBhH4zBtWuMVPjcG0nwDop8ZBODbgcrUiisP8iMIbEPN3eFE2HmnqNDItOsrqBJE503VPIf%2Fhsh0CWgTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45becb76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
2881
bootstrap.min.js
wintermu.net/js/
59 KB
17 KB
Script
General
Full URL
https://wintermu.net/js/bootstrap.min.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-ea70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKFxGA0pIiV3PcWDUU%2Bnjh8LINEx4395XILsuL5%2F16wBf7y12IA7Z4XYMj8xpz9bj9%2Bt%2BW3lgSaBTwdSXgYOxdKm56oCeAAo17GTyEkFZOKfoNfHjPJydw8IoI0SxFiHHhtcySmvxlX9Pmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2f0efafb76a-AMS
alt-svc
h3=":443"; ma=86400
bootstrap.bundle.min.js
wintermu.net/js/
79 KB
23 KB
Script
General
Full URL
https://wintermu.net/js/bootstrap.bundle.min.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5f7ca556-13b40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zly%2BqanT5sHvk40Jl5eD5gXtc62CV9yqTg7g1fjEvZ6HdA1HxWOUoS7f5I1YwLiDHD7ia5GeINPcAbZY%2BEn4obUzzMlsAGGJFF%2FqmBXST%2FmPSl11%2FKhg8oYRlgXmtJTc6ubCxu0uf01XDFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f1de2f39a7fb76a-AMS
alt-svc
h3=":443"; ma=86400
hotjar-1808854.js
static.hotjar.com/c/
10 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1808854.js?sv=6
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-85.fra60.r.cloudfront.net
Software
/
Resource Hash
89e3f257f40f2868c7795359547458756c575076ea8a8626c1fb77b9b5737c42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 05 Aug 2023 09:06:52 GMT
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/6eb128ab18e72714fec30d8ad235d845
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
WoFte2ZT6_HELrqBREbjubx2oHW5O93omb6mKU6a8Tbb6uIQvabc_A==
widget
discord.com/ Frame 9A37
2 KB
2 KB
Document
General
Full URL
https://discord.com/widget?id=1131247541556629675&theme=dark
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb713c09ac3b46b4e05153cd6dd5ef3052cba01985e4c523dfc6a658f21c934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f1de2f4bf33b773-AMS
content-encoding
br
content-type
text/html
date
Sat, 05 Aug 2023 09:06:52 GMT
last-modified
Mon, 06 Jun 2022 20:56:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FxB%2FSOCFJU918KRXWJmkIS8zuysvmZ%2BPAQAGMgVNyqOheNjG8ofqHGXrdJbaKi43EQlp9eceXUStTvrRA1iCEpX%2BfewFEPLD93d66qg5XV%2FWm09%2BRCefpW%2FkItp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-build-id
658afa3e9b2fd84f7825b019e925af528bcb2f76
x-content-type-options
nosniff
x-xss-protection
1; mode=block
green-dot.jpg
wintermu.net/img/
11 KB
12 KB
Image
General
Full URL
https://wintermu.net/img/green-dot.jpg
Requested by
Host: wintermu.net
URL: https://wintermu.net/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3196c6d217bdc85b0e435dc4330b1605eb05ac8718b3272850125b3b763d336

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-2d95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9g3qMNsjVbBF%2BjZimDMCakojfT3Sv6OxL8EKjM1s0q78j1t2TF%2F7v8sC4wkXRqyj6Cz6o4M%2BXy9UT9WSF%2Bl%2Fzb2dnQqARochxGZrnc0rFllzJhrNtNYJct4Qr1KXnQ1BswTbkTPCnFrB0Yw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45bfcb76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
11669
corners.jpg
wintermu.net/img/
12 KB
13 KB
Image
General
Full URL
https://wintermu.net/img/corners.jpg
Requested by
Host: wintermu.net
URL: https://wintermu.net/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebdb02f54d4e985fa841f9b44f480801e413f67b7c4f77f225a60c8ecd923079

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-3075"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvQ6dycMoQnAGCWFaIsXRvTYuiOe7lFwFf2nz327VDCraaVLg9XthbFR4bLVhRPNKFFbPyJfVEggI3VJ27q75k%2BXp712%2BwdbrWMXQ5YwYX1X7u2vupI2vXaxu9ICgxeH0sGFq7iVQ9%2FSbbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45bfdb76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
12405
arrow.png
wintermu.net/img/
3 KB
3 KB
Image
General
Full URL
https://wintermu.net/img/arrow.png
Requested by
Host: wintermu.net
URL: https://wintermu.net/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e9f770dbeb347031c8464747a198f5586f7944fa1d2a9f80b546234e16fdc7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca555-b10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCz4E%2F0a6pSVc6HZ6HV76QPkrj9k5KAYwpsIhVz%2FQRMoojPcJoDanUIN24dUbd9Gt1Q0vOU7Ztc53wrzMnCnmmqKHAfeJZ2gQUzKCpxJMCAdE3CtpThKaeca2Q1xITOgdq7pkxY4dcVKtNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f45bfeb76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
2832
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v17/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wintermu.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 02:03:50 GMT
x-content-type-options
nosniff
age
25382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17164
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 02:03:50 GMT
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v17/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wintermu.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 07:58:04 GMT
x-content-type-options
nosniff
age
4128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17216
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:54:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 07:58:04 GMT
6ae84K2oVqwItm4TCpQy2knT.woff2
fonts.gstatic.com/s/play/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpQy2knT.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23dac69f3ef7c5357c71c062e6ee5df4763154e0e36aa172e8b7683571f12bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wintermu.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 05:57:59 GMT
x-content-type-options
nosniff
age
11333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9160
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:54:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 05:57:59 GMT
6aez4K2oVqwIvtE2H68T.woff2
fonts.gstatic.com/s/play/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtE2H68T.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:400,700&display=swap&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f752b81dc0a3aa29edaa55262ebc397a6c947b15c1965698656f6f94162a787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wintermu.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 05:57:59 GMT
x-content-type-options
nosniff
age
11333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9248
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 05:57:59 GMT
