urlscan.io logo urlscan.io
SecurityTrails logo

winteriscoming.net Open in urlscan Pro
2a02:26f0:120::211:7bc8  Public Scan

Go To Rescan Add Verdict Report
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbcli...
Submission: On May 13 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 113 IPs in 11 countries across 89 domains to perform 335 HTTP transactions. The main IP is 2a02:26f0:120::211:7bc8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is winteriscoming.net.
TLS certificate: Issued by R3 on March 12th 2021. Valid for: 3 months.
This is the only time winteriscoming.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a02:26f0:120... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
17 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.14.217 54113 (FASTLY)
4 142.250.181.226 15169 (GOOGLE)
7 2.16.186.17 20940 (AKAMAI-ASN1)
15 2001:1bc7::1002 29686 (PROBENETW...)
2 13.224.103.105 16509 (AMAZON-02)
5 2600:9000:211... 16509 (AMAZON-02)
1 99.86.245.196 16509 (AMAZON-02)
10 151.139.128.11 20446 (HIGHWINDS3)
1 13.224.95.85 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2.16.107.210 20940 (AKAMAI-ASN1)
1 3 99.86.242.100 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
1 35.190.48.184 15169 (GOOGLE)
4 2.16.107.83 20940 (AKAMAI-ASN1)
1 23.45.103.78 16625 (AKAMAI-AS)
2 172.217.23.102 15169 (GOOGLE)
4 2.16.107.155 20940 (AKAMAI-ASN1)
1 18.214.150.11 14618 (AMAZON-AES)
5 2.16.107.139 20940 (AKAMAI-ASN1)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
14 99.81.79.244 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
5 54.184.42.89 16509 (AMAZON-02)
1 54.72.188.165 16509 (AMAZON-02)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2.18.233.180 16625 (AKAMAI-AS)
4 7 37.252.173.38 29990 (ASN-APPNEX)
7 62.149.0.72 15497 (COLOCALL ...)
4 5 185.94.180.125 35220 (SPOTX-AMS)
2 3 18.197.99.6 16509 (AMAZON-02)
3 4 18.156.0.31 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:219... 16509 (AMAZON-02)
3 213.174.135.2 39572 (ADVANCEDH...)
1 2600:9000:206... 16509 (AMAZON-02)
1 13.32.6.35 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
3 213.174.135.1 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 54.156.129.176 14618 (AMAZON-AES)
1 2a0c:5c81:513... 55081 (24SHELLS)
4 23.227.137.155 55081 (24SHELLS)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 162.247.243.146 23467 (NEWRELIC-...)
1 13.224.95.101 16509 (AMAZON-02)
5 5 66.155.71.25 13768 (COGECO-PEER1)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.167 1299 (TELIANET ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
2 3 52.19.106.86 16509 (AMAZON-02)
7 9 142.250.184.194 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
13 185.64.189.110 62713 (AS-PUBMATIC)
1 1 162.55.6.210 24940 (HETZNER-AS)
1 72.251.241.206 29791 (VOXEL-DOT...)
3 3 213.19.147.45 3356 (LEVEL3)
4 7 76.223.111.131 16509 (AMAZON-02)
1 1 188.165.4.142 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 169.197.150.7 398989 (DEEPINTENT)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 169.50.137.190 36351 (SOFTLAYER)
2 2 37.157.2.238 198622 (ADFORM)
3 3 185.29.133.208 30419 (MEDIAMATH...)
1 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 185.64.189.114 62713 (AS-PUBMATIC)
3 3 35.158.172.137 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
2 3 151.101.114.49 54113 (FASTLY)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
2 4 37.252.172.37 29990 (ASN-APPNEX)
1 1 34.254.122.11 16509 (AMAZON-02)
4 2a0c:5c81:514... 55081 (24SHELLS)
2 18.208.241.4 14618 (AMAZON-AES)
2 12 2.18.234.21 16625 (AKAMAI-AS)
4 54.234.118.98 14618 (AMAZON-AES)
1 1 23.79.143.124 16625 (AKAMAI-AS)
6 104.111.230.142 16625 (AKAMAI-AS)
4 185.94.180.124 35220 (SPOTX-AMS)
4 18.156.190.73 16509 (AMAZON-02)
2 213.19.147.42 26120 (RHYTHMONE)
3 184.25.115.31 16625 (AKAMAI-AS)
1 2 52.94.232.32 16509 (AMAZON-02)
1 1 54.234.240.118 14618 (AMAZON-AES)
1 1 3.248.28.111 16509 (AMAZON-02)
2 35.201.98.64 15169 (GOOGLE)
1 8.43.72.98 26667 (RUBICONPR...)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 64.202.112.159 23352 (SERVERCEN...)
3 52.28.203.152 16509 (AMAZON-02)
1 104.154.142.214 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 178.250.2.131 44788 (ASN-CRITE...)
1 213.19.162.51 26667 (RUBICONPR...)
1 185.255.84.150 200271 (IGUANE-)
1 34.98.64.218 15169 (GOOGLE)
2 54.93.115.47 16509 (AMAZON-02)
1 185.184.10.30 203690 (RTB-HOUSE...)
2 51.89.9.253 16276 (OVH)
1 185.184.8.30 204995 (RTB-HOUSE...)
4 7 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2.18.232.130 16625 (AKAMAI-AS)
1 2 54.194.226.253 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 18.235.163.155 14618 (AMAZON-AES)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 51.89.21.30 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
335 113
6    2a02:26f0:120::211:7bc8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
winteriscoming.net
5    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.fansided.com
1    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
7    2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
images2.minutemediacdn.com
15    2001:1bc7::1002 (Germany)

ASN29686 (PROBENETWORKS-AS, DE)
www.riddle.com
cdn.riddle.com
2    13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net
c.amazon-adsystem.com
5    2600:9000:211a:3e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    99.86.245.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-196.vie50.r.cloudfront.net
d3ujids68p6xmq.cloudfront.net
10    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
1    13.224.95.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-85.zrh50.r.cloudfront.net
native.sharethrough.com
15    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    2606:4700:10::6814:6a3e (United States)

ASN13335 (CLOUDFLARENET, US)
omny.fm
assets.omny.fm
1    2.16.107.210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-210.deploy.static.akamaitechnologies.com
launcher.spot.im
3    99.86.242.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-100.vie50.r.cloudfront.net
sb.scorecardresearch.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    35.190.48.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.48.190.35.bc.googleusercontent.com
gammamaximum.com
4    2.16.107.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-83.deploy.static.akamaitechnologies.com
middycdn-a.akamaihd.net
1    23.45.103.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-103-78.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
2    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net
ad.doubleclick.net
4    2.16.107.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-155.deploy.static.akamaitechnologies.com
api-2-0.spot.im
1    18.214.150.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-150-11.compute-1.amazonaws.com
direct-events-collector.spot.im
5    2.16.107.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-139.deploy.static.akamaitechnologies.com
publisher-assets.spot.im
events-collector.spot.im
pix.spot.im
3    2606:4700:10::6814:6b3e (United States)

ASN13335 (CLOUDFLARENET, US)
assets.omny.fm
14    99.81.79.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
trends.revcontent.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:214f:a200:17:62f0:2dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.raygun.io
5    54.184.42.89 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-42-89.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    54.72.188.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-188-165.eu-west-1.compute.amazonaws.com
yield-manager.browsiprod.com
3    2a02:26f0:6c00::210:ba18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static-cdn.spot.im
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
7    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.spotim.market
sync.adtelligent.com
5    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    18.197.99.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
id.rlcdn.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:2190:3000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
3    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
1    2600:9000:206e:e400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    13.32.6.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-35.vie50.r.cloudfront.net
www.omnycontent.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.zetarail.com
player.adtelligent.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
8    54.156.129.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
4    23.227.137.155 (Piscataway, United States)

ASN55081 (24SHELLS, US)
hb.spotim.market
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    162.247.243.146 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
1    13.224.95.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-101.zrh50.r.cloudfront.net
audit-tcfv2.quantcast.mgr.consensu.org
5    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.167 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    52.19.106.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
9    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
cm.g.doubleclick.net
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
13    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    162.55.6.210 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    188.165.4.142 (France)

ASN16276 (OVH, FR)
green.erne.co
1    2606:4700:3039::6815:c02e (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.29.133.208 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    35.158.172.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
pool.admedo.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
3    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
4    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
2    18.208.241.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
12    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
4    54.234.118.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
1    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
video-ads.rubiconproject.com
4    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
4    18.156.190.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
optimized-by.rubiconproject.com
2    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
3    184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.234.240.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
1    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
memorizeneck.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
b1h.zemanta.com
3    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
c2shb.ssp.yahoo.com
1    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
lockerdome.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
spot-im-d.openx.net
2    54.93.115.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
prebid-us.creativecdn.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    18.235.163.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p25.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.rlcdn.com
Apex Domain
Subdomains		 Transfer
29 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
hbopenbid.pubmatic.com
58 KB
24 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
202 KB
20 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
video-ads.rubiconproject.com
optimized-by.rubiconproject.com
pixel-us-east.rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
61 KB
19 omny.fm
omny.fm
assets.omny.fm
587 KB
17 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
196 KB
17 fansided.com
cdn.fansided.com
181 KB
16 doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
258 KB
15 gstatic.com
fonts.gstatic.com
231 KB
15 riddle.com
www.riddle.com
cdn.riddle.com
622 KB
14 spot.im
launcher.spot.im
api-2-0.spot.im
direct-events-collector.spot.im
publisher-assets.spot.im
events-collector.spot.im
static-cdn.spot.im
pix.spot.im
117 KB
13 casalemedia.com
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
14 KB
12 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
9 KB
11 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
c2shb.ssp.yahoo.com
ads.yahoo.com
6 KB
11 spotim.market
sync.spotim.market
player.spotim.market
hb.spotim.market
144 KB
9 adtelligent.com
s.adtelligent.com
player.adtelligent.com
sync.adtelligent.com
ghb.adtelligent.com
ghb1.adtelligent.com
5 KB
9 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
8 KB
8 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
2 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 consensu.org
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
206 KB
7 minutemediacdn.com
images2.minutemediacdn.com
84 KB
6 browsiprod.com
events.browsiprod.com
yield-manager.browsiprod.com
2 KB
6 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
9 KB
6 winteriscoming.net
winteriscoming.net
46 KB
5 sitescout.com
pixel-sync.sitescout.com
1 KB
4 1rx.io
sync.1rx.io
tag.1rx.io
2 KB
4 akamaihd.net
middycdn-a.akamaihd.net
88 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
37 KB
3 everesttech.net
sync-tm.everesttech.net
1003 B
3 bidswitch.net
x.bidswitch.net
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 geoedge.be
rumcdn.geoedge.be
143 KB
3 rlcdn.com
di.rlcdn.com
id.rlcdn.com
api.rlcdn.com
396 B
3 advertising.com
pixel.advertising.com
677 B
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
2 criteo.net
static.criteo.net
53 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1000 B
2 indexww.com
js-sec.indexww.com
2 KB
2 onetag-sys.com
onetag-sys.com
1 KB
2 creativecdn.com
prebid-us.creativecdn.com
prebid-eu.creativecdn.com
356 B
2 360yield.com
ice.360yield.com
1023 B
2 memorizeneck.com
memorizeneck.com
651 B
2 admedo.com
pool.admedo.com
783 B
2 adform.net
c1.adform.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
996 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 zetarail.com
p.zetarail.com
14 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 googletagmanager.com
www.googletagmanager.com
83 KB
1 id5-sync.com
id5-sync.com
536 B
1 adentifi.com
rtb.adentifi.com
88 B
1 bttrack.com
bttrack.com
380 B
1 openx.net
spot-im-d.openx.net
559 B
1 omnitagjs.com
hb-api.omnitagjs.com
726 B
1 lockerdome.com
lockerdome.com
431 B
1 zemanta.com
b1h.zemanta.com
124 B
1 adroll.com
d.adroll.com
112 B
1 extend.tv
sync.extend.tv
546 B
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
488 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 quantserve.com
pixel.quantserve.com
543 B
1 simpli.fi
um.simpli.fi
609 B
1 zeotap.com
mwzeom.zeotap.com
491 B
1 deepintent.com
match.deepintent.com
44 B
1 contextweb.com
bh.contextweb.com
462 B
1 ad4m.at
ad4m.at
992 B
1 erne.co
green.erne.co
324 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adgrx.com
cm.adgrx.com
408 B
1 loopme.me
csync.loopme.me
212 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 google.de
www.google.de
505 B
1 google.com
www.google.com
223 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 omnycontent.com
www.omnycontent.com
14 KB
1 googlesyndication.com
tpc.googlesyndication.com
2 KB
1 raygun.io
cdn.raygun.io
20 KB
1 optimizely.com
cdn3.optimizely.com
701 B
1 gammamaximum.com
gammamaximum.com
30 KB
1 sharethrough.com
native.sharethrough.com
66 KB
1 cloudfront.net
d3ujids68p6xmq.cloudfront.net
42 KB
1 webcontentassessor.com
scripts.webcontentassessor.com
30 KB
335 89
Domain Requested by
17 cdn.fansided.com winteriscoming.net
cdn.fansided.com
15 fonts.gstatic.com fonts.googleapis.com
cdn.fansided.com
14 trends.revcontent.com assets.revcontent.com
player.spotim.market
14 omny.fm winteriscoming.net
assets.omny.fm
omny.fm
13 simage2.pubmatic.com ads.pubmatic.com
10 www.riddle.com winteriscoming.net
www.riddle.com
9 cm.g.doubleclick.net 7 redirects
8 track1.aniview.com winteriscoming.net
player.aniview.com
7 match.adsrvr.org 4 redirects ssum.casalemedia.com
player.spotim.market
7 image2.pubmatic.com ads.pubmatic.com
7 images.revcontent.com winteriscoming.net
7 ib.adnxs.com 4 redirects ssum.casalemedia.com
player.spotim.market
p.zetarail.com
7 images2.minutemediacdn.com winteriscoming.net
6 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
6 winteriscoming.net winteriscoming.net
5 pixel-sync.sitescout.com 5 redirects
5 sync.search.spotxchange.com 4 redirects winteriscoming.net
5 ads.pubmatic.com launcher.spot.im
ads.pubmatic.com
player.aniview.com
5 events.browsiprod.com middycdn-a.akamaihd.net
5 assets.omny.fm omny.fm
assets.omny.fm
5 cdn.riddle.com www.riddle.com
cdn.riddle.com
winteriscoming.net
5 quantcast.mgr.consensu.org winteriscoming.net
quantcast.mgr.consensu.org
5 fonts.googleapis.com winteriscoming.net
cdn.fansided.com
ajax.googleapis.com
4 token.rubiconproject.com 4 redirects
4 optimized-by.rubiconproject.com player.aniview.com
video-ads.rubiconproject.com
4 video-ads.rubiconproject.com player.aniview.com
4 search.spotxchange.com player.aniview.com
4 sync.aniview.com player.aniview.com
ssum.casalemedia.com
4 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
acdn.adnxs.com
4 hb.spotim.market player.spotim.market
4 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 sync.spotim.market winteriscoming.net
ads.pubmatic.com
4 api-2-0.spot.im launcher.spot.im
4 middycdn-a.akamaihd.net winteriscoming.net
middycdn-a.akamaihd.net
4 securepubads.g.doubleclick.net winteriscoming.net
securepubads.g.doubleclick.net
3 pixel.rubiconproject.com
3 c2shb.ssp.yahoo.com player.spotim.market
3 gum.criteo.com 1 redirects static.criteo.net
3 htlb.casalemedia.com player.aniview.com
player.spotim.market
3 ghb.adtelligent.com p.zetarail.com
player.spotim.market
3 sync-tm.everesttech.net 2 redirects ssum-sec.casalemedia.com
3 x.bidswitch.net 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum.casalemedia.com
3 sync.mathtag.com 3 redirects
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync.adtelligent.com s.adtelligent.com
winteriscoming.net
3 player.aniview.com static-cdn.spot.im
player.aniview.com
3 player.spotim.market winteriscoming.net
player.spotim.market
3 rumcdn.geoedge.be launcher.spot.im
rumcdn.geoedge.be
player.spotim.market
3 pixel.advertising.com 2 redirects player.aniview.com
3 static-cdn.spot.im winteriscoming.net
launcher.spot.im
3 publisher-assets.spot.im launcher.spot.im
winteriscoming.net
3 sb.scorecardresearch.com 1 redirects winteriscoming.net
2 static.criteo.net player.spotim.market
static.criteo.net
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 js-sec.indexww.com player.aniview.com
ssum-sec.casalemedia.com
2 onetag-sys.com p.zetarail.com
2 ice.360yield.com player.spotim.market
p.zetarail.com
2 bidder.criteo.com player.spotim.market
p.zetarail.com
2 mug.criteo.com
2 memorizeneck.com gammamaximum.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 ssum-sec.casalemedia.com ssum.casalemedia.com
js-sec.indexww.com
2 tag.1rx.io player.aniview.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 go1.aniview.com player.aniview.com
2 pool.admedo.com 2 redirects
2 c1.adform.net 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 bam-cell.nr-data.net js-agent.newrelic.com
cdn.raygun.io
2 p.zetarail.com rumcdn.geoedge.be
p.zetarail.com
2 www.google-analytics.com www.googletagmanager.com
cdn.raygun.io
2 www.googletagmanager.com omny.fm
www.googletagmanager.com
2 ad.doubleclick.net winteriscoming.net
gammamaximum.com
2 platform.twitter.com winteriscoming.net
platform.twitter.com
2 c.amazon-adsystem.com winteriscoming.net
c.amazon-adsystem.com
1 pix.spot.im launcher.spot.im
1 api.rlcdn.com player.spotim.market
1 id5-sync.com player.spotim.market
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 bttrack.com ssum-sec.casalemedia.com
1 acdn.adnxs.com p.zetarail.com
1 ads.yahoo.com
1 id.rlcdn.com
1 prebid-eu.creativecdn.com p.zetarail.com
1 prebid-us.creativecdn.com player.spotim.market
1 spot-im-d.openx.net player.spotim.market
1 ghb1.adtelligent.com player.spotim.market
1 hb-api.omnitagjs.com player.spotim.market
1 fastlane.rubiconproject.com player.spotim.market
1 hbopenbid.pubmatic.com player.spotim.market
1 lockerdome.com player.spotim.market
1 b1h.zemanta.com player.spotim.market
1 pixel-us-east.rubiconproject.com
1 d.adroll.com 1 redirects
1 sync.extend.tv 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 image6.pubmatic.com ads.pubmatic.com
1 player.adtelligent.com player.spotim.market
1 s.adtelligent.com rumcdn.geoedge.be
1 www.google.de winteriscoming.net
1 www.google.com winteriscoming.net
1 js-agent.newrelic.com omny.fm
1 stats.g.doubleclick.net cdn.raygun.io
1 cdn.revcontent.com winteriscoming.net
1 img.revcontent.com winteriscoming.net
1 www.omnycontent.com cdn.raygun.io
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 syndication.twitter.com platform.twitter.com
1 di.rlcdn.com winteriscoming.net
1 tpc.googlesyndication.com gammamaximum.com
1 ajax.googleapis.com omny.fm
1 yield-manager.browsiprod.com middycdn-a.akamaihd.net
1 cdn.raygun.io omny.fm
1 events-collector.spot.im launcher.spot.im
1 direct-events-collector.spot.im launcher.spot.im
1 cdn3.optimizely.com d3ujids68p6xmq.cloudfront.net
1 gammamaximum.com winteriscoming.net
1 launcher.spot.im winteriscoming.net
1 native.sharethrough.com winteriscoming.net
1 assets.revcontent.com winteriscoming.net
1 d3ujids68p6xmq.cloudfront.net winteriscoming.net
1 scripts.webcontentassessor.com winteriscoming.net
335 149
Subject Issuer Validity Valid
rushthekop.com
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
blogoflegends.com
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-01-27 -
2022-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.90min.com
DigiCert Secure Site ECC CA-1		 2020-08-14 -
2021-11-13		 a year crt.sh
*.riddle.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2022-09-13		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
assets.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
*.spot.im
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-26 -
2021-11-30		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
gammamaximum.com
R3		 2021-04-16 -
2021-07-15		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA		 2021-02-17 -
2022-02-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
revcontent.com
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.raygun.io
RapidSSL RSA CA 2018		 2019-11-24 -
2021-12-14		 2 years crt.sh
*.gobrowsi.com
Amazon		 2021-01-14 -
2022-02-12		 a year crt.sh
browsiprod.com
Amazon		 2021-03-23 -
2022-04-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
sync.spotim.market
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
rumcdn.geoedge.be
Amazon		 2020-10-02 -
2021-11-03		 a year crt.sh
player.spotim.market
R3		 2021-04-30 -
2021-07-29		 3 months crt.sh
omnycontent.com
Amazon		 2021-05-02 -
2022-05-31		 a year crt.sh
img.revcontent.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
cdn.revcontent.com
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-13 -
2022-04-10		 a year crt.sh
p.zetarail.com
R3		 2021-04-08 -
2021-07-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
images.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
hb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2021-04-11 -
2021-07-10		 3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-05-06 -
2021-08-04		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
memorizeneck.com
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
*.zemanta.com
DigiCert SHA2 Secure Server CA		 2020-08-23 -
2021-09-01		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2020-09-27 -
2021-10-29		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2021-06-18		 a year crt.sh
ghb1.adtelligent.com
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-11 -
2021-06-30		 2 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh

This page contains 40 frames:

Primary Page: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Frame ID: 6DEDB7754A090296F0D42E3EDE60966C
Requests: 147 HTTP requests in this frame

Frame: https://www.riddle.com/a/308128
Frame ID: 6DF89239F7C0D71AD752AF9DC8CFDE7F
Requests: 13 HTTP requests in this frame

Frame: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Frame ID: 666378B9200C1DEB9DE737679427A27C
Requests: 36 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1620924786898
Frame ID: 282EC7DE75B4164B29B101E3563FE61B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwinteriscoming.net
Frame ID: BD5B526ECC3E109DA0122C140ABFE326
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 9E866577CDE5731E7F21FFB1ACE778DD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: D216804B641682C8986D77B6CE3ECDD9
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 8D467B306DBC6B09F9793C19E7E3C8E1
Requests: 38 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 33F764288F0CDCDFAAF68BA94E7CBB61
Requests: 24 HTTP requests in this frame

Frame: https://p.zetarail.com/prebidlink/18760/j.html?i=8200
Frame ID: AA878B5B86F035A8238B2268C9D465B3
Requests: 9 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=572165
Frame ID: EA062E9DC9A238A17B522CCFC57079F0
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 2F4946964014529608DF746AF376041D
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 70EE09A1C7E42BC163C536B2199C9D61
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8527752969132549622
Frame ID: 1FAD727E17B562F242FD9F432C1BF4F4
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: DD7305C55C0989844485FE1273659518
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961818958032664718
Frame ID: 4EB4F89077FDA8A29528A42D7726E752
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: BA79FED2D2E3C8D4FF8E6EAAF09F8E03
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7D4F463B5D5554F2768FCB11B04D1350
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003
Frame ID: F942E877D61AE557964962ED5260C889
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4P15e8GnslR3B0ZtSfibWzO1
Frame ID: 5D6FDDDA8A635F9EE10618ED014C53BA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: E4A3D25ED094D1592BDE0148A8EA41F0
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 23B44B8939323CD6B310AD870349B0D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=IuwStLVqcqT2&pid=557219
Frame ID: 6D24681C09F9ED04DDFFA20B510EF166
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 7289C01E8DAEB8FD53E5E650C67491ED
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=1B129891-F9CA-479A-8537-0ED2EF02ECA5
Frame ID: A26232C49FA70A64DB99C283AED8E800
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Frame ID: B93A7F9E20422618D0932BAC50A9E176
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Frame ID: 84FEA188C6DCEE176BB0CCCB431182DB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 33EFE25C4411364AAA7BA45D527069B9
Requests: 11 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=2&key=b1490eb8-b40b-11eb-a195-1860f0710506
Frame ID: 1FDE8C161AE1D42D3E3829AB397E9B2F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D1%26key%3D
Frame ID: BF1C2D1725D9478B127A13B0BAABCD0B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 4835BC9FC0C383A447929B78DEABE1B6
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=55&key=3685782002405673524
Frame ID: 4CD4FACD497996234965A199FC766121
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8F52E9DD5C65A592040D216A64FBAABC
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31032.js
Frame ID: EA3C84926D065BD97B939A9CC54306EC
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DF8B4D2718A551DC16FF7C436F5C4D88
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: FA8F0E0A9721DBEA9D83029B495665AF
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1620924790168
Frame ID: 323BB5A2EAB7BF57EFC717CE31BBDB7D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E2D92D378F252BC0D8CF61C0130EBB90
Requests: 10 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31032.js
Frame ID: 4E7C913A81833BF6E31D983DBEC4B78C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=winteriscoming.net&gdpr=1&gdpr_consent=
Frame ID: 1CE22B72C3076F944F3366904B21730C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

335
Requests

100 %
HTTPS

25 %
IPv6

89
Domains

149
Subdomains

113
IPs

11
Countries

3833 kB
Transfer

11862 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1620924787023&ns_c=UTF-8&cv=3.5&c8=QUIZ%3A%20Which%20Game%20of%20Thrones%20House%20do%20you%20belong%20to%3F&c7=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1620924787023&ns_c=UTF-8&cv=3.5&c8=QUIZ%3A%20Which%20Game%20of%20Thrones%20House%20do%20you%20belong%20to%3F&c7=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&c9=
Request Chain 110
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=3685782002405673524
Request Chain 111
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=b148db5b-b40b-11eb-9e6a-1974e5cf0406
Request Chain 112
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2&verify=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-S5ymd5NE2uH9czYYwMKx0oA.N9CL1xZB~A~UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
Request Chain 113
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=b1490efe-b40b-11eb-a195-1860f0710506 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=b1490eb8-b40b-11eb-a195-1860f0710506
Request Chain 190
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 192
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8527752969132549622
Request Chain 193
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOVJFN0JPck1BQUN1bWJmYlN4dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 194
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961818958032664718
Request Chain 195
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 197
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4983038842 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4983038842 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/375508ba-2d30-473d-9651-eafacb183e46 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003
Request Chain 198
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4P15e8GnslR3B0ZtSfibWzO1
Request Chain 200
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 201
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=IuwStLVqcqT2&pid=557219
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GxKYkfnKR5qFNw7S7wLspQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 206
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1B129891-F9CA-479A-8537-0ED2EF02ECA5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B129891-F9CA-479A-8537-0ED2EF02ECA5&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 207
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&addseg=19,36,42
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUIxMjk4OTEtRjlDQS00NzlBLTg1MzctMEVEMkVGMDJFQ0E1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENu-zFqCUeAekIBlSo6W1e0&google_cver=1
Request Chain 211
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7135139224381836002
Request Chain 212
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=375508ba-2d30-473d-9651-eafacb183e46
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=0&gdpr_consent=
Request Chain 214
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685782002405673524&gdpr=0&gdpr_consent=
Request Chain 216
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OjYSIxtE2uUbY.CReEvVdsKY2v2_6to-~A&gdpr=0&gdpr_consent=
Request Chain 217
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=db5b6833-2104-45e0-9dfc-1eece6cf9f6e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=db5b6833-2104-45e0-9dfc-1eece6cf9f6e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4e204c91-cc3a-4a92-a23f-a6de6bb2c71f&user_group=1&ssp=pubmatic&bsw_param=db5b6833-2104-45e0-9dfc-1eece6cf9f6e HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db5b6833-2104-45e0-9dfc-1eece6cf9f6e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 218
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY
Request Chain 219
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7149985847909831442&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 220
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YJ1ZdQAA17W3WwBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ1ZdQAA17W3WwBg&gdpr=0&gdpr_consent=&_test=YJ1ZdQAA17W3WwBg
Request Chain 221
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c829270d-8896-4b5e-832b-f57d79e1c688&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 223
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 224
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685782002405673524
Request Chain 225
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2883f239-1595-4371-9fec-6811b9fe3d69
Request Chain 232
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 233
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3685782002405673524
Request Chain 234
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Request Chain 235
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Request Chain 236
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 237
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=2&key=b1490eb8-b40b-11eb-a195-1860f0710506
Request Chain 240
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=55&key=3685782002405673524
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEK5jCZ4xwX7YsvZZBeGgGlo&google_cver=1
Request Chain 252
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB&dcc=t
Request Chain 253
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJ1ZdXGi6oNe0-NUBhOx.gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmQT3lDmjrHy0O6406iwoc&google_cver=1&gdpr=1&google_hm=2
Request Chain 255
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=8f754e76-7439-49b6-a3b3-a3ede7f517b1
Request Chain 256
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 268
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwinteriscoming.net%2F&domain=winteriscoming.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=zKH1inw5ZWZsSU9nbmFyNUpndkZ5aC9lQkI0eVRaeVBLZjNIa0F4QVZPNWRXNzdNZlVhSmM4Vys1Q0lGVzkvZFBiVUdJQUpsMnZFblFWTzZpMURqNk1RTkhVdHNwbWc0ZlcvSzhubUgwN1lLKzJFKzg4S01qQlI2bVhiRVk4cnNBK0dYaUkyaUNZUW1JcmdENFdiaWJCRkpueXQ3ZmcxMVJ6bStldUFjUG05OHBVcllNdFFycis0VElLTFVsbmxJN2RXYlFVQjlvQXFicUdwUFRRR1VDeW9ndUt0b05mZy9NSlJjR3B2c01QTSsyN3pNPXw&cppv=2
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIu7Ge-ZFhIrJ1PM9sg3im4&google_cver=1
Request Chain 294
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FHoyV0VXrYOZR6FpBXiPqA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3418583757419626257
Request Chain 295
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3
Request Chain 297
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ONFJPM1gtWS1NSDk=
Request Chain 298
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KON4RO3X-Y-MH9&sigv=1&esig=2~37c885eda60e12003b030d259fae2230c7ef930b
Request Chain 299
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU2YTUyZGE0MzQ5NDE1YThkYTQ2NGQyZGFkODIxMWIyNTNjMDUzOQ
Request Chain 313
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=1&gdpr_consent=
Request Chain 315
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 318
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1623516790