fa-brands-400.woff2
wintermu.net/webfonts/
75 KB
75 KB
Font
General
Full URL
https://wintermu.net/webfonts/fa-brands-400.woff2
Requested by
Host: wintermu.net
URL: https://wintermu.net/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Referer
https://wintermu.net/css/all.css
Origin
https://wintermu.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 17:11:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7ca556-12b04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brIJ%2FQgaqIsZzfRGVkHKTUHRklcQq8OrLyQdFzQc7IAmgKoOpgMMIHCCPiJzcGXovZMNLEwQky3%2BGMCgtDLcvbT%2BVKo0bgxn903C8y4NchOGU%2Fhu0vOq18oFaNYF1uRWluuishVYkk0nX3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f1de2f49c66b76a-AMS
alt-svc
h3=":443"; ma=86400
content-length
76548
index.693fb6cb383c52b4acb1.css
discord.com/assets/ Frame 9A37
13 KB
3 KB
Stylesheet
General
Full URL
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Requested by
Host: discord.com
URL: https://discord.com/widget?id=1131247541556629675&theme=dark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f96cc8e0ca634b6b06ff036d3e578110a81d894bdd7b1f1031d748191c5d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/widget?id=1131247541556629675&theme=dark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 06 Jun 2022 20:43:47 GMT
server
cloudflare
etag
W/"63996df123566cc2b4d4b5370f61ce8e"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYR9cP98N87TtuLnExpcE3DWLYOU0Gmg7NT36vy1jZR2oeVl04aOSs2CdzyxTn1gCsQE7TLD3gfbv%2BANZsB7qyw0vvF0E2bN78Ze%2FqNVHLBxFbQWPr6yFH%2F9GodV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
7f1de2f50f6cb773-AMS
e33e6e9d9de3d3040d8b.js
discord.com/assets/ Frame 9A37
179 KB
59 KB
Script
General
Full URL
https://discord.com/assets/e33e6e9d9de3d3040d8b.js
Requested by
Host: discord.com
URL: https://discord.com/widget?id=1131247541556629675&theme=dark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ac62415f3776b625d9f849bd650501d9079187a98f7cf1fe83861141d40b29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/widget?id=1131247541556629675&theme=dark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 06 Jun 2022 20:43:47 GMT
server
cloudflare
etag
W/"1d8b2b7b16bc5c35f14e2f4f7b321626"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTMzeDJu12X0xxAmWT3UPIlhTGzPslLvr7IlM31iI0gvDC8wp933ICpjkMV7fbFDzdWZbGt3dYLzbcMkAVDHy%2FOXuHp8YQ24ogppAV6yZhgIrDCpj4fpDQDlLqS%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
7f1de2f50f6eb773-AMS
modules.92ff9978854791af68a7.js
script.hotjar.com/
223 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.92ff9978854791af68a7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1808854.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 15:14:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
150765
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55640
last-modified
Thu, 03 Aug 2023 15:13:59 GMT
etag
"9e14d47807cbae60a1fa1410419e20a1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
IeUtyO6DcIs4RxB6oRJu-XQi4neA49FI1THQ-8znQMq_5GV-xKFqvg==
widget.json
discord.com/api/guilds/1131247541556629675/ Frame 9A37
6 KB
3 KB
XHR
General
Full URL
https://discord.com/api/guilds/1131247541556629675/widget.json
Requested by
Host: discord.com
URL: https://discord.com/assets/e33e6e9d9de3d3040d8b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985e5f73912607472965476a244364023a7cecb12c1c126a5836d6776f9119d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/widget?id=1131247541556629675&theme=dark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'; default-src 'none'
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 04 Aug 2023 16:14:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnVHVQGcU74rXsN%2FNy1bNNTLgbbCT19F0CisaMqIwefXsL5mv6QhLdMbYLPYEwtTOgMmS4MAGdXe9IIfn6a%2BIVC1YduiW3pp7KxcHTFAgB3Os%2B5DLCWoqIyuOdch"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=300
cf-ray
7f1de2f5ad98b700-AMS
expires
Sat, 05 Aug 2023 09:11:52 GMT
8f20d57d7d0ea34489dcdd432437f71c.svg
discord.com/assets/ Frame 9A37
5 KB
3 KB
Image
General
Full URL
https://discord.com/assets/8f20d57d7d0ea34489dcdd432437f71c.svg
Requested by
Host: discord.com
URL: https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Aug 2021 08:15:50 GMT
server
cloudflare
etag
W/"8f20d57d7d0ea34489dcdd432437f71c"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3ElA45Vnt6XBcP68hMZuOzrmxxpluqGym4dZYNIDoyl6Kkpkd18%2FLbI4dpb5nxGdzUoWPIRKPDWoPF%2BsYnTp6NuUlVtuMcI1djaaYfHxHG60MZhP2QqCHVuvXm0"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
7f1de2f5ddb9b700-AMS
746a4f241e03deffc59b08c5650cf458.woff
discord.com/assets/ Frame 9A37
61 KB
62 KB
Font
General
Full URL
https://discord.com/assets/746a4f241e03deffc59b08c5650cf458.woff
Requested by
Host: discord.com
URL: https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12954218db16e3a3c86a6ee84e41be8bb35cee983ffd5233b37c7e094f9dcf11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Origin
https://discord.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:47:08 GMT
server
cloudflare
etag
W/"746a4f241e03deffc59b08c5650cf458"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/font-woff
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCxUJfKx7WpnRFyn%2B4txiUmduouySUL69MmB4S1IsQsnNWkRwEsdBt%2FZ8pwE802n6lAvQhHFsT3P1pNZ4UX6Vfh%2FVFTEAUl2oplhFY9mlUWPRMoeCBxcX6f4E1Ae"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
7f1de2f5ddbbb700-AMS
32c4f766e4892c054dfd367dbe0fc6dc.woff
discord.com/assets/ Frame 9A37
54 KB
55 KB
Font
General
Full URL
https://discord.com/assets/32c4f766e4892c054dfd367dbe0fc6dc.woff
Requested by
Host: discord.com
URL: https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8612deb0cfdfde638ad9e286429dd4cf56418398dc0d6721ce43842403d9f320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Origin
https://discord.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:47:07 GMT
server
cloudflare
etag
W/"32c4f766e4892c054dfd367dbe0fc6dc"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/font-woff
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIPbkozMOg1EVgMjCDvzaT8Z8y7mqfFbJAU4Gtd1RVWwUrzQ9sK%2FYswdH6ovEgQ1DNBI14hhqgmI1eRFsDWaJZ855iihGy2InH6Rh4r1bh2muIiO5Ayj%2FRRFDYUC"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
7f1de2f5ddbcb700-AMS
invisible.js
discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/ Frame F73F
Redirect Chain
  • https://discord.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
7 KB
4 KB
Script
General
Full URL