335 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/ 		133 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7bc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
29aeb6bc3a004338b09faab998fd1e973b386802b1204fff3961b2d12d6be27e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
winteriscoming.net
:scheme
https
:path
/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-user-agent
standard
x-cache-config
0 0
content-encoding
gzip
content-length
27191
expires
Thu, 13 May 2021 16:53:06 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Thu, 13 May 2021 16:53:06 GMT
vary
Accept-Encoding
set-cookie
stateCode=HE; expires=Thu, 20-May-2021 16:53:06 GMT countryCode=DE; expires=Thu, 20-May-2021 16:53:06 GMT cityCode=FRANKFURT; expires=Thu, 20-May-2021 16:53:06 GMT isMobile=false; expires=Thu, 20-May-2021 16:53:06 GMT isTablet=false; expires=Thu, 20-May-2021 16:53:06 GMT userDevice=desktop; expires=Thu, 20-May-2021 16:53:06 GMT
server
Akamai
style.css
winteriscoming.net/wp-content/plugins/mm-video/styles/ 		116 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winteriscoming.net/wp-content/plugins/mm-video/styles/style.css?ver=1593110345
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7bc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc

Request headers

:path
/wp-content/plugins/mm-video/styles/style.css?ver=1593110345
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
winteriscoming.net
referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 18:39:05 GMT
server
Akamai
etag
"5ef4ef49-74"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=685652
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
set-cookie
stateCode=HE; expires=Thu, 20-May-2021 16:53:06 GMT countryCode=DE; expires=Thu, 20-May-2021 16:53:06 GMT cityCode=FRANKFURT; expires=Thu, 20-May-2021 16:53:06 GMT isMobile=false; expires=Thu, 20-May-2021 16:53:06 GMT isTablet=false; expires=Thu, 20-May-2021 16:53:06 GMT userDevice=desktop; expires=Thu, 20-May-2021 16:53:06 GMT
accept-ranges
bytes
content-length
120
expires
Fri, 21 May 2021 15:20:38 GMT
block.css
winteriscoming.net/wp-content/plugins/mm-video/styles/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winteriscoming.net/wp-content/plugins/mm-video/styles/block.css?ver=1593110345
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7bc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
2e54f982fc5fa8eb842fb3a7bc648e21e1fee5c7e82a215f845d5a8afe541b6f

Request headers

:path
/wp-content/plugins/mm-video/styles/block.css?ver=1593110345
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
winteriscoming.net
referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 18:39:05 GMT
server
Akamai
etag
W/"5ef4ef49-108d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1805658
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
set-cookie
stateCode=HE; expires=Thu, 20-May-2021 16:53:06 GMT countryCode=DE; expires=Thu, 20-May-2021 16:53:06 GMT cityCode=FRANKFURT; expires=Thu, 20-May-2021 16:53:06 GMT isMobile=false; expires=Thu, 20-May-2021 16:53:06 GMT isTablet=false; expires=Thu, 20-May-2021 16:53:06 GMT userDevice=desktop; expires=Thu, 20-May-2021 16:53:06 GMT
content-length
1208
expires
Thu, 03 Jun 2021 14:27:24 GMT
css
fonts.googleapis.com/ 		2 KB
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald&ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 May 2021 16:31:37 GMT
server
ESF
date
Thu, 13 May 2021 16:53:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 May 2021 16:53:06 GMT
css
fonts.googleapis.com/ 		720 B
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web&ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d4ee68a4b4d3d329089adf12dc360b975f7d6cc57f0a051365f651a4e34643c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 May 2021 15:44:51 GMT
server
ESF
date
Thu, 13 May 2021 16:53:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 May 2021 16:53:06 GMT
style-wic.css
cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/ 		435 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f467df29d6bb3a418a7b898a490ff91a062e2e9e4e0ff17c84f9c75169869223

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:27:03 GMT
server
Akamai
etag
W/"60677007-6cbf5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1481619
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
69758
expires
Sun, 30 May 2021 20:26:45 GMT
shortcodes-b3d07ea77d.css
winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist/ 		59 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winteriscoming.net/wp-content/plugins/fansided-shortcodes/dist/shortcodes-b3d07ea77d.css
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7bc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
0b409fda772c3b5ef8259b9d8cc7caab9d2a85d0d40b6e72bb2552b4c26e0f4e

Request headers

:path
/wp-content/plugins/fansided-shortcodes/dist/shortcodes-b3d07ea77d.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
winteriscoming.net
referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 23:18:12 GMT
server
Akamai
etag
W/"604aa534-ed5e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1838075
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
set-cookie
stateCode=HE; expires=Thu, 20-May-2021 16:53:06 GMT countryCode=DE; expires=Thu, 20-May-2021 16:53:06 GMT cityCode=FRANKFURT; expires=Thu, 20-May-2021 16:53:06 GMT isMobile=false; expires=Thu, 20-May-2021 16:53:06 GMT isTablet=false; expires=Thu, 20-May-2021 16:53:06 GMT userDevice=desktop; expires=Thu, 20-May-2021 16:53:06 GMT
content-length
9510
expires
Thu, 03 Jun 2021 23:27:41 GMT
network-nav.css
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
120358186432591c0e04921b3e25c355bb3262969a66382b51b7361158398404

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:27:18 GMT
server
Akamai
etag
W/"60677016-9b80"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1170885
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
6450
expires
Thu, 27 May 2021 06:07:51 GMT
mm-video.js
cdn.fansided.com/wp-content/plugins/mm-video/scripts/ 		36 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/plugins/mm-video/scripts/mm-video.js?ver=1.1.2
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
4d9ebbca5a5e9ba28cf277632a4e27c3334a255ca46a42b4abf3f116a2d56403

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 18:39:06 GMT
server
Akamai
etag
"5ef4ef4a-24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1805655
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
45
expires
Thu, 03 Jun 2021 14:27:21 GMT
jquery.js
cdn.fansided.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 05:56:48 GMT
server
Akamai
etag
W/"6077d5a0-17a6a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1805686
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
34019
expires
Thu, 03 Jun 2021 14:27:52 GMT
iframeSizer.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.17
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:26:58 GMT
server
Akamai
etag
W/"60677002-2d5b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=647127
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
4629
expires
Fri, 21 May 2021 04:38:33 GMT
a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
scripts.webcontentassessor.com/scripts/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b31bdf25764a12a6f6b9a0af7c2e405414a8bf1c3212883f800d41620be0bcc1

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
age
1873
x-cache
HIT
content-length
29912
x-amz-id-2
a+tsNyGyqJJPpvEYpwmIYx3NShSp/9Zf0nggl9hd+u4aKCe2jZYeKLRlUxZUHNwaA92zCollTVM=
x-served-by
cache-fra19157-FRA
last-modified
Thu, 13 May 2021 16:20:25 GMT
server
AmazonS3
x-timer
S1620924786.270007,VS0,VE1
etag
"7c9392a3105a17110d99c7874fff5f66"
vary
Accept-Encoding
x-amz-request-id
JA1G4GY4CVTDZWV5
via
1.1 varnish
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5591ede83d1f0abe213a680bec0de9abff316625ff666c88d2f89ca36be2542d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"870 / 589 of 1000 / last-modified: 1620904231"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21356
x-xss-protection
0
expires
Thu, 13 May 2021 16:53:06 GMT
logo_winteriscoming-net__150x150.png
images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/winteriscoming/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/winteriscoming/logo_winteriscoming-net__150x150.png
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8ed5b9a1b3af80ad20de85350e9b9ad53c8307f58d8cd5be06c11dcf87999ca

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
last-modified
Tue, 25 Feb 2020 18:09:54 GMT
x-timer
S1617839871.194623,VS0,VE31
etag
"b034105e89934deb07c9c8460a3f857b"
x-served-by
cache-wdc5551-WDC
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31480699
x-cache-hits
1
content-disposition
inline; filename="logo_winteriscoming-net__150x150.webp"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
1948
expires
Thu, 20 May 2021 16:53:06 GMT
https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2021%2F04%2FJon-Snow-Daenerys-Davos-Seaworth-Brienne-850x560.jpeg
images2.minutemediacdn.com/image/fetch/w_850,h_560,c_fill,g_auto,f_auto/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/w_850,h_560,c_fill,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2021%2F04%2FJon-Snow-Daenerys-Davos-Seaworth-Brienne-850x560.jpeg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80c9f927f7a5659bdf1e321fcebb9fa0bd3bb2a29894928f12570cd639c3b946

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
last-modified
Thu, 08 Apr 2021 15:36:19 GMT
x-timer
S1620358703.337191,VS0,VE1
etag
"c76fc7178d784dd6a2974331dea70f45"
x-served-by
cache-wdc5565-WDC
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31480699
x-cache-hits
1
content-disposition
inline; filename="Jon-Snow-Daenerys-Davos-Seaworth-Brienne-850x560.webp"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
46708
expires
Thu, 20 May 2021 16:53:06 GMT
embed.js
www.riddle.com/files/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/files/js/embed.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
5256842d8a79f8324d30e91706743f6f8e8346754b9aaba36262440a06b5c06f

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 09:02:13 GMT
etag
W/"5f6c6095-179f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300, public
expires
Thu, 13 May 2021 16:58:06 GMT
embed.css
www.riddle.com/files/css/ 		473 B
470 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/files/css/embed.css
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
0ebe4c3492473460e2cd9d1f71c2722e31282f4b89fcf0319310d65f39d6fa65

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
last-modified
Sat, 12 Oct 2019 06:56:36 GMT
etag
W/"5da17924-1d9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public
expires
Thu, 27 May 2021 16:53:06 GMT
logo_winteriscoming-net__150x150.png
cdn.fansided.com/wp-content/assets/site_images/winteriscoming/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fansided.com/wp-content/assets/site_images/winteriscoming/logo_winteriscoming-net__150x150.png
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
447a6c6e30f0a5e502248effde8e143948e1bb084646edc30761bb5b316ff9f7

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
last-modified
Wed, 07 Jun 2017 23:05:53 GMT
server
Akamai
etag
"593886d1-b6c"
content-type
image/png
cache-control
max-age=1679041
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
2924
expires
Wed, 02 Jun 2021 03:17:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 05:09:09 GMT
content-encoding
gzip
server
Server
age
42236
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
cP2tnA104Zi32DoWhHs3PZxiaeuJgPcv8oFcgrCzRjptM9DG2SVKmg==
choice.js
quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/winteriscoming.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/winteriscoming.net/choice.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeaf96b33b73b169c1c0633e6a86bd7b3ff634b2f2ac6bdd36c3f5c11e81c99a

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
br
etag
W/"eb733d40c1722778552395571ecf2272"
last-modified
Wed, 21 Apr 2021 13:55:54 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
tYPZ_7Vqxkk0K2z59wL5VMRQoft7OUiqX1pUXXApqU5GpDMrA4T2OA==
twemoji.js
cdn.fansided.com/wp-includes/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/twemoji.js?ver=4.9.17
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 05:56:48 GMT
server
Akamai
etag
W/"6077d5a0-64c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1359691
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
7682
expires
Sat, 29 May 2021 10:34:37 GMT
wp-emoji.js
cdn.fansided.com/wp-includes/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/wp-emoji.js?ver=4.9.17
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 05:56:48 GMT
server
Akamai
etag
W/"6077d5a0-1a68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=491533
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
2637
expires
Wed, 19 May 2021 09:25:19 GMT
fansided-logo.svg
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/fansided-logo.svg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:26:44 GMT
server
Akamai
etag
W/"60676ff4-2191"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1808479
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
3016
expires
Thu, 03 Jun 2021 15:14:25 GMT
apple-app.png
winteriscoming.net/wp-content/themes/fansided-v5/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winteriscoming.net/wp-content/themes/fansided-v5/assets/images/apple-app.png
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7bc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a

Request headers

:path
/wp-content/themes/fansided-v5/assets/images/apple-app.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
winteriscoming.net
referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
last-modified
Fri, 02 Apr 2021 19:26:44 GMT
server
Akamai
etag
"60676ff4-682"
content-type
image/png
cache-control
max-age=650797
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
set-cookie
stateCode=HE; expires=Thu, 20-May-2021 16:53:06 GMT countryCode=DE; expires=Thu, 20-May-2021 16:53:06 GMT cityCode=FRANKFURT; expires=Thu, 20-May-2021 16:53:06 GMT isMobile=false; expires=Thu, 20-May-2021 16:53:06 GMT isTablet=false; expires=Thu, 20-May-2021 16:53:06 GMT userDevice=desktop; expires=Thu, 20-May-2021 16:53:06 GMT
accept-ranges
bytes
content-length
1666
expires
Fri, 21 May 2021 05:39:43 GMT
android-app.png
winteriscoming.net/wp-content/themes/fansided-v5/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winteriscoming.net/wp-content/themes/fansided-v5/assets/images/android-app.png
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7bc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66

Request headers

:path
/wp-content/themes/fansided-v5/assets/images/android-app.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
winteriscoming.net
referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standardBO1MZmgO1MZmgAKAABENDO-AAAAwKAXAAWAC4AHgATQBHgCkAFaARgAsQCCgFiwLbAtwBbwC4IFxAXHAuUC54F1AXaAvIBekC9gL5gX2BfwDAAGBAA
last-modified
Fri, 02 Apr 2021 19:26:44 GMT
server
Akamai
etag
"60676ff4-f1f"
content-type
image/png
cache-control
max-age=1809532
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
set-cookie
stateCode=HE; expires=Thu, 20-May-2021 16:53:06 GMT countryCode=DE; expires=Thu, 20-May-2021 16:53:06 GMT cityCode=FRANKFURT; expires=Thu, 20-May-2021 16:53:06 GMT isMobile=false; expires=Thu, 20-May-2021 16:53:06 GMT isTablet=false; expires=Thu, 20-May-2021 16:53:06 GMT userDevice=desktop; expires=Thu, 20-May-2021 16:53:06 GMT
accept-ranges
bytes
content-length
3871
expires
Thu, 03 Jun 2021 15:31:58 GMT
abw.js
d3ujids68p6xmq.cloudfront.net/ 		223 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3ujids68p6xmq.cloudfront.net/abw.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.245.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-245-196.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 18:22:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Feb 2018 14:40:14 GMT
Server
AmazonS3
Age
81014
ETag
"e817b0f323fb2559fcb2e5701865527a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0b828d2972235c5e8de186e29f1866fd.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
VIE50-C1
Accept-Ranges
bytes
Content-Length
42771
X-Amz-Cf-Id
AtybMWTPf7vCsX7OwwN1ayvnw93SVbqWcDP3qu9xMZOfoJD47zHHcA==
front.js
cdn.fansided.com/wp-content/plugins/mm-video/scripts/ 		845 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/plugins/mm-video/scripts/front.js?ver=1593110346
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f61929a6118b8e6aaa0431b8d6677a0818f385e434d2acff9edacec5238617e6

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 18:39:06 GMT
server
Akamai
etag
"5ef4ef4a-34d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1359619
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
376
expires
Sat, 29 May 2021 10:33:25 GMT
longform.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		272 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/longform.min.js?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:26:57 GMT
server
Akamai
etag
"60677001-110"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1391681
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
202
expires
Sat, 29 May 2021 19:27:47 GMT
fs-event-preview.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/fs-event-preview.min.js?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:26:57 GMT
server
Akamai
etag
W/"60677001-5ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1391625
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
485
expires
Sat, 29 May 2021 19:26:51 GMT
delivery.js
assets.revcontent.com/master/ 		360 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0247ea31301c2ab60feb2588244ba025b64b5f93160ba023a692cee10b79bd04