https://discord.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H3
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f0a24090c78090d65f25f248957370867658bf95557a5f2fc9e7be2b77efac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8vs8orqcNlFeV4UqEgswpuUAY1QjnHt1co30k5pM2KAp%2Bua8aZ5w3Cyo1Ut4b5I7QjQ7qajq3sO8gFtHbv3kaqGSBBlwnSep6j%2FvmnG3WZfHeuxP8MH7UxrOUWI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f1de2f6be5ab700-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrLYWdCl7frBAaJeZAumlFRPh1Vpp82k%2FotJ6Jygd%2BwgHMbql7CaigQSNqD1GsA0wVA9K4BCWaB0tBIuaozs0y5pGvPiYy63QVwz1j93Y9HvCR9H25JHr7CX3s%2BO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
cache-control
max-age=300, public
cf-ray
7f1de2f61ddbb700-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
218 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2GN5HXMBF0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166024579-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d9015f5703a3aa5d9a7cc1666315ebfebea9a51724dbb87d29003ab6c7c028e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78533
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 05 Aug 2023 09:06:52 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166024579-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 05 Aug 2023 07:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4627
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 05 Aug 2023 09:49:45 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/
372 KB
126 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb934f6b2d4a690d92975299564d87f86959c76cb4fc6197cb726fd2e4f278d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128315
x-xss-protection
0
server
cafe
etag
2607689543599527440
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 05 Aug 2023 09:06:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame 13E1
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
51535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 18:47:57 GMT
etag
12368291122986407432
expires
Fri, 18 Aug 2023 18:47:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
243 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2GN5HXMBF0&gtm=45je3820&_p=126423605&cid=709771201.1691226413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1691226412&sct=1&seg=0&dl=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&dt=WinterMu.NET&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2GN5HXMBF0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 05 Aug 2023 09:06:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wintermu.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5Z02whTJyuaU6VejZ4FAWbqAemm_IeTH2SiOcolsINtTtG7icasa-PyhoBsYw-ZR9W2KYInJq2448PysZt4
cdn.discordapp.com/widget-avatars/OH0HV0RrHX6p1LoxfvyeULO0LOllpxUTTIgcWjiwRsA/ Frame 9A37
1 KB
2 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/OH0HV0RrHX6p1LoxfvyeULO0LOllpxUTTIgcWjiwRsA/5Z02whTJyuaU6VejZ4FAWbqAemm_IeTH2SiOcolsINtTtG7icasa-PyhoBsYw-ZR9W2KYInJq2448PysZt4
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cbf10f4a5715d7b6127922661635516488b3b0d81767402ca86f126cc89d7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2021
x-guploader-uploadid
ADPycdtz_20zcsM2qBsZZaxhlk8TLOAyV09KOSpahpoYfyOFlPq7iio8yfjr_OM7o7CgUP4d6hNkBgOGPe5fBnhubbfLYQ
x-goog-storage-class
NEARLINE
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1334
last-modified
Fri, 14 May 2021 01:14:15 GMT
server
cloudflare
etag
"3c6ccb83716d1e4fb91d3082f6b21d77"
vary
Accept-Encoding
x-goog-generation
1620954855690894
content-type
image/png
x-goog-hash
crc32c=dw+lDg==, md5=PGzLg3FtHk+5HTCC9rIddw==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVpuETCeCF%2BYaUL5nu2lLdd9B5raUkNMQ%2BfVJMx7lS7vqYXB14PxStQz2v2Dq75px8x%2B1%2F%2BXEUs4SaLfbOPuB41Jc873wvCfXAfcYRg7qJja9lrRAIyVBgEExHX3qJD02ja8YA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1334
accept-ranges
bytes
cf-ray
7f1de2f78d16b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 05 Aug 2023 13:06:52 GMT
i9XBfQVkGh-EcAdZ9q5aKOZpwbYIc2aLiZIF8_SJUfBQLuPjYzETBJEjcQ9xSGE9DRSFSBgHSPs6JJpvXPH-e9HzCBqHdF6rGhcSoqtdtd2DTD7nXqrlj0k597yducrmlzQjApU7s_qyl_w
cdn.discordapp.com/widget-avatars/s0dk6XDMTlqvwYLVqyVRPhtdzaLIZHZt2xjDuGS2rrY/ Frame 9A37
5 KB
6 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/s0dk6XDMTlqvwYLVqyVRPhtdzaLIZHZt2xjDuGS2rrY/i9XBfQVkGh-EcAdZ9q5aKOZpwbYIc2aLiZIF8_SJUfBQLuPjYzETBJEjcQ9xSGE9DRSFSBgHSPs6JJpvXPH-e9HzCBqHdF6rGhcSoqtdtd2DTD7nXqrlj0k597yducrmlzQjApU7s_qyl_w
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84bc5460d3ef62efc38d75a8181c8e846281c23910083a28cad7012aa6298fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5070
last-modified
Sun, 16 Jul 2023 18:49:06 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X58dfwoEDf4lMXKnndJFD4h1l%2BYu3FfBD%2B7ttzh1Af9u25IBCC3cLACXSIEOEnz9Aqpdo74BKuGeDje6qrMJ%2FAl6qj%2BIAG5ncZxcs7bqAcGE2ZTH9D2oWUIo94r9BfpqMzY8xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f78d17b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
GhOousyiTKt_PSoL-aXx9NRZemGduR39DVyb9EqvqbUQ-LvT_kBKDUynNBkDdCMbFcWhvuS0idg2yRPVq6M
cdn.discordapp.com/widget-avatars/yzWv5NQ_w5dibfdBhmFwWtpFBZ2RBaaTP41qGqVt6B0/ Frame 9A37
1 KB
2 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/yzWv5NQ_w5dibfdBhmFwWtpFBZ2RBaaTP41qGqVt6B0/GhOousyiTKt_PSoL-aXx9NRZemGduR39DVyb9EqvqbUQ-LvT_kBKDUynNBkDdCMbFcWhvuS0idg2yRPVq6M
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cbf10f4a5715d7b6127922661635516488b3b0d81767402ca86f126cc89d7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2021
x-guploader-uploadid
ADPycdtz_20zcsM2qBsZZaxhlk8TLOAyV09KOSpahpoYfyOFlPq7iio8yfjr_OM7o7CgUP4d6hNkBgOGPe5fBnhubbfLYQ
x-goog-storage-class
NEARLINE
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1334
last-modified
Fri, 14 May 2021 01:14:15 GMT
server
cloudflare
etag
"3c6ccb83716d1e4fb91d3082f6b21d77"
vary
Accept-Encoding
x-goog-generation
1620954855690894
content-type
image/png
x-goog-hash
crc32c=dw+lDg==, md5=PGzLg3FtHk+5HTCC9rIddw==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukjlJ%2FoIM1h3oxHrEUH8%2FKAzGtFAlSQ4jDVk%2FiYeHnhKi3yDj9Th9hh6%2BfsJvG0NGqiuHy7I10hxiGjyzV5QdQet6wMxg3zcI5E8vA9IWyu8862qCUrjdHJiLb3%2FEkNgEBoPAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1334
accept-ranges
bytes
cf-ray
7f1de2f78d18b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 05 Aug 2023 13:06:52 GMT
iQnWizUzIV9WP7pfQhe5ZQA0Xfyj-qjVzgpDdcNZ0Vf4Y65Hbix8xGOLitlE6i5OgTlwBA5QHouffP_JN4MEp9MMKfwEB1w3K9hwi_Cj9UiWFzlczvS04DUkW7RYXlrExF3g-PqxhLsT4g