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 16:38:13 GMT
server
AmazonS3
x-amz-request-id
S6NEX3T9W378Z4SX
etag
"e7bf963fb595899180f837212348ac31"
x-hw
1620924786.cds147.fr8.hn,1620924786.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
103637
x-amz-id-2
lSAXko0jfwU0hgovM/a+SFYAyMzmuwYsaxhr3Tpr7NfbJlYv4PxO5v5hwQgL0Bl1fh+hina72EI=
main.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/main.min.js?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
cac9ca1d702b834da088656a85e83c599af4b71852a8b28d17d7ebdf362fd177

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:26:58 GMT
server
Akamai
etag
W/"60677002-7346"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1391740
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
9238
expires
Sat, 29 May 2021 19:28:46 GMT
network-nav.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.min.js?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
d4ec213372e68dac893b5e32b3a9f275e4f74d69837e929ec1bca220106bfb08

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:27:18 GMT
server
Akamai
etag
W/"60677016-9668"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1170949
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
13810
expires
Thu, 27 May 2021 06:08:55 GMT
bundled-scripts.min.js
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 		946 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/bundled-scripts.min.js?ver=2.67.7
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 19:27:05 GMT
server
Akamai
etag
W/"60677009-3b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1391757
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
455
expires
Sat, 29 May 2021 19:29:03 GMT
wp-embed.js
cdn.fansided.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-includes/js/wp-embed.js?ver=4.9.17
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 05:56:48 GMT
server
Akamai
etag
W/"6077d5a0-c68"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2580564
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
content-length
1243
expires
Sat, 12 Jun 2021 13:42:30 GMT
sfp.js
native.sharethrough.com/assets/ 		230 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js?ver=4.9.17
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-85.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2048b69d21dd2112d872eefdab41dd78a47109d79461f7359a673327291d5d3d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:13:08 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 17:11:24 GMT
server
AmazonS3
age
2499
etag
W/"21985defff44481c350d4abb91b4472e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
nfHj-eY-BU0vAW3IYOWMXYtGJLieDpuLl2xLHFoEZ10TuiReDS4MbQ==
expires
Wed, 12 May 2021 18:11:23 GMT
css
fonts.googleapis.com/ 		9 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3d57490a237e750d92a0e3fcaf0e52f398aa3b0e35701dcce709eef1435fe17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.fansided.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 May 2021 16:53:06 GMT
server
ESF
date
Thu, 13 May 2021 16:53:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 May 2021 16:53:06 GMT
8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cinzel/v11/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67902d0eff4e6841fff7a38d9dba092e0f772e741b6c02ba44906d663c8c37ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 21:07:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:56:43 GMT
server
sffe
age
589548
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13220
x-xss-protection
0
expires
Fri, 06 May 2022 21:07:18 GMT
FontSided1dot5.woff
cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/FontSided1dot5.woff?v=1.5
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai /
Resource Hash
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae

Request headers

Origin
https://winteriscoming.net
Referer
https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-user-agent
standard
last-modified
Fri, 02 Apr 2021 19:26:44 GMT
server
Akamai
etag
"60676ff4-4bec"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=1805788
date
Thu, 13 May 2021 16:53:06 GMT
x-cache-config
0 0
accept-ranges
bytes
content-length
19436
expires
Thu, 03 Jun 2021 14:29:34 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 20:40:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
159148
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Wed, 11 May 2022 20:40:38 GMT
https%3A%2F%2Fapp.fansided.com%2Fmedia%2F1600281975830-Natalie-headshot-clear.jpg
images2.minutemediacdn.com/image/fetch/c_fill,g_auto,h_200,w_200,f_auto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,g_auto,h_200,w_200,f_auto/https%3A%2F%2Fapp.fansided.com%2Fmedia%2F1600281975830-Natalie-headshot-clear.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6664b1b1e3b7d5d19c85b63e90fad0f50167a35982ebf1817ac057e366e80cf4

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
last-modified
Wed, 16 Sep 2020 18:46:31 GMT
x-timer
S1617898622.818536,VS0,VE1
etag
"7aeb57c3f2d24be4f2757a33eb917bf8"
x-served-by
cache-wdc5524-WDC
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31480699
x-cache-hits
1
content-disposition
inline; filename="1600281975830-Natalie-headshot-clear.webp"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
2882
expires
Thu, 20 May 2021 16:53:06 GMT
memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d850554475a4336419ae7485d6381151d076a6db032975f193197af9fc775af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 01:44:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:48 GMT
server
sffe
age
227338
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13880
x-xss-protection
0
expires
Wed, 11 May 2022 01:44:08 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 01:50:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
226949
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Wed, 11 May 2022 01:50:37 GMT
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:400|Open+Sans:400,400i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:37 GMT
server
sffe
age
4144
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13780
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:02 GMT
308128
www.riddle.com/a/ Frame 6DF8 		67 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/a/308128?
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
4fcf2b8d7d89b5b04715acc90824dd9288943e8287ddc68a15a0a6caf0ebd894

Request headers

:method
GET
:authority
www.riddle.com
:scheme
https
:path
/a/308128?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sid=6f19212421df7bdef3e985d33311a9ae; path=/; secure; HttpOnly; SameSite=None
cache-control
max-age=0, must-revalidate, private
date
Thu, 13 May 2021 16:53:06 GMT
expires
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
embed
omny.fm/shows/take-the-black-podcast/playlists/podcast/ Frame 6663 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454694d534e0c78f2903288b2850091bee9d3b1d8bc6e6e5b0081670d76a5d72

Request headers

:method
GET
:authority
omny.fm
:scheme
https
:path
/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-type
text/html; charset=utf-8
cache-control
public, max-age=900
expires
Thu, 13 May 2021 16:54:59 GMT
last-modified
Thu, 13 May 2021 16:39:59 GMT
vary
*, Accept-Encoding
p3p
CP="CAO PSA OUR"
cf-cache-status
HIT
age
787
cf-request-id
0a083e7fb20000177239bda000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64ed66ac4ed91772-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
sp_ZmrvuyvQ
launcher.spot.im/spot/ 		424 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_ZmrvuyvQ
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-210.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
64f461d1a9f6c520fa8119c1ddca40ef86931ab882cc19c71bdef84885c6cc37

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
br
server
fasthttp
cache-control
max-age=600
content-type
application/javascript; charset=UTF-8
content-length
96427
expires
Thu, 13 May 2021 17:03:06 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 11:48:24 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
18283
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
j7DUhl9__87FCBP6KWfxIUV03BKzJjjGuP1wvineUXLpgg6upJ88Nw==
pubads_impl_2021051001.js
securepubads.g.doubleclick.net/gpt/ 		303 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 May 2021 08:38:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109340
x-xss-protection
0
expires
Thu, 13 May 2021 16:53:06 GMT
bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 		39 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v10/bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://cdn.fansided.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 21:40:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155531
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22073
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:36:29 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 May 2022 21:40:55 GMT
HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 		30 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v10/HqHm7BVC_nzzTui2lzQTDaCWcynf_cDxXwCLxiixG1c.ttf
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://cdn.fansided.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 23:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149748
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18810
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:38:15 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 May 2022 23:17:18 GMT
7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
fonts.gstatic.com/s/titilliumweb/v4/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://cdn.fansided.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 10:04:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Aug 2014 23:53:55 GMT
server
sffe
age
370137
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15504
x-xss-protection
0
expires
Mon, 09 May 2022 10:04:09 GMT
anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
fonts.gstatic.com/s/titilliumweb/v4/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://cdn.fansided.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Aug 2014 23:51:47 GMT
server
sffe
age
4126
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15292
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:20 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.242.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-242-100.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:36:45 GMT
via
1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
982
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
7wCbapFk-9Lmx_dA5-UVXXLuamOdomnbcC0I8ixq5DL2iP6AmHRccw==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/67AA)
Age
63
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
gammamaximum.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.48.190.35.bc.googleusercontent.com
Software
/
Resource Hash
2ed5eafcdeab063370d4f5a420608633bfe79c0897e39a092c541cba22895ae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"a99662b1aaf60b1dbdbcbe886326c5f2f8ef1f7c2f49c7e863cc9a258e5097e2"
vary
Accept-Encoding, Accept-Language
x-hostname
eef55514
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Thu, 13 May 2021 16:53:06 GMT
timing-allow-origin
*
minutemediaplus.js
middycdn-a.akamaihd.net/publishers/ 		456 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://middycdn-a.akamaihd.net/publishers/minutemediaplus.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
48e42ea86f89e5cfc82043f292ddceeecabb0109d0aa068f7ab8b2eca128a76b

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dtx2fKnRLWtfk.KlZlnM4AYOEH_LkE9r
ETag
"a637dfb7eb9caf327806f95f83c9a0f5"
x-amz-request-id
1C6D7C11FE551246
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
456
x-amz-id-2
Yevtcc7EitPgYIoia9D8s9nFD3XEe1iZS3qmtBu2XeiK6nMZfEIq0ymbsl4/1gqQLweFQ21JT0g=
Last-Modified
Wed, 03 Jun 2020 10:27:46 GMT
Server
AmazonS3
Date
Thu, 13 May 2021 16:53:06 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 13 May 2021 17:53:06 GMT
anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
fonts.gstatic.com/s/titilliumweb/v4/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
Requested by
Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style-wic.css?ver=2.67.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://cdn.fansided.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:35:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Aug 2014 23:51:49 GMT
server
sffe
age
584245
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14692
x-xss-protection
0
expires
Fri, 06 May 2022 22:35:41 GMT
https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2019%2F10%2FJon-Snow-season-3-wildlings-850x560.jpg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2019%2F10%2FJon-Snow-season-3-wildlings-850x560.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29d2b25fa85905bb005ef172e8cc97f6f6276c55a266ae9c89c98e0d8e98cd04

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
last-modified
Tue, 13 Apr 2021 17:29:57 GMT
x-timer
S1619655925.807064,VS0,VE1
etag
"651031fd79145300b2fae9020d66712f"
x-served-by
cache-wdc5560-WDC
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31480699
x-cache-hits
1
content-disposition
inline; filename="Jon-Snow-season-3-wildlings-850x560.webp"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
10768
expires
Thu, 20 May 2021 16:53:06 GMT
https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2019%2F05%2FArya-Stark-boat-The-Children.jpg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2F2019%2F05%2FArya-Stark-boat-The-Children.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
607991f891db3c5fe48ebfcc8cc10a00c16452aaf5587951023b2441adc3d70b

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
last-modified
Tue, 13 Apr 2021 17:05:07 GMT
x-timer
S1619752314.067166,VS0,VE60
etag
"f6e43d9594dfe7028ef5562a8e0f91c9"
x-served-by
cache-wdc5561-WDC
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31480699
x-cache-hits
0
content-disposition
inline; filename="Arya-Stark-boat-The-Children.webp"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
4776
expires
Thu, 20 May 2021 16:53:06 GMT
https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F03%2Fie_64431-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F03%2Fie_64431-850x560.jpeg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
150112b1716556aa87026b2bfeb405b98e02597682e8bcd642f0e5197e998707

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
last-modified
Wed, 24 Mar 2021 17:42:29 GMT
x-timer
S1619795987.310950,VS0,VE75
etag
"215d61c2ed9b33f28ad150305cff9956"
x-served-by
cache-wdc5575-WDC
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31480699
x-cache-hits
0
content-disposition
inline; filename="ie_64431-850x560.webp"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
7550
expires
Thu, 20 May 2021 16:53:06 GMT
https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F01%2Fie_59000-850x560.jpeg
images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.minutemediacdn.com/image/fetch/c_fill,w_268,h_167,g_auto,f_auto/https%3A%2F%2Fwinteriscoming.net%2Ffiles%2Fimage-exchange%2F2021%2F01%2Fie_59000-850x560.jpeg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
59f8d5a25924ec3010749debd4f4b6604639b151429dd4e0fc547b59a06bdcb7

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
last-modified
Tue, 13 Apr 2021 16:03:57 GMT
x-timer
S1619855232.119478,VS0,VE1
etag
"192af41754544942f12e2421f127d506"
x-served-by
cache-wdc5551-WDC
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31480699
x-cache-hits
1
content-disposition
inline; filename="ie_59000-850x560.webp"
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
8580
expires
Thu, 20 May 2021 16:53:06 GMT
geo2.js
cdn3.optimizely.com/js/ Frame 282E 		295 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo2.js?cb=1620924786898
Requested by
Host: d3ujids68p6xmq.cloudfront.net
URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.45.103.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-103-78.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f4594634ae49556e011269584ce065f26b63e7c67f7182a980ab6ac8916ff2f3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
NZ7CRE7BTGDHZ1R3
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=9142
Date
Thu, 13 May 2021 16:53:06 GMT
Connection
keep-alive
Content-Length
295
x-amz-id-2
DAvXgr9JdkWMpwawCyYObuunXb4hZGsXAkERTmx7JbO4trC7OWcAMtmOZVXq0xAKdmbL1/9gTvQ=
;ord=1620924786899
ad.doubleclick.net/ddm/ad/pvpiqqddh/yxggxwzgh/sguccp/fpa/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/ad/pvpiqqddh/yxggxwzgh/sguccp/fpa/;ord=1620924786899?
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ZmrvuyvQ/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ZmrvuyvQ/v2?platform=Desktop
Protocol
H2
Server
2.16.107.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-155.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://winteriscoming.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id
access-control-expose-headers
access-control-max-age
86400
date
Thu, 13 May 2021 16:53:07 GMT
events
direct-events-collector.spot.im/api/v2/ 		0
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.150.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-150-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
server
fasthttp
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
20
x-amz-cf-id
M6SRj3EY5vqfLvAq0F9jn8pBMaa9Bn5BJNXZHSDGCOVt2I9O7gjCYw==
expires
Sat, 14 May 2022 16:53:06 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ZmrvuyvQ/ 		20 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_ZmrvuyvQ/v2?platform=Desktop
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-155.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
077860ef5bf21cc8ffb37d78bdc0513a7df152e1d0d221b64e2e110090e744e8

Request headers

x-spot-id
sp_ZmrvuyvQ
x-spotim-page-view-id
585de4e1-8732-4b02-a425-64571302eb9a
x-guid
null
Referer
https://winteriscoming.net/
x-post-id
7a862fb92386951e9a96a55e512702e4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id
content-length
2619
x-request-id
b0f85fb7-b40b-11eb-8f62-aa6c763d73e3
access-control-expose-headers
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:06 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
20
x-amz-cf-id
M6SRj3EY5vqfLvAq0F9jn8pBMaa9Bn5BJNXZHSDGCOVt2I9O7gjCYw==
expires
Sat, 14 May 2022 16:53:06 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
device_load
events-collector.spot.im/api/v1/ 		36 B
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events-collector.spot.im/api/v1/device_load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-139.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
c065073d48a6bff3d1775b1dbf0036ae2a026bb2390ed2c570adf6f0d004d36c

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:07 GMT
server
fasthttp
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://winteriscoming.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
36
expires
Thu, 13 May 2021 16:53:07 GMT
jquery.min.js
www.riddle.com/assets/website/vendor/js/jquery/1.12.4/ Frame 6DF8 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/assets/website/vendor/js/jquery/1.12.4/jquery.min.js
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.riddle.com/a/308128?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Sat, 12 Oct 2019 06:56:36 GMT
etag
W/"5da17924-17b8b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public
expires
Thu, 27 May 2021 16:53:07 GMT
angular.min.js
www.riddle.com/assets/js/lib/ Frame 6DF8 		159 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/assets/js/lib/angular.min.js
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
e9a0e0b134f1411b7b143bcdad9da50fc38b1ac3b9bc57b029ebbc9932e05183