cdn.discordapp.com/widget-avatars/UWBbQWd1c0lxdwumMPOyRiKwhgfyPf3yoaWbIOrFHMM/ Frame 9A37
5 KB
6 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/UWBbQWd1c0lxdwumMPOyRiKwhgfyPf3yoaWbIOrFHMM/iQnWizUzIV9WP7pfQhe5ZQA0Xfyj-qjVzgpDdcNZ0Vf4Y65Hbix8xGOLitlE6i5OgTlwBA5QHouffP_JN4MEp9MMKfwEB1w3K9hwi_Cj9UiWFzlczvS04DUkW7RYXlrExF3g-PqxhLsT4g
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02179e50f5e10acb3e5b78d1b91d37289c5ccf48d131b2a972969147dda238ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5056
last-modified
Mon, 31 Jul 2023 04:48:54 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zjGCM%2FiDxsB94k%2BiPgqlKFsQ4nNxH89VS7R3RbdDDJd5r3c4zYqh1KozPrjVb9%2FCGjDGooyExUrWkPvtr0GNATepeDCKhT0itnpKePgqd77daTPogjdnq%2BD%2FGMG5A0jcyMMWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f78d19b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
6vFMW2litGFXog0La62XahefdfkR40RQhncDs0OFpmoKatfyrt0xOwlyiTfbUCjDY40u9PPUE0hiSCFpYxIsCSzX6FdZkZb718fAL6qUwOohdA_cv4WILKXjiVDcXDrWJy3cu-HkWaYssA
cdn.discordapp.com/widget-avatars/GtjRDqO057NCMp6FKHcIwhM3ALh63XpyH3NmnBLvCro/ Frame 9A37
4 KB
4 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/GtjRDqO057NCMp6FKHcIwhM3ALh63XpyH3NmnBLvCro/6vFMW2litGFXog0La62XahefdfkR40RQhncDs0OFpmoKatfyrt0xOwlyiTfbUCjDY40u9PPUE0hiSCFpYxIsCSzX6FdZkZb718fAL6qUwOohdA_cv4WILKXjiVDcXDrWJy3cu-HkWaYssA
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4daa0e33f6cc8630e40efe6d60d1f3e902899e759da7ef61a2857f1cbc32702c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3877
last-modified
Thu, 15 Jun 2023 16:52:29 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fb02mViy7%2BBW43lfUCcmHrCuBi8A%2B5qavkg82Ix5nuiaB%2F7ventLu7yOjKZm6eVhd88xjcA%2Fc4HyLJU5YLVNvt6ssC%2BdoA2GvVOu6iYL1rvakXUaL99fwHKSNFp32b3%2FDxWUeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f78d1ab79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
ccmjLIvleazJvJrG1D0vUXdjfF6aKVlpTVyy8CBDZCt1pC72t28XO1Gd0Z09AKTKNdBiFlIsBqHTwn7NJrGZntmACOZyUZdK-vj5joUl74B5dpPVEa0qXmKrGYNr56RE9s22ExFLD--4qA
cdn.discordapp.com/widget-avatars/wVnkYkja2Q-Gm1Uap1_IYhnyxBqcU4y1TDNGmvTYcKs/ Frame 9A37
4 KB
5 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/wVnkYkja2Q-Gm1Uap1_IYhnyxBqcU4y1TDNGmvTYcKs/ccmjLIvleazJvJrG1D0vUXdjfF6aKVlpTVyy8CBDZCt1pC72t28XO1Gd0Z09AKTKNdBiFlIsBqHTwn7NJrGZntmACOZyUZdK-vj5joUl74B5dpPVEa0qXmKrGYNr56RE9s22ExFLD--4qA
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133bb6107231c1178b4910c404bd097618dde7f14fd8b9385f6bb5fb4df2085d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4374
last-modified
Sat, 23 Apr 2022 14:57:51 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJOOc3olUHcsQZsyBiCbZeCWS5DMtpsRQCmuuOqhLZXXojzuIoK5oDgFHYGDJxBzDlbQR5fCHv7kgGz3aKBrsFeIjDVzCtJG9ljtvLzS7K7dH64rSlrpIupRlFwZa23ub2le3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f78d1bb79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
Ry9-TpVnqfgd43_BvVuM-vxmRZZIhB2ZE2VUG6-GmB8r-g9XTxUkRfeiFX6xDnq_O7n1XkXPwdBrXtms3E0
cdn.discordapp.com/widget-avatars/2EVxoRa4T5cI_FQuViwdKgI2ceuG8uMqbJRfr_WFDyo/ Frame 9A37
1 KB
2 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/2EVxoRa4T5cI_FQuViwdKgI2ceuG8uMqbJRfr_WFDyo/Ry9-TpVnqfgd43_BvVuM-vxmRZZIhB2ZE2VUG6-GmB8r-g9XTxUkRfeiFX6xDnq_O7n1XkXPwdBrXtms3E0
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cbf10f4a5715d7b6127922661635516488b3b0d81767402ca86f126cc89d7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2021
x-guploader-uploadid
ADPycdtz_20zcsM2qBsZZaxhlk8TLOAyV09KOSpahpoYfyOFlPq7iio8yfjr_OM7o7CgUP4d6hNkBgOGPe5fBnhubbfLYQ
x-goog-storage-class
NEARLINE
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1334
last-modified
Fri, 14 May 2021 01:14:15 GMT
server
cloudflare
etag
"3c6ccb83716d1e4fb91d3082f6b21d77"
vary
Accept-Encoding
x-goog-generation
1620954855690894
content-type
image/png
x-goog-hash
crc32c=dw+lDg==, md5=PGzLg3FtHk+5HTCC9rIddw==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1nHn7LR7y7QbhF2JiOfyz4bjuhTNinp9Kipva4CZeuGOGTR9mKlQWqEhBYm2P50PkB6n6YItxvxRtr5iOSpszf2P9AGQuVTJnsNDkfNY1Zvxy%2Bq9Okk%2FjnHNV1O9EHYklS5Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1334
accept-ranges
bytes
cf-ray
7f1de2f7ed5ab79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 05 Aug 2023 13:06:52 GMT
Gkowtdj7cxXW-oMr8T2NYVALRSJhPGshmLVXrIK_3ph5QCxaUiv3nfUHzEImYVrNE6yBsTKiT8i5Zc6XYgdmTWccUGf2sdBWCMnsUD9YgdgEvrdLwOx4GgcPYvDj3P0C3-R0WHT_9atpZg
cdn.discordapp.com/widget-avatars/hFPqr89T-uk57fuQrliT1RVzqQQbjkmtqcuutdyMCzA/ Frame 9A37
4 KB
4 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/hFPqr89T-uk57fuQrliT1RVzqQQbjkmtqcuutdyMCzA/Gkowtdj7cxXW-oMr8T2NYVALRSJhPGshmLVXrIK_3ph5QCxaUiv3nfUHzEImYVrNE6yBsTKiT8i5Zc6XYgdmTWccUGf2sdBWCMnsUD9YgdgEvrdLwOx4GgcPYvDj3P0C3-R0WHT_9atpZg
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb199d03fc5d170f7b2dc15bc8e7396d26bd0592a17c212a0ac92bf39a54fa46

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3797
last-modified
Mon, 20 Jun 2022 08:41:47 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Cu5laEfPuTQ7NlUHJanRQxPx2pCAM7sej6RrI50PpApKNTEn3c4ijhI91TFfZTjFlp9umUVUdJkJtyYkGcTB8DiV0y3gGqXoAwYD7fBKjvMrdw9NjnH8AYpCviHahe3WdJxYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed5cb79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
z5_PoLCCLKEqUfLATPaTvWGu-qlLdPKK7vhBISBYv3LQ1ijchhOyRw-z22NU89cErj4ESfXlD8qUGXFGOXuexdneD4qkfP2ZqaN5udIj8toQJFynQcIYA5TGwRFOJ_1YNa6Ui0ARUF3I1A
cdn.discordapp.com/widget-avatars/2kT6I82BykG4iDumPVydK0tnbaqyB7d5Qu1ldZa-tD8/ Frame 9A37
4 KB
4 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/2kT6I82BykG4iDumPVydK0tnbaqyB7d5Qu1ldZa-tD8/z5_PoLCCLKEqUfLATPaTvWGu-qlLdPKK7vhBISBYv3LQ1ijchhOyRw-z22NU89cErj4ESfXlD8qUGXFGOXuexdneD4qkfP2ZqaN5udIj8toQJFynQcIYA5TGwRFOJ_1YNa6Ui0ARUF3I1A
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9485faf817cb1c4f5e018d90c6dcbcb375cc7e67959b05d4e912c42680f5f81a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3589
last-modified
Mon, 01 Aug 2022 07:50:01 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrBIldwfmHjcKNcj5%2BUL4X5xLtBzi4Kj0J1EBvh6vHgi7vkK%2BYu5blYGZE9s1tWUVw4o79gqpMdOZxG2G3%2FvAWQy1HaABYSQHMmCOzoc7s5kgNzfJ4l7XEyL6v2B5bu6QaZWkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed5eb79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
zwi10ac1S8BVjiWbPYEYnUitup-U_jQ19a087LG40Z4MYlm94rf0Le7iwjxvNWmuTej67sGvRp4NOFiXZjjTUI0f0_O7EWmtKQc-EZ8_kyZ1935gMwMevvKrmhCzEuAIwbzdYKYcv71FSA
cdn.discordapp.com/widget-avatars/rfPoz6Rp4LF7Kr7A93xUmMlqxEY2i_rWHh15eJ75Oeg/ Frame 9A37