Request headers

Referer
https://www.riddle.com/a/308128?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Sat, 12 Oct 2019 06:56:36 GMT
etag
W/"5da17924-27d4c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public
expires
Thu, 27 May 2021 16:53:07 GMT
kendo.MediaPlayerPackage.min.js
www.riddle.com/assets/website/vendor/js/kendo/ Frame 6DF8 		287 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/assets/website/vendor/js/kendo/kendo.MediaPlayerPackage.min.js
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
78944ddc802cff3d466c7f6df8beb7fa1b26b00e8a4873b5af628c60f8feb7a9

Request headers

Referer
https://www.riddle.com/a/308128?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 10:01:23 GMT
etag
W/"5ec3ae73-47a03"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600, public
expires
Thu, 27 May 2021 16:53:07 GMT
personality-app.js
www.riddle.com/app/ Frame 6DF8 		551 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/app/personality-app.js?id=1617791406
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
8ccc8dbfbc617fe6da1ac19caf5c5e88890bdc44b0cc7851a4287590765666b1

Request headers

Referer
https://www.riddle.com/a/308128?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 10:30:06 GMT
etag
W/"606d89ae-89dcc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 20 May 2021 16:53:07 GMT
font-awesome.min.css
cdn.riddle.com/website/assets/fontawesome/css/ Frame 6DF8 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.riddle.com/website/assets/fontawesome/css/font-awesome.min.css?id=
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.riddle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Sun, 25 Nov 2018 10:48:34 GMT
etag
W/"5bfa7e02-7918"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 27 May 2021 16:53:07 GMT
kendo.common-bootstrap.min.css
www.riddle.com/assets/website/vendor/css/ Frame 6DF8 		290 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/assets/website/vendor/css/kendo.common-bootstrap.min.css
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
e23e5cf4a79f944047830e837941be9f23d03550d1dc699c3c4554ae98b4b5b4

Request headers

Referer
https://www.riddle.com/a/308128?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 10:01:23 GMT
etag
W/"5ec3ae73-488a2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public
expires
Thu, 27 May 2021 16:53:07 GMT
kendo.bootstrap.min.css
www.riddle.com/assets/website/vendor/css/ Frame 6DF8 		80 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/assets/website/vendor/css/kendo.bootstrap.min.css
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
d39f9fa24f855a7884fa9a70885b026963f845ead2e47576e8d0101eb78dac39

Request headers

Referer
https://www.riddle.com/a/308128?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 10:01:23 GMT
etag
W/"5ec3ae73-13f78"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public
expires
Thu, 27 May 2021 16:53:07 GMT
embed.css
www.riddle.com/assets/css/ Frame 6DF8 		209 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.riddle.com/assets/css/embed.css?id=1611929606
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
4edd9e9f4bbab1c9c4bd2174e3b44e81fe9f3acc328d533524393e72ca5345de

Request headers

Referer
https://www.riddle.com/a/308128?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 14:13:26 GMT
etag
W/"60141806-34504"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600, public
expires
Thu, 27 May 2021 16:53:07 GMT
embed.vendor-d1db9c707f.css
assets.omny.fm/bundles/ Frame 6663 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.omny.fm/bundles/embed.vendor-d1db9c707f.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b8af617db841e5e0496e80ed0ec520f6d29700f0ed86929a206d6ba1b5f343

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
2528
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a083e814d000017721a88a000000001
last-modified
Mon, 19 Apr 2021 06:24:00 GMT
server
cloudflare
etag
W/"0cb9b4e657dc4b30ab0fb585e5549182"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
cf-ray
64ed66aeebd81772-FRA
x-amz-cf-id
XJm9IvQa8IVoxCQ2vP0iA2HlWxP25EZyclMJRu0aTxuToAmYRQyRzw==
embed-a02285269b.css
assets.omny.fm/bundles/ Frame 6663 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.omny.fm/bundles/embed-a02285269b.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d83c408a0e00c7fa6789bdc95e0032137f6766cc128c8aab981b4dd2cb399b

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
vary
Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
4105
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a083e814d000017720aba4000000001
last-modified
Fri, 09 Apr 2021 02:58:02 GMT
server
cloudflare
etag
W/"5dbdf33ddb353f094e89d98dd41e4ec1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
cf-ray
64ed66aeebdb1772-FRA
x-amz-cf-id
Rf-ecix9SbCjOi5SLgkrom_oiU2W06ij3yGy2iLT8Ron0H2BFRDT4g==
embed.vendor-ae1da1defc.js
assets.omny.fm/bundles/ Frame 6663 		785 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.omny.fm/bundles/embed.vendor-ae1da1defc.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a40e45d9fe1f9a25876629eaf1d0a953dc5cc071db088589d9b00b50a24a77e

Request headers

Origin
https://omny.fm
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 775cd0b093a30ced209f658bde513a5a.cloudfront.net (CloudFront)
vary
Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
877
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a083e815d00002bce53038000000001
last-modified
Fri, 19 Mar 2021 01:54:00 GMT
server
cloudflare
etag
W/"957c7f7b7b98775ed3ca43b13a2a44d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
x-amz-cf-pop
FCO50-C2
cf-ray
64ed66aef9bd2bce-FRA
x-amz-cf-id
yrsnH1v3b51ZrrZoVViPZILuutOuCFPCqRWaf92YQS4Cckx2g-RG2Q==
embed-5007945400.js
assets.omny.fm/bundles/ Frame 6663 		269 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.omny.fm/bundles/embed-5007945400.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7edeb0a4ccf589a08cad9102cbba6d0438311ece53b3a9a166ab52fa968a0f

Request headers

Origin
https://omny.fm
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
3466
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a083e815c00002bce791f8000000001
last-modified
Fri, 07 May 2021 04:42:05 GMT
server
cloudflare
etag
W/"455c5b9081d60ede164ec1b55f65617d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
x-amz-cf-pop
CDG3-C2
cf-ray
64ed66aef9c52bce-FRA
x-amz-cf-id
PIsXbejAZkrv7KW5VW13CG2v0Zi--E2C7EFdYqBBxxgAUWqdCwG7pQ==
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
/
trends.revcontent.com/api/demand/ 		52 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=139818
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
bootstrap.js
middycdn-a.akamaihd.net/bootstrap/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/publishers/minutemediaplus.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
22ac7ccc3bcfb226b1219334a20053d313ea8ab679ab5f7834c0594ef690914b

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DH5piqxqD.dYNNdepQVwMDiMQkN.IONi
Content-Encoding
gzip
ETag
"40a91b4febc47180bf6f67288e5567ca"
x-amz-request-id
ZGTMNDD32PTN5ZQF
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
10430
x-amz-id-2
F0Q/4ksLIS7/0R2ffN5WVUZYPjfB5JIph61FdUlrFnp2ychNoe8dAFBxgcyjRwSCPYSX68zZ1Ns=
Last-Modified
Thu, 13 May 2021 11:17:04 GMT
Server
AmazonS3
Date
Thu, 13 May 2021 16:53:07 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 13 May 2021 17:53:07 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1620924787023&ns_c=UTF-8&cv=3.5&c8=QUIZ%3A%20Which%20Game%20of%20Thrones%20House%20do%20you%20belong%20to%3F&c7=https%3A%2F%2Fwint...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1620924787023&ns_c=UTF-8&cv=3.5&c8=QUIZ%3A%20Which%20Game%20of%20Thrones%20House%20do%20you%20belong%20to%3F&c7=https%3A%2F%2Fwin...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1620924787023&ns_c=UTF-8&cv=3.5&c8=QUIZ%3A%20Which%20Game%20of%20Thrones%20House%20do%20you%20belong%20to%3F&c7=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&c9=
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.242.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-242-100.vie50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
hg1ota_37R2YEMTBfI1Xr0ir6X1VivTI019ncPey6k0veyMtFduKPQ==

Redirect headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1620924787023&ns_c=UTF-8&cv=3.5&c8=QUIZ%3A%20Which%20Game%20of%20Thrones%20House%20do%20you%20belong%20to%3F&c7=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&c9=
content-length
416
x-amz-cf-id
Migh8gHqsY0H8kFNWdTBzjvK4d1mFmd2FSu1otrfqu13VwryQ3v_Ig==
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame BD5B 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwinteriscoming.net
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winteriscoming.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
156145
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 13 May 2021 16:53:07 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
/
trends.revcontent.com/api/demand/ 		52 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=142176
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		234 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/winteriscoming.net/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d70547ab2a0d9b1447b5542762fb2e408e7b88c067ff23da9e19866c964dc72

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 13 May 2021 16:52:13 GMT
content-encoding
br
last-modified
Mon, 10 May 2021 21:21:25 GMT
server
AmazonS3
age
54
etag
W/"3d1892fd1376f6643083f00109da0e58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
2vyqnkTfC6Gk_rB7erIMZhIQDXTgkPVrii_FBGat2NC69rRoLTrozg==
gtm.js
www.googletagmanager.com/ Frame 6663 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b7ecf290440d368a28fc0f040065a0258fc73f6b263fd9c82a7d5652193bf18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38504
x-xss-protection
0
last-modified
Thu, 13 May 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 May 2021 16:53:07 GMT
raygun.min.js
cdn.raygun.io/raygun4js/ Frame 6663 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a200:17:62f0:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53dd1e0500d8c43a4a79e8ee638f4b5a100d88da17ebfa8c6d7c10ff320c1b38

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:30:40 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 21:17:22 GMT
server
AmazonS3
age
4948
etag
W/"778df06aaa34da64c056890e581f59f2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
zycgtm4EIHdqcdTjP8SRx24qEn4LRS3JlTw9gd7my5u4uBwDKYuTyQ==
supply
events.browsiprod.com/events/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=aqOeRnJOBW
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.42.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-42-89.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
v4
yield-manager.browsiprod.com/supply/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v4?sk=winteriscoming&url=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F&bid=aqOeRnJOBW&at=QUIZ%3A%20Which%20Game%20of%20Thrones%20House%20do%20you%20belong%20to%3F&sw=1600&sh=1200&qp=a_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.188.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-188-165.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.1 /
Resource Hash
69c04b224da0b06518a50f1adba8bfeb60f0e0a43ff923088b11d9b0d126a4cb

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.1
content-type
application/json
7a862fb92386951e9a96a55e512702e4
api-2-0.spot.im/v1.0.0/config/ab_test/sp_ZmrvuyvQ/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_ZmrvuyvQ/7a862fb92386951e9a96a55e512702e4
Protocol
H2
Server
2.16.107.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-155.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://winteriscoming.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Thu, 13 May 2021 16:53:07 GMT
7a862fb92386951e9a96a55e512702e4
api-2-0.spot.im/v1.0.0/config/ab_test/sp_ZmrvuyvQ/ 		93 B
806 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_ZmrvuyvQ/7a862fb92386951e9a96a55e512702e4
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-155.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
0df746adb7b920bb59febfde208313594acfdfd0843a4a794b51b745ab43be92

Request headers

Accept
application/json
Referer
https://winteriscoming.net/
x-spotim-page-view-id
585de4e1-8732-4b02-a425-64571302eb9a
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-spotim-device-uuid
10d83659-9dbe-4401-9b80-2deecaadbd3b

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
93
x-request-id
b10aebaf-b40b-11eb-92cd-a2a0451eb1c6
conversation.svg
static-cdn.spot.im/production/launcher/tags/v2.53.5/launcher/ 		2 KB
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.53.5/launcher/conversation.svg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e175230f4b01fe10db90b19b9893d3ee21f6cca46da1aca166983aff7ff6fc7d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bzr5pBpevnTxZ0yGOM0c4HerkHCJyWeF
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 12:24:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
etag
"199fb22f13e905d1f34cf988659ea4d0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
date
Thu, 13 May 2021 16:53:07 GMT
accept-ranges
bytes
content-length
675
x-amz-cf-id
MJRMReU_VD8sv7mgdVr1IZsYeZScRx5u7ZVvN2moamhp6V0SFlaYNQ==
expires
Sat, 14 May 2022 16:53:07 GMT
embed.icons-sprite.svg
assets.omny.fm/bundles/ Frame 6663 		313 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.omny.fm/bundles/embed.icons-sprite.svg?v=0de16281afa46c5aa21001acb0f910f100a5cff6
Requested by
Host: assets.omny.fm
URL: https://assets.omny.fm/bundles/embed.vendor-ae1da1defc.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67df28796000ae955dd87b48fa364a710d89918d505ce765aa6f31456d63445e

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
2112
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a083e823500004abd2f3da000000001
last-modified
Thu, 08 Apr 2021 23:03:08 GMT
server
cloudflare
etag
W/"05233597d17222cd5ca426b520e593e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-pop
FRA53-C1
cf-ray
64ed66b058154abd-FRA
x-amz-cf-id
ZwU1jH8T26bq39ii0Vl6JeL8mUppTyIVAtenAsXfBLY6512eAJY7eQ==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame 6663 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 14:38:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8057
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 May 2022 14:38:50 GMT
Aggjda
ad.doubleclick.net/ddm/adj/Bdaadh/ 		11 B
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/Bdaadh/Aggjda
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
middy-desktop-3.6.2.js
middycdn-a.akamaihd.net/sd/apps/middy/ 		297 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://middycdn-a.akamaihd.net/sd/apps/middy/middy-desktop-3.6.2.js
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4ac3464fe96c2ff843d29b063829627ff89a598185d169c4506c5d05b0949f1c

Request headers

Origin
https://winteriscoming.net
Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
n5XSFm1rAjIXh3g2mNqhC1EuWuinXlP.
Content-Encoding
gzip
ETag
"db233a3793732d97057b0ef149932225"
x-amz-request-id
6QN0K6MTVWHFFAY0
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Alt-Svc
h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-amz-id-2
gzctOaW0URSIwT8ASX65FQBZ2jn25cNkukjR205J7aiKKi2AXS4lzGL+i4ECnpv6E6JPCPPjyb0=
Last-Modified
Thu, 13 May 2021 15:23:22 GMT
Server
AmazonS3
Date
Thu, 13 May 2021 16:53:07 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sat, 12 Jun 2021 16:53:07 GMT
podcast
omny.fm/api/embed/shows/take-the-black-podcast/playlist/ Frame 6663 		351 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://omny.fm/api/embed/shows/take-the-black-podcast/playlist/podcast
Requested by
Host: assets.omny.fm
URL: https://assets.omny.fm/bundles/embed.vendor-ae1da1defc.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adda655c3a8cc36748679a0e92f5342e91aef91261fc6d2f3d007bc2e4f92cdc

Request headers

Accept
application/json, text/plain, */*
Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
108
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=120
access-control-allow-headers
Content-Type
cf-ray
64ed66b0ddfe177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a083e828b0000177a96026000000001
Bree%20Serif-main.css
cdn.riddle.com/website/fonts/GoogleFonts/Bree%20Serif/css/ Frame 6DF8 		253 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.riddle.com/website/fonts/GoogleFonts/Bree%20Serif/css/Bree%20Serif-main.css
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/app/personality-app.js?id=1617791406
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
2a571ed6f812ebbd6147e9943c18080da219219ade8862d012e321e68585c81e