4 KB
4 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/rfPoz6Rp4LF7Kr7A93xUmMlqxEY2i_rWHh15eJ75Oeg/zwi10ac1S8BVjiWbPYEYnUitup-U_jQ19a087LG40Z4MYlm94rf0Le7iwjxvNWmuTej67sGvRp4NOFiXZjjTUI0f0_O7EWmtKQc-EZ8_kyZ1935gMwMevvKrmhCzEuAIwbzdYKYcv71FSA
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fecc5c165ae4207d28b9b19de703102c92a6802baff40e758acccedba03dfdc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4058
last-modified
Wed, 23 Mar 2022 22:23:35 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irvmjPw7wyt%2FfPdtDyexFM5nE8l83R48hkDDXs1gjiz46AgTmBnbiLbvRtzoYDsO849AnLmiB17E9TV1OrRwU1GcqAfkfy%2BBkDlqEwBhZJNBIax4YcpZ3J2Ouk0KacCjeRi5oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed60b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
BJzVHAkyE1_9HT2btMLio0djMAHptHNQ5xBqSKR-L6eI6bM7AupQE5Ivk7fY6erUhBeXbrDME99bTcR9eNoKJMgnOeekYBuw6l8bAnvJZWZHezm8A_vkid1KoN-cUm9JjLovIiSP2EcAYw
cdn.discordapp.com/widget-avatars/g-yf2XrHRdO0VJfOEio2rljelGJ-2HFHi7OHE0o2hE4/ Frame 9A37
4 KB
5 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/g-yf2XrHRdO0VJfOEio2rljelGJ-2HFHi7OHE0o2hE4/BJzVHAkyE1_9HT2btMLio0djMAHptHNQ5xBqSKR-L6eI6bM7AupQE5Ivk7fY6erUhBeXbrDME99bTcR9eNoKJMgnOeekYBuw6l8bAnvJZWZHezm8A_vkid1KoN-cUm9JjLovIiSP2EcAYw
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83cf407bab5e1966206bdaf43e70e152c75fe739273d46e6a0dc7891189cec3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4499
last-modified
Thu, 01 Apr 2021 11:49:43 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3aKuxhYfIvm8eBLkNpRUpQXxRWmmW2Ocv7npCMsKzqJJpeMK2MJuXnsKvLzkbipcyMDV%2FzBMz%2BM80maqItNV9OaPSBpMbCRIqByWq%2Bnn4MZhi5eCwjebb%2Fl19d%2FxelVHm5lbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed61b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
hv_Icp-u4qpSi2-9OeyzUFf4ENv4hwRIz_fRKmbiXxdfO-2-qWpq8qiXSMpVqwGGmr0fwGjMGdYpQFNcNyo
cdn.discordapp.com/widget-avatars/wSSVyGPW5Jaj7AYSw9ZAuFVpA-SkOaR77q26ZAWC0HU/ Frame 9A37
1 KB
2 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/wSSVyGPW5Jaj7AYSw9ZAuFVpA-SkOaR77q26ZAWC0HU/hv_Icp-u4qpSi2-9OeyzUFf4ENv4hwRIz_fRKmbiXxdfO-2-qWpq8qiXSMpVqwGGmr0fwGjMGdYpQFNcNyo
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca0dad323eee0d24eb0d75846e3d57fbf76750d8d0f4485a9f68e0fc4498e7d6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2203
x-guploader-uploadid
ADPycds1xe5vuydNaulsLHbpReb4j3857RMVltDEPDaMzqItiuauPIBB8rT6z7fqqNslFfOj7U85JAbntGGy7Q8Aebg_
x-goog-storage-class
NEARLINE
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1324
last-modified
Fri, 14 May 2021 01:14:16 GMT
server
cloudflare
etag
"c09a43a372ba81e3018c3151d4ed4773"
vary
Accept-Encoding
x-goog-generation
1620954856403229
content-type
image/png
x-goog-hash
crc32c=Y/unMw==, md5=wJpDo3K6geMBjDFR1O1Hcw==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkAao11Ivd28KfxHsnXzPVA4QYbG%2Bzi3u7%2FIshIua0qdDv0yvkgFOSbfdQcxI4WA34gSG1eUg%2BN64hLsz1Y%2BX%2FFhhM6K8cR2XrX0AujyiF7NiRkyCz%2FWYyJNnbaRZIkRl34bhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1324
accept-ranges
bytes
cf-ray
7f1de2f7ed62b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 05 Aug 2023 13:06:52 GMT
DpDqtsdk4gEEgl9kRWpUfDa8NZjV1F070fs5ivVU2MztPSO2K3w5zoJD3Fd9uRpZdcV-zm-UfqKA2u6eYeaRmWzLR7LHaufF3TUhj39Rjq4KJIef-blCFxS-Sm4O-wYkrEsWh_Unm65WUA
cdn.discordapp.com/widget-avatars/gnBBZO_C_9L_6ZYBj888i_qacoaxGV3KRZgW0wqgvug/ Frame 9A37
4 KB
4 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/gnBBZO_C_9L_6ZYBj888i_qacoaxGV3KRZgW0wqgvug/DpDqtsdk4gEEgl9kRWpUfDa8NZjV1F070fs5ivVU2MztPSO2K3w5zoJD3Fd9uRpZdcV-zm-UfqKA2u6eYeaRmWzLR7LHaufF3TUhj39Rjq4KJIef-blCFxS-Sm4O-wYkrEsWh_Unm65WUA
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
522dd70f9193656f0485c8a4b6221731144443631d5f1678e237637ddfef6f10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4043
last-modified
Thu, 03 Aug 2023 16:02:56 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh18NhWsqfHfx%2FCKRCuvHty2V6%2B%2BS5%2BHkCYq60ZsBai%2FADtOvSL6bxD9h%2Fl9swV7GI8gkrZfdR1Jq7qRlztID8Mo0HuC4Vh0l7uk2vFxzX2jzFar4tNUonU%2BFkesUQ5F6U6EJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed63b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
DTQuqJFIWznn_FFk5Y1VX6vLWi2cY5Ba7oEoe6j0n3VLczkcdpkVCbkZAkiM22QYcDBVET4PUGXIHrHL5fzMFIJqqQj_b5vAqxU1y3agzZR-lwjRwJSPFuANXIbA3DLDm5s1BC0wiQkcOfc
cdn.discordapp.com/widget-avatars/Ku84odQOR_oSqEdo7qNWzLeVgXPBqqB5L-C8rMVra28/ Frame 9A37
3 KB
3 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/Ku84odQOR_oSqEdo7qNWzLeVgXPBqqB5L-C8rMVra28/DTQuqJFIWznn_FFk5Y1VX6vLWi2cY5Ba7oEoe6j0n3VLczkcdpkVCbkZAkiM22QYcDBVET4PUGXIHrHL5fzMFIJqqQj_b5vAqxU1y3agzZR-lwjRwJSPFuANXIbA3DLDm5s1BC0wiQkcOfc
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76869ea08ccb7725466b030c35c9886504ff70801c64a5e7b50bd64a38139c27

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3143
last-modified
Fri, 04 Aug 2023 15:22:18 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn2pBNA6guFrQ6FKO1HSvkij17DRMDXwGzLp8DXnFWCa5aIga0WQUakM4nVEiboqNNwBJDdEbkfLdKV36%2FaWsBcgX1YdzVGLCU01jo7g5usaxb2j0gad%2BmksV%2F5ZR9SVwzMPwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed65b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
AXl-9mwDmszMoIpeEC-5djeZrl7xXiTXRprPHj70BJ6aIkVzQjoyR7umfbRCrYwOuV0SuXJZkKRvXH9IGw6eos2bj3lRZAneBYJzSe2xmrlM0I7iI1n5urNdbT3Ry5_n5q6mnTiv31HBbg
cdn.discordapp.com/widget-avatars/OrC2KDwrTeRNRUDzqeULV9q7GXjCY6oP1CEwtd9n8DM/ Frame 9A37
2 KB
2 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/OrC2KDwrTeRNRUDzqeULV9q7GXjCY6oP1CEwtd9n8DM/AXl-9mwDmszMoIpeEC-5djeZrl7xXiTXRprPHj70BJ6aIkVzQjoyR7umfbRCrYwOuV0SuXJZkKRvXH9IGw6eos2bj3lRZAneBYJzSe2xmrlM0I7iI1n5urNdbT3Ry5_n5q6mnTiv31HBbg
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0064c541982798cab7c456edabe0eb0081739410d769a03462790147888771c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22265
alt-svc
h3=":443"; ma=86400
content-length
1698
last-modified
Thu, 31 Aug 2017 07:29:59 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsFmeGPADsJMXVd85%2BdtGyjdOe9nS4kVAE3aCR31RJslGKnv2f5HzWAnP8apk48MrxA4UCFNC2jPnzqUyNibMRBRHztpJls%2FzVvDa4N8gczdadOA3MWB%2BAQ%2BlI4iNWJ97XkHIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed66b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
9TWdVm0LkbV3SEcylCN1_XHBYL4PMz0pCUcLWos_zSxUGseEyvh8Qpx6_YBpqDEC6z5AFINObD0hOOz60LAVKfi90iIh1_UwZqDs_LHHwv47LPTcZ2Oko2yRIr3-zdW8Zk5mB8co4awIWQ
cdn.discordapp.com/widget-avatars/vhGaVIlpF9DCYf90c5WGrbE4R1NdYv9ZzsTm0LVt26M/ Frame 9A37