Request headers

Referer
https://www.riddle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
last-modified
Thu, 30 Jul 2020 13:50:29 GMT
etag
"5f22d025-fd"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
253
expires
Thu, 27 May 2021 16:53:07 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 9E86 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Mon, 10 May 2021 06:54:31 GMT
expires
Tue, 10 May 2022 06:54:31 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
295116
cache-control
public, immutable, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		153 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5f9c5c7d2673f760dcd7cc3d67b021d8c628d4097c4a1b27e871ce2d1560ea3

Request headers

Accept
application/json, text/plain, */*
Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 03:01:37 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
49891
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 13 May 2021 03:01:35 GMT
server
AmazonS3
etag
W/"a8dec9559a3994c7d4f4631858d39682"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 e544866f1454c4458d3a6644b47d065f.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
Scb7SYrXmTz54rlt7xWca2EL_3BO4YKNfu2-kXUZ6V8LpTk9Pp3fsg==
/
trends.revcontent.com/api/delivery/ 		25 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=139818&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&icr_url=&revsub[hostname]=winteriscoming.net&va=1&time=1620924787557&up=pc&bn=chrome&bv=89&widget_width=830
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
3f6c775069eb7d0df59730bad968e32ed1e4f5f968c56259f09f882ed22c4920
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://winteriscoming.net
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
10206
/
trends.revcontent.com/api/delivery/ 		8 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=142176&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&icr_url=&revsub[hostname]=winteriscoming.net&va=1&time=1620924787558&up=pc&bn=chrome&bv=89&widget_width=300
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
855a5c9a8e65aee9bdebe4ca751bceaa7c1dfb2e853567c4c98e790b2162e484
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://winteriscoming.net
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
3839
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D216 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winteriscoming.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=139139
Expires
Sat, 15 May 2021 07:32:06 GMT
Date
Thu, 13 May 2021 16:53:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=3685782002405673524
86 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=3685782002405673524
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:07 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid
39ad121e-9596-4f60-8a80-83945fd3c6ba
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=3685782002405673524
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=b148db5b-b40b-11eb-9e6a-1974e5cf0406
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=b148db5b-b40b-11eb-9e6a-1974e5cf0406
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Thu, 13 May 2021 16:53:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
43
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Thu, 13 May 2021 16:53:07 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=b148db5b-b40b-11eb-9e6a-1974e5cf0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2&verify=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-S5ymd5NE2uH9czYYwMKx0oA.N9CL1xZB~A~UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
86 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-S5ymd5NE2uH9czYYwMKx0oA.N9CL1xZB~A~UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Thu, 13 May 2021 16:53:08 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-S5ymd5NE2uH9czYYwMKx0oA.N9CL1xZB~A~UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
Connection
keep-alive
Content-Length
0
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=b1490efe-b40b...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=b1490eb8-b40b-11eb-a195-1860f0710506
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=b1490eb8-b40b-11eb-a195-1860f0710506
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Thu, 13 May 2021 16:53:07 GMT
Server
nginx
Location
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=b1490eb8-b40b-11eb-a195-1860f0710506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
63
Connection
keep-alive
Content-Length
0
710530.gif
di.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
via
1.1 google
alt-svc
clear
content-length
0
vendors-main-chunk.js
static-cdn.spot.im/production/ads/tags/v16.6.7/ads/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v16.6.7/ads/vendors-main-chunk.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
42213451aa623fd3aece028309ec6a7297ba1c8ed5b321118a451d8c6cf836e0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
6614
expires
Sat, 14 May 2022 16:53:07 GMT
main-chunk.js
static-cdn.spot.im/production/ads/tags/v16.6.7/ads/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v16.6.7/ads/main-chunk.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
b8b13e33b045cdbc031d5e22906a3d9219e563082a55f982f733267fd71d0985

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
5622
expires
Sat, 14 May 2022 16:53:07 GMT
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-C1
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
4191
x-amz-cf-id
nCXpde52E0bueSYBgiKH9ZzIEKFdheoIh_wB55dXplSy5MVmzjZFGw==
expires
Sat, 14 May 2022 16:53:07 GMT
css
fonts.googleapis.com/ Frame 6663 		6 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ced502ac5573ccd197c3f0b1019323a5bc79954b290499a15bbb08b2854ad6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 May 2021 16:21:33 GMT
server
ESF
date
Thu, 13 May 2021 16:53:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 May 2021 16:53:07 GMT
settings
syndication.twitter.com/ Frame BD5B 		256 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=1a71709ff08d20432346e732f5c90c1d33dd352d
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwinteriscoming.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 16:53:07 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
b471d0425012e0a1fe5e5d6404d29f3347151e51f77f5e85089fa7df2da792e8
content-length
176
js
www.googletagmanager.com/gtag/ Frame 6663 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3QV3RVYDQ7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ffa8379bb36a946af8a6583a802ad5a74683a0aa01994f051edfd863b434d88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46144
x-xss-protection
0
expires
Thu, 13 May 2021 16:53:07 GMT
analytics.js
www.google-analytics.com/ Frame 6663 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQLML6N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1575
date
Thu, 13 May 2021 16:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 13 May 2021 18:26:52 GMT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 8D46 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f79251795bee966eabc621ed72551e7884ca501284ea757d496df7c0a738722

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:34:01 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 09:59:22 GMT
server
AmazonS3
age
1147
etag
W/"41e87284f0e9d616691341c9825af95c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
8wO1bRCF9CP2U3UHJ2zZDWoHD5U3jdv_
via
1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
YH1qd39_MhuVsU97oCttRBQQIigW4JqNNgY9_xjdXCnBsqchxT-qYg==
hb_270443_5178.js
player.spotim.market/prebidlink/450256/ Frame 8D46 		353 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f67c9fc7ad0558c58898685bd853127c9a0e975fea5ab9bae88071157c7c440d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 11:55:30 GMT
server
nginx
etag
W/"609d13b2-58490"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 13 May 2021 17:53:07 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8D46 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5591ede83d1f0abe213a680bec0de9abff316625ff666c88d2f89ca36be2542d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"870 / 587 of 1000 / last-modified: 1620904231"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21356
x-xss-protection
0
expires
Thu, 13 May 2021 16:53:07 GMT
wrapper_hb_270443_5178.js
player.spotim.market/prebidlink/450256/ Frame 8D46 		83 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/450256/wrapper_hb_270443_5178.js
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a168b5bcc2cbef69ae7f7a0a2278afe01397c072fb328fb9e2e516237edeb3bf

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 15:39:19 GMT
server
nginx
etag
W/"609d4827-14a5e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 13 May 2021 17:53:07 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
supply
events.browsiprod.com/events/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=eb922ffc-2a49-4854-92df-327b62f6beb4
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/sd/apps/middy/middy-desktop-3.6.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.42.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-42-89.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
abd.js
middycdn-a.akamaihd.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://middycdn-a.akamaihd.net/abd.js
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/sd/apps/middy/middy-desktop-3.6.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Origin
https://winteriscoming.net
Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
Content-Encoding
gzip
ETag
"bc70a2c30105ea2f98d83f5ad623fc39"
x-amz-request-id
82A3596F3B7EA029
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1632
x-amz-id-2
17j4RriAZnWoqszlUgTmlmqQCS2Q8lZZfLvT42GQbxMtgqiPjh/nANIRlSgeHW/VdKu8z3dWrfc=
Last-Modified
Sun, 08 Jul 2018 12:47:26 GMT
Server
AmazonS3
Date
Thu, 13 May 2021 16:53:07 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sat, 12 Jun 2021 16:53:07 GMT
supply
events.browsiprod.com/events/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=eb922ffc-2a49-4854-92df-327b62f6beb4
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/sd/apps/middy/middy-desktop-3.6.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.42.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-42-89.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
supply
events.browsiprod.com/events/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=eb922ffc-2a49-4854-92df-327b62f6beb4
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/sd/apps/middy/middy-desktop-3.6.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.42.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-42-89.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:07 GMT
access-control-allow-credentials
true
Bree%20Serif-400.woff2
cdn.riddle.com/website/fonts/GoogleFonts/Bree%20Serif/data/ Frame 6DF8 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.riddle.com/website/fonts/GoogleFonts/Bree%20Serif/data/Bree%20Serif-400.woff2
Requested by
Host: cdn.riddle.com
URL: https://cdn.riddle.com/website/fonts/GoogleFonts/Bree%20Serif/css/Bree%20Serif-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
0f2d9f92453e353ebda2b55eec2ce174f12111820920debab00f156d1297d629

Request headers

Origin
https://www.riddle.com
Referer
https://cdn.riddle.com/website/fonts/GoogleFonts/Bree%20Serif/css/Bree%20Serif-main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
last-modified
Thu, 30 Jul 2020 13:50:30 GMT
etag
"5f22d026-35f0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
13808
expires
Thu, 27 May 2021 16:53:07 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6663 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://omny.fm
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 01:50:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
226950
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Wed, 11 May 2022 01:50:37 GMT
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e0b76ba656a23249e979a497eabbf0df7059dd291e68458d129a21d826c7f54

Request headers

Accept
application/json, text/plain, */*
Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 03:00:35 GMT
content-encoding
br
age
49953
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Sun, 09 May 2021 19:52:29 GMT
server
AmazonS3
etag
W/"296bfb395fdf53cede7f12f48d990c1e"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
tF140c9fwMGO_LkEjbEXfm4uw7sU9rXu
via
1.1 9c157874a076ffdde5f5a44c4371f3a1.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
VIE50-C1
content-type
application/json
x-amz-cf-id
k5Cs3uCcCxtbEw8gng1KrVUiQi37PI99z-UU1l5x3T2C6VxjWmQSZQ==
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6663 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://omny.fm
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
age
370169
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Mon, 09 May 2022 10:03:38 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/playlists/podcast/ Frame 6663 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/image.jpg?t=1599119997&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
cf-cache-status
HIT
age
2015136
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17957
cf-request-id
0a083e84950000177a0f92d000000001
last-modified
Tue, 20 Apr 2021 07:03:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2584563
accept-ranges
bytes
cf-ray
64ed66b42d1c177a-FRA
expires
Thu, 20 May 2021 07:03:34 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6663 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://omny.fm
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 20:40:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
159149
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Wed, 11 May 2022 20:40:38 GMT
waveform
www.omnycontent.com/d/clips/33250137-f269-48a3-86dc-abcd016c932f/da29fca5-54db-4b26-aa65-ac2b008398a4/de5ca692-846d-48d4-a5eb-ad27001f6aac/ Frame 6663 		14 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.omnycontent.com/d/clips/33250137-f269-48a3-86dc-abcd016c932f/da29fca5-54db-4b26-aa65-ac2b008398a4/de5ca692-846d-48d4-a5eb-ad27001f6aac/waveform?t=1620870930&token=RomjV9IydXKa2HwWFhCXrfuxwzbX1HkW
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.6.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-6-35.vie50.r.cloudfront.net
Software
cloudflare /
Resource Hash
786ed2768dc7c5b4f42d80f32f9391164c167fd4baa52f618412cb1821ebb87e

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:59:33 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
age
53615
x-cache
Hit from cloudfront
cf-request-id
0a050c6b0f00003324461f0000000001
access-control-allow-origin
*
last-modified
Thu, 13 May 2021 01:55:30 GMT
server
cloudflare
etag
"0x8D915B23053374F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
content-type
application/json
via
1.1 3cf68d8be617999c7beade955cf69ddd.cloudfront.net (CloudFront)
cache-control
public, max-age=5184000
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
cf-ray
64e849be7bdb3324-CDG
x-amz-cf-id
_18hK3iP5uuNBvlN8nQf1BQ_64WsOZvGQy7EdKJTugMvZxw-JDjxQA==
image.jpg
omny.fm/shows/take-the-black-podcast/bonus-episode-lovecraft-country-chronicles-preview/ Frame 6663 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/bonus-episode-lovecraft-country-chronicles-preview/image.jpg?t=1599166339&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d2309144476c3a4e956019c4a0e7f70f00ff3bda5e8afd4b1916d2052f7366

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015136
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17802
cf-request-id
0a083e853a0000177ae526d000000001
last-modified
Tue, 20 Apr 2021 02:56:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2569750
accept-ranges
bytes
cf-ray
64ed66b52f54177a-FRA
expires
Thu, 20 May 2021 02:56:42 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/benioff-and-weiss-new-show-star-wars-controversy-a/ Frame 6663 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/benioff-and-weiss-new-show-star-wars-controversy-a/image.jpg?t=1599166130&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834bf819b476da3427abb68b3518eed5eb82ced0e324d0317f19f194ffe4c9e

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015136
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17899
cf-request-id
0a083e853b0000177aa01f0000000001
last-modified
Tue, 20 Apr 2021 06:43:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2583355
accept-ranges
bytes
cf-ray
64ed66b52f57177a-FRA
expires
Thu, 20 May 2021 06:43:27 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/new-mutants-dc-fandome-sci-fi-shows-cancelled-and/ Frame 6663 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/new-mutants-dc-fandome-sci-fi-shows-cancelled-and/image.jpg?t=1599165607&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834bf819b476da3427abb68b3518eed5eb82ced0e324d0317f19f194ffe4c9e

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015136
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17899
cf-request-id
0a083e853b0000177ac49cf000000001
last-modified
Tue, 20 Apr 2021 08:42:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2590510
accept-ranges
bytes
cf-ray
64ed66b52f5b177a-FRA
expires
Thu, 20 May 2021 08:42:42 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/house-of-the-dragon-casting-more-targaryens-take-t/ Frame 6663 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/house-of-the-dragon-casting-more-targaryens-take-t/image.jpg?t=1599165521&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834bf819b476da3427abb68b3518eed5eb82ced0e324d0317f19f194ffe4c9e

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015136
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17899
cf-request-id
0a083e853b0000177a06be2000000001
last-modified
Tue, 20 Apr 2021 09:07:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
64ed66b52f5d177a-FRA
expires
Thu, 20 May 2021 09:07:32 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/the-last-airbender-lovecraft-country-and-asoiaf-ta/ Frame 6663 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/the-last-airbender-lovecraft-country-and-asoiaf-ta/image.jpg?t=1599165210&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834bf819b476da3427abb68b3518eed5eb82ced0e324d0317f19f194ffe4c9e