3 KB
4 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/vhGaVIlpF9DCYf90c5WGrbE4R1NdYv9ZzsTm0LVt26M/9TWdVm0LkbV3SEcylCN1_XHBYL4PMz0pCUcLWos_zSxUGseEyvh8Qpx6_YBpqDEC6z5AFINObD0hOOz60LAVKfi90iIh1_UwZqDs_LHHwv47LPTcZ2Oko2yRIr3-zdW8Zk5mB8co4awIWQ
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e55da04896f08b793c30f0bc2211dacc3b52456ccdca7308fc21d829131bd0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3519
last-modified
Sun, 12 Dec 2021 18:22:15 GMT
cf-bgj
h2pri
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxQWpykBvG4qNPxlFrtvITpKw8TdETgDRA6ElGFgoUA66aIlzMrfOcWaIfJVMXboErjLKAohuREjrsl%2BdboNI%2F1SpYHXT5z7QSzeFdXrY8LFZlkHp%2FrnelJSbaDoMWT%2BDNFkFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f1de2f7ed67b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sun, 04 Aug 2024 09:06:52 GMT
ArwRbPVmhbszyW58JYVNe9KpiBH9D9475y_F3WAnWxPr-Zh19TwPXB5uznQy7lb2XJo0m9OWthY0xhmIeL8
cdn.discordapp.com/widget-avatars/9VSaw7InxoUOtFEPxOEcUtu3IgDzQHTQZIBb85pcS0g/ Frame 9A37
1 KB
2 KB
Image
General
Full URL
https://cdn.discordapp.com/widget-avatars/9VSaw7InxoUOtFEPxOEcUtu3IgDzQHTQZIBb85pcS0g/ArwRbPVmhbszyW58JYVNe9KpiBH9D9475y_F3WAnWxPr-Zh19TwPXB5uznQy7lb2XJo0m9OWthY0xhmIeL8
Requested by
Host: wintermu.net
URL: https://wintermu.net/?fbclid=IwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b4a9c8f3fc1e08227a34e42518a289c6b1229bec46b32bd44e32a1038447d3b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1176
x-guploader-uploadid
ADPycdsQmyem43ebFM4106zT7wKd0xBCAGxMPHiJILDeuq5jFnQbxmHCupjuH3qh5KFBkJbDv31E9M1GG0H0tIsyhx7lsPWBcwMl
x-goog-storage-class
NEARLINE
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1268
last-modified
Fri, 14 May 2021 01:14:12 GMT
server
cloudflare
etag
"1f0bfc0865d324c2587920a7d80c609b"
vary
Accept-Encoding
x-goog-generation
1620954852447678
content-type
image/png
x-goog-hash
crc32c=ILT29Q==, md5=Hwv8CGXTJMJYeSCn2Axgmw==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCP8hGofOAtUTNZq3DESJf9Dlq6yREBXbqdqcmhZdOGVsULSZ%2FuA2og112XwlEW2SC9s36mn%2FtqI4GdcXNbxer%2FzhkefAWotU6kb3GB6MykQeBuER2K3u1cHNDbJDDbXnXi07Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1268
accept-ranges
bytes
cf-ray
7f1de2f7ed68b79a-AMS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Sat, 05 Aug 2023 13:06:52 GMT
beea9854dde16323273c06a067ec0324.svg
discord.com/assets/ Frame 9A37
633 B
938 B
Image
General
Full URL
https://discord.com/assets/beea9854dde16323273c06a067ec0324.svg
Requested by
Host: discord.com
URL: https://discord.com/assets/index.693fb6cb383c52b4acb1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55738504d809d275b0d2c8696a8beb9b107a8316111243f362d0227b1c4573f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://discord.com/assets/index.693fb6cb383c52b4acb1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Aug 2021 08:15:50 GMT
server
cloudflare
etag
W/"beea9854dde16323273c06a067ec0324"
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
access-control-allow-origin
https://discord.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXG64szVgA45fbSD0lgY9jzwk60HMUe%2BHuo8J029NhgZgywOJP%2FQqpQNabxGJQicqag0U8P2UQ009SWNhTfWZpIYwmBa6XGBr3gt4fFF5yubu9RUXj0ip1ChxZQj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
permissions-policy
interest-cohort=()
cf-ray
7f1de2f73eafb700-AMS
7f1de2f4bf33b773
discord.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F73F
0
571 B
XHR
General
Full URL
https://discord.com/cdn-cgi/challenge-platform/h/g/cv/result/7f1de2f4bf33b773
Requested by
Host: discord.com
URL: https://discord.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.136.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 05 Aug 2023 09:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yuP4InntKxSOFd%2FRRngrZx42BmuUsVCyE62Qs3%2Fc4J9LSR2ZCyrAeJKJqU2GuZwH0gUsmISVC4xpzlJhzA12r3Q%2BqKulTNvVDLxwR3Cd34SgYX0jI8RW8DHgRH6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7f1de2f7ff32b700-AMS
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/
1 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=126423605&t=pageview&_s=1&dl=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&ul=en-us&de=UTF-8&dt=WinterMu.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1752673706&gjid=552556260&cid=709771201.1691226413&tid=UA-166024579-1&_gid=813913011.1691226413&_r=1&gtm=457e3820&jsscut=1&z=1786518612
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wintermu.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 05 Aug 2023 09:06:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wintermu.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
391 B
606 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wintermu.net&callback=_gfp_s_&client=ca-pub-9518535106856413
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4f646cc42bc90badf143e5f2f0ea35038047388092b3a69777534f31c014b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 392E
603 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&adk=1812271804&adf=3025194257&lmt=1691226412&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412534&bpp=3&bdt=1595&idt=316&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1884152824817&frm=20&pv=2&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 05 Aug 2023 09:06:53 GMT
expires
Sat, 05 Aug 2023 09:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 443D
603 B
211 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=5544981003&adk=2573118991&adf=3634608947&pi=t.ma~as.5544981003&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412537&bpp=2&bdt=1598&idt=353&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=I9tfnrIFzs&p=https%3A//wintermu.net&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 05 Aug 2023 09:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BA9B
603 B
211 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=1830986859&adf=2300108534&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412540&bpp=1&bdt=1601&idt=362&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AIWzYCCn9a&p=https%3A//wintermu.net&dtd=366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 05 Aug 2023 09:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5088
603 B
211 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=1830986859&adf=2084190065&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412541&bpp=1&bdt=1602&idt=368&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JCcP7gxPew&p=https%3A//wintermu.net&dtd=400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 05 Aug 2023 09:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E9BC