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2073544
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17899
cf-request-id
0a083e853b0000177a9605f000000001
last-modified
Mon, 19 Apr 2021 14:13:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2582393
accept-ranges
bytes
cf-ray
64ed66b52f60177a-FRA
expires
Wed, 19 May 2021 14:13:57 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/comic-con-home-and-2020-emmy-nominations-preview-t/ Frame 6663 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/comic-con-home-and-2020-emmy-nominations-preview-t/image.jpg?t=1599120006&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015137
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17957
cf-request-id
0a083e853c0000177a93b18000000001
last-modified
Tue, 20 Apr 2021 01:55:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2566095
accept-ranges
bytes
cf-ray
64ed66b52f62177a-FRA
expires
Thu, 20 May 2021 01:55:46 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/cursed-review-house-of-the-dragon-update-and-lando/ Frame 6663 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/cursed-review-house-of-the-dragon-update-and-lando/image.jpg?t=1599120030&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
1804703
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17957
cf-request-id
0a083e853c0000177ade049000000001
last-modified
Thu, 22 Apr 2021 19:34:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
64ed66b52f65177a-FRA
expires
Sat, 22 May 2021 19:34:45 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/wic-guide-to-comic-con-and-star-wars-bloat-take-th/ Frame 6663 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/wic-guide-to-comic-con-and-star-wars-bloat-take-th/image.jpg?t=1599120041&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015136
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17957
cf-request-id
0a083e853d0000177ad717b000000001
last-modified
Tue, 20 Apr 2021 06:16:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2581755
accept-ranges
bytes
cf-ray
64ed66b52f67177a-FRA
expires
Thu, 20 May 2021 06:16:47 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/hamilton-the-last-kingdom-and-fancy-video-game-mov/ Frame 6663 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/hamilton-the-last-kingdom-and-fancy-video-game-mov/image.jpg?t=1599120047&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015137
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17957
cf-request-id
0a083e853d0000177a8d98c000000001
last-modified
Tue, 20 Apr 2021 08:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2588926
accept-ranges
bytes
cf-ray
64ed66b52f68177a-FRA
expires
Thu, 20 May 2021 08:16:18 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/star-wars-erased-justice-league-controversy-jason/ Frame 6663 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/star-wars-erased-justice-league-controversy-jason/image.jpg?t=1599120057&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015137
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17957
cf-request-id
0a083e853d0000177acf29d000000001
last-modified
Tue, 20 Apr 2021 02:56:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2569751
accept-ranges
bytes
cf-ray
64ed66b52f6a177a-FRA
expires
Thu, 20 May 2021 02:56:42 GMT
image.jpg
omny.fm/shows/take-the-black-podcast/huge-winds-of-winter-update-take-the-black-live/ Frame 6663 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omny.fm/shows/take-the-black-podcast/huge-winds-of-winter-update-take-the-black-live/image.jpg?t=1599120072&size=Small
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9

Request headers

Referer
https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cf-cache-status
HIT
age
2015136
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17957
cf-request-id
0a083e853d0000177acb9aa000000001
last-modified
Tue, 20 Apr 2021 02:56:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2569750
accept-ranges
bytes
cf-ray
64ed66b52f6e177a-FRA
expires
Thu, 20 May 2021 02:56:42 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:08 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1620924788.cds098.fr8.hn,1620924788.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
last-modified
Wed, 12 May 2021 16:25:32 GMT
etag
"1620836732"
x-hw
1620924788.cds098.fr8.hn,1620924788.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=11772
accept-ranges
bytes
content-length
4298
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:08 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
css2
fonts.googleapis.com/ 		4 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@800&family=Roboto:wght@700&display=swap
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3139ada76ff9b4907268ae944a8617102cd8727eade25bda06983551a20a648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 May 2021 16:49:26 GMT
server
ESF
date
Thu, 13 May 2021 16:53:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 May 2021 16:53:08 GMT
chev-right-small.png
cdn.riddle.com/website/assets/icons/general/ Frame 6DF8 		281 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.riddle.com/website/assets/icons/general/chev-right-small.png
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
6556109b1920a3d7bf965c491c18a213ebf2b025cf281b94b43e637d55d7f386

Request headers

Referer
https://www.riddle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
last-modified
Wed, 27 Feb 2019 10:43:27 GMT
etag
"5c7669cf-119"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
281
expires
Thu, 27 May 2021 16:53:08 GMT
6b71bf8ac61fa66ec0dd4f8b256dcd19.jpg
cdn.riddle.com/embeds/v2/images/q_80,c_fill,w_960,h_540/6b7/ Frame 6DF8 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.riddle.com/embeds/v2/images/q_80,c_fill,w_960,h_540/6b7/6b71bf8ac61fa66ec0dd4f8b256dcd19.jpg
Requested by
Host: www.riddle.com
URL: https://www.riddle.com/a/308128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bc7::1002 , Germany, ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software
/
Resource Hash
210727fe39e1bb52bbfece9c74ff8670b73f1ad4fa81ba782a21da8b70fce905

Request headers

Referer
https://www.riddle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
last-modified
Tue, 06 Apr 2021 16:00:10 GMT
etag
"606c858a-2cff2"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
184306
expires
Thu, 27 May 2021 16:53:08 GMT
collect
www.google-analytics.com/j/ Frame 6663 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=927914677&t=pageview&_s=1&dl=https%3A%2F%2Fomny.fm%2Fshows%2Ftake-the-black-podcast%2Fplaylists%2Fpodcast%2Fembed%3Fstyle%3Dcover&dr=https%3A%2F%2Fwinteriscoming.net%2F&ul=en-us&de=UTF-8&dt=Take%20the%20Black%20Podcast&sd=24-bit&sr=1600x1200&vp=606x296&je=0&_u=YEBAAAABCAAAAC~&jid=879439775&gjid=1850168282&cid=759600852.1620924788&tid=UA-23669758-4&_gid=1084093302.1620924788&_r=1&_slc=1&z=696174013
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://omny.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021051001.js
securepubads.g.doubleclick.net/gpt/ Frame 8D46 		303 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 May 2021 08:38:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109340
x-xss-protection
0
expires
Thu, 13 May 2021 16:53:08 GMT
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		252 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bde2523e87c632b0cea672cc3f2814cea89fbcec95bcfd2c5922aeffa8893644

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 03:00:35 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
49954
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 13 May 2021 03:00:32 GMT
server
AmazonS3
etag
W/"db30a5d441dec6c9d2aeade0ee2580c3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 e544866f1454c4458d3a6644b47d065f.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
H0K5j26pUprdp7uvFIpwxH8FVDWAxG3G4wINWL4KMJU_8axReut0DA==
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 8D46 		227 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30421e006b68d71bc0bcb0619c519e44a0a218d0b0e748bb7af7355914365ddb

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:34:01 GMT
content-encoding
br
last-modified
Thu, 13 May 2021 16:14:23 GMT
server
AmazonS3
age
1148
etag
W/"de22fe630f9ea63596d36388c6661c85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
jVtsOyTDQ5ozSla.XJY7zwBZyW8rmDwY
via
1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
ZRH50-C1
content-type
text/javascript
x-amz-cf-id
wb9gN2DBeR8MILiI5wnvu4l9EkH0ZnVPOlI5wyL-3AI6pm3iBtG4vg==
showad.js
ads.pubmatic.com/AdServer/js/ Frame 33F7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=118356
Expires
Sat, 15 May 2021 01:45:44 GMT
Date
Thu, 13 May 2021 16:53:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@800&family=Roboto:wght@700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:06:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:08 GMT
server
sffe
age
35226
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19440
x-xss-protection
0
expires
Fri, 13 May 2022 07:06:02 GMT
collect
stats.g.doubleclick.net/j/ Frame 6663 		4 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23669758-4&cid=759600852.1620924788&jid=879439775&gjid=1850168282&_gid=1084093302.1620924788&_u=YEBAAAAACAAAAC~&z=2147453003
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 13 May 2021 16:53:08 GMT
content-type
text/plain
access-control-allow-origin
https://omny.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1208.min.js
js-agent.newrelic.com/ Frame 6663 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed?style=cover
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
5WX35NGYGYP5TM9Z
x-cache
HIT
content-length
11777
x-amz-id-2
n6DIqAFurhBDE4DiFhubCfSiQlApIhdzEkVNPwuZOKYpuUrLroTR9dkR1bHym6QxY7ejN7LATMQ=
x-served-by
cache-hhn4062-HHN
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1620924789.532716,VS0,VE0
date
Thu, 13 May 2021 16:53:08 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
16615
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 8D46 		227 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/wrapper_hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caf7ca3470d5db20ff3526cf8782425ba251dc7dd2857e491245b6d2561ab838

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:34:02 GMT
content-encoding
br
last-modified
Thu, 13 May 2021 16:12:43 GMT
server
AmazonS3
age
1147
etag
W/"8c5ebff708fa6dbc08f8ac25a23c4203"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Sn3En9eX_H1iduJTnDMBTKka7ETcSkhJ
via
1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
ZRH50-C1
content-type
text/javascript
x-amz-cf-id
SLu84ZDmg3-kqYORTZk1UWcJwLky5_OpYKTAths7l_uJtfncRf7mYA==
j.html
p.zetarail.com/prebidlink/18760/ Frame AA87 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.zetarail.com/prebidlink/18760/j.html?i=8200
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

:method
GET
:authority
p.zetarail.com
:scheme
https
:path
/prebidlink/18760/j.html?i=8200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Thu, 13 May 2021 17:53:08 GMT
access-control-allow-origin
*
ga-audiences
www.google.com/ads/ Frame 6663 		42 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23669758-4&cid=759600852.1620924788&jid=879439775&_u=YEBAAAAACAAAAC~&z=1417980042
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 6663 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23669758-4&cid=759600852.1620924788&jid=879439775&_u=YEBAAAAACAAAAC~&z=1417980042
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player.js
player.aniview.com/script/6.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v16.6.7/ads/main-chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
342a7d56c7ac2c581ab014436362c9bf07efcd0aef18fbd411ebfa36dc10a2a7

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxOHYrqzba81mvWK5ublCmzSp2cw20xr-1hEI9d_pLQqVHwEa-L0tCUHOQGDQTkmVqbUlSFWnaIyqW4w1o0Ao0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9068
last-modified
Thu, 06 May 2021 11:03:25 GMT
server
UploadServer
etag
"853cb7214605d9772f2020e65e257e55"
vary
Accept-Encoding
x-goog-hash
crc32c=tUpnEg==, md5=hTy3IUYF2XcvICDmXiV+VQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1620299005552444
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9068
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 13 May 2021 16:58:08 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=5f832df0df2cb9218e72fe35&e=playerLoaded&cb=1620924788614&r=https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
2f13f60752c817989414cd5bd069d3e4.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/2f13f60752c817989414cd5bd069d3e4.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
57897e7f83eaaa14132d1d33cb25970c3e5af6d4833acae868e2b4a204b63128
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:42 GMT
server
Cloudinary
etag
"99332935c7eff6a40e01a78d85294b04"
strict-transport-security
max-age=604800
x-hw
1620924788.cds168.fr8.hn,1620924788.cds051.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=114;cpu=0;start=2021-05-06T14:18:27.090Z;desc=miss,rtt;dur=94,cloudinary;dur=21;start=2021-05-06T14:18:27.128Z
accept-ranges
bytes
timing-allow-origin
*
content-length
7904
609af501962b07-14977886.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/609af501962b07-14977886.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
e8ade9a6c48ba9bee1abc9e6fed3bd1a48072c59e401cc9cb78528354390f628
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=2;cpu=1;start=2021-05-12T20:25:56.589Z;desc=hit,rtt;dur=0
content-length
8677
x-request-id
aaa7e9d444089e297d434d836449f06b
last-modified
Wed, 12 May 2021 20:05:33 GMT
server
Cloudinary
etag
"c69737ef7483a13a905798898047af64"
strict-transport-security
max-age=604800
x-hw
1620924788.cds168.fr8.hn,1620924788.cds268.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@800&family=Roboto:wght@700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://winteriscoming.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
4659
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:29 GMT
15325530070980734337.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15325530070980734337.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:25 GMT
server
Cloudinary
etag
"6ee8798297a52bd0f9fa11b1b77d3451"
strict-transport-security
max-age=604800
x-hw
1620924788.cds168.fr8.hn,1620924788.cds220.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=109;cpu=0;start=2021-05-06T14:16:25.184Z;desc=miss,rtt;dur=1,cloudinary;dur=14;start=2021-05-06T14:16:25.233Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10961
601fe8edc63e99f1e857f726a3d70e62.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/601fe8edc63e99f1e857f726a3d70e62.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c625a53adde29d216b53ec8253e9087c78a79468d955690a6e1aa8932f4d3186
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 16:34:12 GMT
server
Cloudinary
etag
"4500128a326f47fb51c33e71355db7f5"
strict-transport-security
max-age=604800
x-hw
1620924788.cds168.fr8.hn,1620924788.cds276.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=114;cpu=0;start=2021-05-13T16:34:32.399Z;desc=miss,rtt;dur=0,cloudinary;dur=21;start=2021-05-13T16:34:32.444Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10031
15606241430295517046.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15606241430295517046.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1a0ac6f42136b391b9da86da972b414d0963967c31737e2b173641c1273b9cd7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:24 GMT
server
Cloudinary
etag
"74624647357fe52393be8e92cb3e9135"
strict-transport-security
max-age=604800
x-hw
1620924788.cds168.fr8.hn,1620924789.cds275.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;cpu=0;start=2021-05-06T14:16:52.849Z;desc=hit,rtt;dur=80
accept-ranges
bytes
timing-allow-origin
*
content-length
7597
15607864980674604554.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15607864980674604554.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
61980b41e975afb196b47af054d5bf6f25da4959c5af53c811d193e672d9b2f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=948;cpu=0;start=2021-05-06T14:16:23.939Z;desc=miss,rtt;dur=145,cloudinary;dur=845;start=2021-05-06T14:16:23.982Z,cld-id;desc=02ae475f8bf43069dee167e0de733c25
content-length
6743
x-request-id
02ae475f8bf43069dee167e0de733c25
last-modified
Thu, 06 May 2021 14:16:25 GMT
server
Cloudinary
etag
"86b57f230fb789ab851f0f6103fc0d53"
strict-transport-security
max-age=604800
x-hw
1620924788.cds168.fr8.hn,1620924788.cds245.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15607877331564115257.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15607877331564115257.jpg
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ba5a1c1a1407bc114fbacdc2c547d0a34fdd671fd545b0c51c4a596104fe4a09
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 14:16:24 GMT
server
Cloudinary
etag
"ec71512504cb8840402b3f56ea34b71c"
strict-transport-security
max-age=604800
x-hw
1620924788.cds168.fr8.hn,1620924788.cds278.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=407;cpu=1;start=2021-05-06T14:16:35.671Z;desc=miss,rtt;dur=129,cloudinary;dur=20;start=2021-05-06T14:16:35.996Z
accept-ranges
bytes
timing-allow-origin
*
content-length
3515
sync.html
s.adtelligent.com/ Frame EA06 		1 KB
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=572165
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winteriscoming.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

Server
VertaMedia 1.0
Date
Thu, 13 May 2021 16:53:08 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
634
Access-Control-Allow-Origin
https://winteriscoming.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
hb.spotim.market/geo/ Frame 8D46 		119 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/wrapper_hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f6c474e894dd8f9ddcb9417e7e09a34092aa6179ab49903ad6ee16a12f7223a9

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://winteriscoming.net
Date
Thu, 13 May 2021 16:53:08 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
119
Content-Type
application/json
tracking
hb.spotim.market/adunit/ Frame 8D46 		43 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=5178&full_page_url=https%3A%2F%2Fwinteriscoming.net&adid=n4rnf7.dk&vpbv=0774&lifecycle_tte=1053
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/wrapper_hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://winteriscoming.net
Date
Thu, 13 May 2021 16:53:08 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/30/ 		264 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/30/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=winteriscoming.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a482d2f55898d0ef08eb04f002cd4a5a73118892286c713858110a0042365231

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 21:22:03 GMT
content-encoding
gzip
age
70266
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Mon, 10 May 2021 21:21:00 GMT
server
AmazonS3
etag
W/"a808e91593e1cb5c83e8509796d2394b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
mRathxTQerl_r2gQSRUxsP9WaZrxTuOV8EjBhOLG38Sf4o74Bey9qg==
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 8D46 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwinteriscoming.net
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
010db7d01d00dbae12550ed882000b32fcce25934a8ee2d5d9b95d61ae7cc92d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 12:01:14 GMT
server
nginx
etag
W/"609d150a-858"
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
expires
Thu, 13 May 2021 17:53:08 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:08 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:08 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:08 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
PugMaster
image6.pubmatic.com/AdServer/ Frame 33F7 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87575475&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ec7082421f8ee31bd6682341fd8b812c369c40e55fc33337f8e1059865e3607b