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=2154399238&adf=2084764165&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412541&bpp=1&bdt=1602&idt=405&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127%2C777x127%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JkbcynEt28&p=https%3A//wintermu.net&dtd=408
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 05 Aug 2023 09:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7f1688c401ef1682b0a24b33265e3fa5581ce3e6c17e064a4fd18b59de8f182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11699
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9518535106856413&plah=wintermu.net&bust=31076759
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 05 Aug 2023 09:06:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1FB
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
43652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 20:59:21 GMT
expires
Sat, 03 Aug 2024 20:59:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C938
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ab41d123438cae2b9844f1a70b7ca3ebb2551dca27f6b5f10c277436e2e109a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-72h7QIlJ1xYDzQ1Xmd9-6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wintermu.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-72h7QIlJ1xYDzQ1Xmd9-6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 05 Aug 2023 09:06:53 GMT
expires
Sat, 05 Aug 2023 09:06:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
pagead2.googlesyndication.com/bg/ Frame C1FB
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 12:47:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
73146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Aug 2024 12:47:47 GMT
generate_204
tpc.googlesyndication.com/ Frame C1FB
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?2UJ06w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 09:06:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C938
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=2974365270867793&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=2974365270867793&bg=!YmGlYTXNAAZGOVy5Zjk7ADkAdvg8WlPfTZ-h1R6q72dRrc0lhcxYDBhUwAH3k3OIKHBKSWu69YI-cIzE3pxhgtggYvE27OI6g60CAAAASVIAAAAGaAEHCgBGGW1IDAnDkn6UqlugrhnFG19fjWpcKgNZnCqHog4MsP56epjh9QfCgQnipo8Yv2yzMmfcosTFojyapVRU4kCle0BJ1aowXpkCrUD2Or_LykPz7Dhb7ZP5MbSBNtDmHHuyvllFKInzmpftOIFC0Z29QR3sxhMPbsQZU5eAn4JISQ41YzrjJapy4L92gbkG25nqCFFooCZpdCB3JuJIaOJGn7bJtwqQjM0VFuVuML5mNYPiw6ErEY-3vR00gLYWfrsPQUvg6U8rVMQt9uC_i34lbGUG5eYsQ0dvnuYbLiIjRmZ31AkZX2FRq0nDmOlqlvg7druNp5QAOI3ahvHxIXvQAzXPqAwWuj3TmSQo6oGkyQokxP4z1v_1dVc2SBUiuYTAOENtnRx2jMvX6T_PunmgjG_6eIxI6TurFLJqSmESMg1UA7O_bn5HVvQET4jLBvdSKQVJpHyV37WFgS15faaCuE8ptTS4MXSwCVOI4KQpaX_V3CQ6BSeYzK9PWcdQ5CdOYGMJ6Q1sT6XLUbCSbDESSW64t_7tLopxxqgxPWuUOVy-sLnaYdPyjpOaec0xBp1Yv-QQr1Og6HVQ1gQ1nHp0noYjv09enclxHSQXrjK_LPWldj41qGRg98cGw__c7Iqav2M3tir4vc_w1vOsTN9ab3yObF1zIUJAJBEF2tgyufp_z5pMOrvrmrURV3nkokHANtd50xX_Zq7oBalzpyNTT1GFfa07BnRYqVZXZwn63B9Mj4zhkeK5ggjFnD_fBWcyg0HNLen4wNJTwUCq4YXrS8lO5Npx8MUao3r76u-Qia_jrhHwkvTMDG-WhyoYRzPzoBlxLsUxvyuhUq3fi_2LeibyXxCXHgyjh-Q9VveVMedKN5erl338G0S2NeLVk7F0ebWA2QO1PVPuAOdLvwJxa2KMoeKVd-ZiHQH6iGDslvEI7U77jbF5QkFJFO2vL_DjOSK8bcJZuNPu16R0h2wsLHfh-Qytperbrp8ttra_EsTz37-ZGs8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://wintermu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| $ function| jQuery function| startTimer function| gtag object| dataLayer function| hj object| _hjSettings object| adsbygoogle number| countDownDate number| x object| bootstrap object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| googletag object| gaGlobal object| gaplugins object| gaData function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
wintermu.net/ Name: PHPSESSID
Value: p6do8df4t3uocptsnqjkbrbj4l
.discord.com/ Name: __cfruid
Value: 05373aa793d1b8354f43c45be37d310d5ca31327-1691226412
.wintermu.net/ Name: _ga_2GN5HXMBF0
Value: GS1.1.1691226412.1.0.1691226412.0.0.0
.wintermu.net/ Name: _ga
Value: GA1.2.709771201.1691226413
.wintermu.net/ Name: _gid
Value: GA1.2.813913011.1691226413
.wintermu.net/ Name: _gat_gtag_UA_166024579_1
Value: 1
.discord.com/ Name: cf_clearance
Value: T_NiYfiu1Qr6rzlu2TPJJilBZPM9I1zU1Wn_xdMm3m8-1691226412-0-1-7c9c3a70.4b77220d.d4a33134-0.2.1691226412
.discordapp.com/ Name: __cf_bm
Value: 8zu81h61x75EGEQTBpY7ArAAc2T6eUs_abI29Hkmt8s-1691226412-0-ASzb0qIt49wStkNYImpzN50db5yicFJLO0Jh6m7Ms0vJW3hyiusxTzLtAcpaTipNWLLo3PProEgGKQ6cw8ZgqrU=
.wintermu.net/ Name: _hjSessionUser_1808854
Value: eyJpZCI6ImViODAwMzc2LWJjMzItNWM2MS1hOTM4LWQ2MGFhMGZlMzhkMiIsImNyZWF0ZWQiOjE2OTEyMjY0MTI1MDcsImV4aXN0aW5nIjpmYWxzZX0=
.wintermu.net/ Name: _hjFirstSeen
Value: 1
.wintermu.net/ Name: _hjIncludedInSessionSample_1808854
Value: 1
.wintermu.net/ Name: _hjSession_1808854
Value: eyJpZCI6Ijc2ZWMwMTMxLWNmNzAtNGZjNi04ZjU4LWMzNzNhMzY4NjU2NCIsImNyZWF0ZWQiOjE2OTEyMjY0MTI4ODYsImluU2FtcGxlIjp0cnVlfQ==
.wintermu.net/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.wintermu.net/ Name: __gads
Value: ID=dcf42026119ff812-22ace00cbae70089:T=1691226413:RT=1691226413:S=ALNI_MZ4RPZ4-tJBYLqFEj2lV5siyqailA
.wintermu.net/ Name: __gpi
Value: UID=00000c4c38e1cd02:T=1691226413:RT=1691226413:S=ALNI_MbXXUKAyfMonDBb_IhuPEEX-elHGg

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://scontent.fpdv1-1.fna.fbcdn.net/v/t39.30808-6/363398579_711863547623369_8140255879536477666_n.jpg?_nc_cat=105&cb=99be929b-3346023f&ccb=1-7&_nc_sid=730e14&_nc_ohc=yLZe6suKW6MAX9HhAsx&_nc_ht=scontent.fpdv1-1.fna&oh=00_AfBDKuVZxdtUtIfn15tyunTR_A62izAW8muGmpCt7Ro4sg&oe=64C575B5
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=5544981003&adk=2573118991&adf=3634608947&pi=t.ma~as.5544981003&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412537&bpp=2&bdt=1598&idt=353&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=I9tfnrIFzs&p=https%3A//wintermu.net&dtd=358
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=1830986859&adf=2300108534&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412540&bpp=1&bdt=1601&idt=362&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1836&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AIWzYCCn9a&p=https%3A//wintermu.net&dtd=366
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=2154399238&adf=2084764165&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412541&bpp=1&bdt=1602&idt=405&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127%2C777x127%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=JkbcynEt28&p=https%3A//wintermu.net&dtd=408
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9518535106856413&output=html&h=127&slotname=9736347776&adk=1830986859&adf=2084190065&pi=t.ma~as.9736347776&w=777&lmt=1691226412&rafmt=11&format=777x127&url=https%3A%2F%2Fwintermu.net%2F%3Ffbclid%3DIwAR33qznp5eRpQY3dErQRi2NZm17Mb4h0iGCu7e7LV24Qnh3qI-pkfgjex6Y&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691226412541&bpp=1&bdt=1602&idt=368&shv=r20230802&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C777x127%2C777x127&nras=1&correlator=1884152824817&frm=20&pv=1&ga_vid=709771201.1691226413&ga_sid=1691226413&ga_hid=126423605&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=3961&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076468%2C31076512%2C31076731%2C44785292%2C44785295%2C31076759%2C21065725&oid=2&pvsid=2974365270867793&tmod=654032869&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JCcP7gxPew&p=https%3A//wintermu.net&dtd=400
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.discordapp.com
discord.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ibb.co
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
scontent.fpdv1-1.fna.fbcdn.net
script.hotjar.com
static.hotjar.com
static.xx.fbcdn.net
tpc.googlesyndication.com
wintermu.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
13.32.27.107
13.32.99.85
149.62.251.145
162.159.134.233
162.159.136.232
162.19.58.159
2001:4860:4802:32::36
2a00:1450:4001:800::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2004
2a03:2880:f007:8:face:b00c:0:1
2a06:98c1:3120::3
0064c541982798cab7c456edabe0eb0081739410d769a03462790147888771c4
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02179e50f5e10acb3e5b78d1b91d37289c5ccf48d131b2a972969147dda238ad
030a48bdceecea284c28a35adf5b0f72dd3ef87274efa511da1fd1250434f240
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
0fc482da11e6bebd1b7b6690d3771b31395be6be6e6661b14c5c55e6ca8e9448
1042ffe4df1408543d221405f2970ed86ffdcd66380459c3b9295d6cd2067189
10f0a24090c78090d65f25f248957370867658bf95557a5f2fc9e7be2b77efac
12954218db16e3a3c86a6ee84e41be8bb35cee983ffd5233b37c7e094f9dcf11
133bb6107231c1178b4910c404bd097618dde7f14fd8b9385f6bb5fb4df2085d
15e9f770dbeb347031c8464747a198f5586f7944fa1d2a9f80b546234e16fdc7
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
188af122f2dc84bcffc78ad98e4403619ad3cf8543342bd5cb68ab9149895318
18c6b10806c463a265a817201603ae73c333dff1049a2560f237d63963118a0e
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1d9015f5703a3aa5d9a7cc1666315ebfebea9a51724dbb87d29003ab6c7c028e
23dac69f3ef7c5357c71c062e6ee5df4763154e0e36aa172e8b7683571f12bbf
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2b4a9c8f3fc1e08227a34e42518a289c6b1229bec46b32bd44e32a1038447d3b
2ca738855262c6337002d070987052c220214b3f537b3544982e6b3c535a0cef
2f1a793da3cd95b5d3a4f0d3b5447e53a1d93e9cde5b9d75eae6fd632384ba46
2fb713c09ac3b46b4e05153cd6dd5ef3052cba01985e4c523dfc6a658f21c934
2fecc5c165ae4207d28b9b19de703102c92a6802baff40e758acccedba03dfdc
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
428c38c00825a619e34dd67f1ddcd2ae2d0e5b50101a9235c73d00f1259aaf53
4daa0e33f6cc8630e40efe6d60d1f3e902899e759da7ef61a2857f1cbc32702c
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
522dd70f9193656f0485c8a4b6221731144443631d5f1678e237637ddfef6f10
55738504d809d275b0d2c8696a8beb9b107a8316111243f362d0227b1c4573f7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ab41d123438cae2b9844f1a70b7ca3ebb2551dca27f6b5f10c277436e2e109a
5c4cfad899d8b13f9d87dcd334d6b6915ca2f1dd13bc3b7126a46061881b9ce4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657020c0e022a54f14c4d69b3d099c60d5f8e884f9a26bfd4429aadb6e3b153f
669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9df9dd09bfb72a4c9be67062b12599b8dad2123709bc4d85639f5281c713a8
6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc
74dd33957a17e836d3f5bdf162439e98a5562d4d7f91beb6b8da3d0edda6cf71
76869ea08ccb7725466b030c35c9886504ff70801c64a5e7b50bd64a38139c27
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
829990603089761ab2406bf8b695c71e5c360f76a5c352da1beb1df394047fce
8397e4f324463ad7c95564375e1275f675cf31196d62677ec588df46505d7792
8612deb0cfdfde638ad9e286429dd4cf56418398dc0d6721ce43842403d9f320
89e3f257f40f2868c7795359547458756c575076ea8a8626c1fb77b9b5737c42
89faaa6e9f8cc7e8fb9104f314c617490bd774d5a1943907f5c479631d906ee3
8f752b81dc0a3aa29edaa55262ebc397a6c947b15c1965698656f6f94162a787
90ac62415f3776b625d9f849bd650501d9079187a98f7cf1fe83861141d40b29
90d931a6198b81453b6a3a9ff22a9b23b02e75c2e3f515351d2c966d8eaf6217
9430c4e27c3d558184eac01bec190ddeb490408ddfc75d65d8342ecb302f894d
9485faf817cb1c4f5e018d90c6dcbcb375cc7e67959b05d4e912c42680f5f81a
985e5f73912607472965476a244364023a7cecb12c1c126a5836d6776f9119d7
a346346c08a521651ccc84e58b04bd1d7c04e1d4c47b1fc5909638b9f5912eab
a7f1688c401ef1682b0a24b33265e3fa5581ce3e6c17e064a4fd18b59de8f182
a83cf407bab5e1966206bdaf43e70e152c75fe739273d46e6a0dc7891189cec3
b84bc5460d3ef62efc38d75a8181c8e846281c23910083a28cad7012aa6298fc
bb934f6b2d4a690d92975299564d87f86959c76cb4fc6197cb726fd2e4f278d7
bca999ba53ba5d23ad5fd63c4c10dd654b48cfd5a111005708eea76b74c509a9
c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57
c2ceba5762fdd40feac1f34f6322f6f8f882b3f5f94163683c7e969086f42eea
c4f646cc42bc90badf143e5f2f0ea35038047388092b3a69777534f31c014b46
c948b945f378ca56aef04925bb2c69ae0b41e7eb910db153a25643f75b51c48a
ca0dad323eee0d24eb0d75846e3d57fbf76750d8d0f4485a9f68e0fc4498e7d6
cb199d03fc5d170f7b2dc15bc8e7396d26bd0592a17c212a0ac92bf39a54fa46
cc6ba90d2d98b4947d955848bc7f8d4f6dd46c65b292f723e40984d192dbec32
d1e55da04896f08b793c30f0bc2211dacc3b52456ccdca7308fc21d829131bd0
d2875783f24b8956a6ac68e9c0202b93bdf9775cac289c6119a4eece9ecbcb43
d3196c6d217bdc85b0e435dc4330b1605eb05ac8718b3272850125b3b763d336
d5f96cc8e0ca634b6b06ff036d3e578110a81d894bdd7b1f1031d748191c5d93
d6ca100fb9972c5a6153803ee3bf77ed05d5d705afbaa28a75cd886d822b4e55
d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cbf10f4a5715d7b6127922661635516488b3b0d81767402ca86f126cc89d7b
ebdb02f54d4e985fa841f9b44f480801e413f67b7c4f77f225a60c8ecd923079
f7ea6952b3f12189d531efd4905db834272b8ab0432c34046a3e7c95dec1633f
f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2
fbe3aca986802b4970841411e114ac9ca11eb9b04b9d9ca49faa636a7e650901