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
c142c473c4
bam-cell.nr-data.net/1/ Frame 6663 		57 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/c142c473c4?a=6096085&v=1208.49599aa&to=Y1ABYhEAD0JWVhFRDloaNFMBNRNQWUYEWxVdWg0ZJgwDVFN2ClYVRloPWgYTTnRaVwBc&rst=2228&ck=1&ref=https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed&ap=5&be=430&fe=1934&dc=660&perf=%7B%22timing%22:%7B%22of%22:1620924786583,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:8,%22ce%22:23,%22rq%22:23,%22rp%22:78,%22rpe%22:79,%22dl%22:127,%22di%22:660,%22ds%22:660,%22de%22:660,%22dc%22:1933,%22l%22:1933,%22le%22:1935%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:08 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
64ed66ba3cd14ac3-FRA
cf-request-id
0a083e886500004ac33ebc1000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 2F49 		335 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1f7f6b5d4c2aa3e8f3a326ba7383d14991eeee28e82ad79ec9d845a8cfad90bd

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxGossO7oJ34btYTYnB9qZXcUOxfuvNMwqcK1O7JGx8cfjGLOk7BUE2CSXfnMhWFsFQF4-h-04HRtR1d-aNvaQwMTu9SQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
97051
last-modified
Thu, 06 May 2021 11:02:44 GMT
server
UploadServer
etag
"f1aea8dd6a23edb41adfd8ff283ad96d"
vary
Accept-Encoding
x-goog-hash
crc32c=gm3KWA==, md5=8a6o3Woj7bQa39j/KDrZbQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1620298964319181
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
97051
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 13 May 2021 16:58:08 GMT
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22f3-DFdjnrLazk%22%2C%22domain%22%3A%22winteriscoming.net%22%2C%22publisher%22%3A%22Winter%20is%20Coming%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.30%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22HMOmnoRmd76GN2ZXUPkuYQ%22%2C%22clientTimestamp%22%3A1620924788892%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-u0ccuwyulnimh9q2cx6c%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/30/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-101.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:47:38 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
age
3932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
vary
Origin
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
irTo32889K9EVmHlO5QEGzZjurZRk1jikr6mjWXIwi_tkXSGuk-YMw==
pbm_307825_8200.js
p.zetarail.com/prebidlink/18760/ Frame AA87 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/j.html?i=8200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
449575f5659f0f21299e1582a4d6d9352af51c137f3a6586625fa6f2159777a4

Request headers

Referer
https://p.zetarail.com/prebidlink/18760/j.html?i=8200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 15:44:06 GMT
server
nginx
etag
W/"609d4946-889a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Thu, 13 May 2021 17:53:08 GMT
csync
sync.adtelligent.com/ Frame EA06
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
86 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=572165
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:08 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 70EE 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 13 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1153
date
Thu, 13 May 2021 16:53:08 GMT
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 1FAD
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8527752969132549622
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8527752969132549622
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8527752969132549622
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63; KRTBCOOKIE_1101=23040-6961818958032664718; PugT=1620924787; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&16736-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23019-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23114-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 May 2021 16:53:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-8527752969132549622; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 16:53:09 GMT; path=/ PugT=1620924789; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 16:53:09 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 16:53:09 GMT; path=/
x-lat
lhrpug006:0:536
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8527752969132549622
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
adx
match.prod.bidr.io/cookie-sync/ Frame DD73
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBOVJFN0JPck1BQUN1bWJmYlN4dw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AAA9RE7BOrMAACumbfbSxw; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Thu, 13 May 2021 16:53:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Thu, 13 May 2021 16:53:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 4EB4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961818958032664718
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961818958032664718
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961818958032664718
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 May 2021 16:53:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6961818958032664718; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 16:53:07 GMT; path=/ PugT=1620924787; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 16:53:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 16:53:07 GMT; path=/
x-lat
amspug014:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 13 May 2021 16:53:09 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6961818958032664718; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961818958032664718
Pug
simage2.pubmatic.com/AdServer/ Frame BA79
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 May 2021 16:53:06 GMT
content-type
text/html; charset=utf-8
x-lat
amspug002:2:258
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=ced8d42f-a7e6-4957-b7a9-91551c2e2981; path=/; domain=csync.loopme.me; Expires=Sun, 13-Jun-2021 16:53:09 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 13 May 2021 16:53:09 GMT
server
_
bridge
cm.adgrx.com/ Frame 7D4F 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame F942
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4983038842
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4983038842
  • https://sync.1rx.io/usersync/tradedesk/375508ba-2d30-473d-9651-eafacb183e46
  • https://sync.targeting.unrulymedia.com/csync/RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003
42 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63; KRTBCOOKIE_1101=23040-6961818958032664718; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&16736-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23019-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23114-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3; KRTBCOOKIE_391=22924-7135139224381836002&KRTB&23263-7135139224381836002; SPugT=1620924788; KRTBCOOKIE_409=22966-4P15e8GnslR3B0ZtSfibWzO1; KRTBCOOKIE_80=16514-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&22987-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&23025-CAESENu-zFqCUeAekIBlSo6W1e0; KRTBCOOKIE_57=22776-3685782002405673524; KRTBCOOKIE_336=5844-8527752969132549622; KRTBCOOKIE_153=19420-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY&KRTB&22979-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY; KRTBCOOKIE_377=6810-375508ba-2d30-473d-9651-eafacb183e46&KRTB&22918-375508ba-2d30-473d-9651-eafacb183e46&KRTB&23031-375508ba-2d30-473d-9651-eafacb183e46; KRTBCOOKIE_22=14911-7149985847909831442; KRTBCOOKIE_188=3189-no-consent; PugT=1620924789
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 May 2021 16:53:06 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003&KRTB&17107-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 16:53:06 GMT; path=/ PugT=1620924786; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 16:53:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 16:53:06 GMT; path=/
x-lat
amspug002:0:508
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 13 May 2021 16:53:09 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003%22%7D; path=/; expires=Fri, 13 May 2022 16:53:09 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003
etag
RX3cb4a9b86cf94ba49bc5b5e0e8e136bf003
Pug
image2.pubmatic.com/AdServer/ Frame 5D6F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4P15e8GnslR3B0ZtSfibWzO1
42 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4P15e8GnslR3B0ZtSfibWzO1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4P15e8GnslR3B0ZtSfibWzO1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 May 2021 16:53:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-4P15e8GnslR3B0ZtSfibWzO1; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 16:53:09 GMT; path=/ PugT=1620924789; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 16:53:09 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 16:53:09 GMT; path=/
x-lat
lhrpug011:0:504
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 13 May 2021 16:53:09 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=4P15e8GnslR3B0ZtSfibWzO1; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4P15e8GnslR3B0ZtSfibWzO1
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame E4A3 		42 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a083e893500004e503f9f4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64ed66bb8f1a4e50-FRA
i.match
s.tribalfusion.com/z/ Frame 23B4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aEnoeURZdySqAIUMt0Vdx1cPtZbMyd6WiVZcm2um9JZb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a7nseFwyEojpuMNpbIFwkjZdGZbhuui7QlCr1tPcjUCCZcVBCUWbrIS0fskHBjO6Ina5JpV322YZcARibE0lkhlZd; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 16:53:09 GMT; SameSite=None; Secure; ANON_ID_old=a7nseFwyEojpuMNpbIFwkjZdGZbhuui7QlCr1tPcjUCCZcVBCUWbrIS0fskHBjO6Ina5JpV322YZcARibE0lkhlZd; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 16:53:09 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0a083e8a0d00000742eda8b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64ed66bce9400742-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 13 May 2021 16:53:09 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
163
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aEnoeURZdySqAIUMt0Vdx1cPtZbMyd6WiVZcm2um9JZb; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 16:53:09 GMT; SameSite=None; Secure; ANON_ID_old=aEnoeURZdySqAIUMt0Vdx1cPtZbMyd6WiVZcm2um9JZb; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 16:53:09 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0a083e894a00000742283d3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64ed66bbae490742-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 6D24
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=IuwStLVqcqT2&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=IuwStLVqcqT2&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=IuwStLVqcqT2&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63; KRTBCOOKIE_1101=23040-6961818958032664718; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&16736-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23019-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23114-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3; KRTBCOOKIE_391=22924-7135139224381836002&KRTB&23263-7135139224381836002; SPugT=1620924788; KRTBCOOKIE_409=22966-4P15e8GnslR3B0ZtSfibWzO1; KRTBCOOKIE_80=16514-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&22987-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&23025-CAESENu-zFqCUeAekIBlSo6W1e0; KRTBCOOKIE_57=22776-3685782002405673524; KRTBCOOKIE_336=5844-8527752969132549622; KRTBCOOKIE_153=19420-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY&KRTB&22979-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY; KRTBCOOKIE_377=6810-375508ba-2d30-473d-9651-eafacb183e46&KRTB&22918-375508ba-2d30-473d-9651-eafacb183e46&KRTB&23031-375508ba-2d30-473d-9651-eafacb183e46; KRTBCOOKIE_22=14911-7149985847909831442; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17105-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003&KRTB&17107-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003; KRTBCOOKIE_466=16530-db5b6833-2104-45e0-9dfc-1eece6cf9f6e; KRTBCOOKIE_1074=22956-e_2883f239-1595-4371-9fec-6811b9fe3d69; KRTBCOOKIE_218=22978-YJ1ZdQAA17W3WwBg&KRTB&23194-YJ1ZdQAA17W3WwBg&KRTB&23209-YJ1ZdQAA17W3WwBg&KRTB&23244-YJ1ZdQAA17W3WwBg; PugT=1620924788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 13 May 2021 16:53:07 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 16:53:07 GMT; path=/
x-lat
amspug005:0:301
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-n8txf
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=IuwStLVqcqT2&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=6c44fb1f5a75bd07; path=/; HttpOnly; Secure; SameSite=None
141
match.deepintent.com/usersync/ Frame 7289 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 13 May 2021 16:53:08 GMT
server
a
Cookie set csync
sync.spotim.market/ Frame A262 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=1B129891-F9CA-479A-8537-0ED2EF02ECA5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.spotim.market
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
a301276=b1490eb8-b40b-11eb-a195-1860f0710506; vmuid=262be029e212b68e; a271858=3685782002405673524; a290146=y-S5ymd5NE2uH9czYYwMKx0oA.N9CL1xZB~A~UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
VertaMedia 1.0
Date
Thu, 13 May 2021 16:53:08 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=262be029e212b68e; expires=Wed, 14 Jul 2021 16:53:09 GMT; domain=.spotim.market; path=/; secure; SameSite=None a281178=1B129891-F9CA-479A-8537-0ED2EF02ECA5; expires=Wed, 14 Jul 2021 16:53:09 GMT; domain=.spotim.market; path=/; secure; SameSite=None
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 33F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GxKYkfnKR5qFNw7S7wLspQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=139137
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sat, 15 May 2021 07:32:06 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 33F7 		95 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1B129891-F9CA-479A-8537-0ED2EF02ECA5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64ed66bbae3a4e1a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a083e894a00004e1ad9aef000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 33F7
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1B129891-F9CA-479A-8537-0ED2EF02ECA5&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B129891-F9CA-479A-8537-0ED2EF02ECA5&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1B129891-F9CA-479A-8537-0ED2EF02ECA5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:06 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:06 GMT
frontend-id
12
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1B129891-F9CA-479A-8537-0ED2EF02ECA5&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&addseg=19,36,42
7 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 13 May 2021 16:53:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUIxMjk4OTEtRjlDQS00NzlBLTg1MzctMEVEMkVGMDJFQ0E1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:269
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENu-zFqCUeAekIBlSo6W1e0&google_cver=1
42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENu-zFqCUeAekIBlSo6W1e0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:440
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENu-zFqCUeAekIBlSo6W1e0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 33F7 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 12 May 2021 16:53:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7135139224381836002
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7135139224381836002
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:475
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7135139224381836002
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=375508ba-2d30-473d-9651-eafacb183e46
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=375508ba-2d30-473d-9651-eafacb183e46
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:433
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=375508ba-2d30-473d-9651-eafacb183e46
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:480
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 13 May 2021 16:53:02 GMT
Server
MT3 3736 915c305 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 13 May 2021 16:53:01 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685782002405673524&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685782002405673524&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:524
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.53:80
AN-X-Request-Uuid
870b154f-28dd-4b1f-ab72-58badcf248b2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3685782002405673524&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1B129891-F9CA-479A-8537-0ED2EF02ECA5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 33F7 		43 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1B129891-F9CA-479A-8537-0ED2EF02ECA5?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OjYSIxtE2uUbY.CReEvVdsKY2v2_6to-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OjYSIxtE2uUbY.CReEvVdsKY2v2_6to-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:08 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 13 May 2021 16:53:09 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OjYSIxtE2uUbY.CReEvVdsKY2v2_6to-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=db5b6833-2104-45e0-9dfc-1eece6cf9f6e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=db5b6833-2104-45e0-9dfc-1eece6cf9f6e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4e204c91-cc3a-4a92-a23f-a6de6bb2c71f&user_group=1&ssp=pubmatic&bsw_param=db5b6833-2104-45e0-9dfc-1eece6cf9f6e
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db5b6833-2104-45e0-9dfc-1eece6cf9f6e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db5b6833-2104-45e0-9dfc-1eece6cf9f6e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:2543
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db5b6833-2104-45e0-9dfc-1eece6cf9f6e&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 13 May 2021 16:53:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY
42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:487
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7149985847909831442&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7149985847909831442&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:2621
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7149985847909831442&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 13 May 2021 16:53:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ1ZdQAA17W3WwBg&gdpr=0&gdpr_consent=&_test=YJ1ZdQAA17W3WwBg
1 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ1ZdQAA17W3WwBg&gdpr=0&gdpr_consent=&_test=YJ1ZdQAA17W3WwBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:499
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620924789.291580,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ1ZdQAA17W3WwBg&gdpr=0&gdpr_consent=&_test=YJ1ZdQAA17W3WwBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c829270d-8896-4b5e-832b-f57d79e1c688&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c829270d-8896-4b5e-832b-f57d79e1c688&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:368
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c829270d-8896-4b5e-832b-f57d79e1c688&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 13 May 2021 16:53:09 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 33F7 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1B129891-F9CA-479A-8537-0ED2EF02ECA5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:425
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:08 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685782002405673524
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685782002405673524
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.80:80
AN-X-Request-Uuid
0a392bb3-8d37-4575-843f-f38df74011af
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3685782002405673524
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 33F7
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2883f239-1595-4371-9fec-6811b9fe3d69
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2883f239-1595-4371-9fec-6811b9fe3d69
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:07 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:441
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2883f239-1595-4371-9fec-6811b9fe3d69
date
Thu, 13 May 2021 16:53:09 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=winteriscoming.net&sn=&cd1=sp_ZmrvuyvQ&cd2=Desktop&cd3=pitc&cd4=585de4e1-8732-4b02-a425-64571302eb9a&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&ic=0&tgt=0&app=&wi=400&he=300&test=&apppkg=&fv=3&proto=https&pid=5e0e296628a061270b21ccab&cid=5f832df0df2cb9218e72fe35&e=inventory&vi=0&cb=1620924789036
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
csyncs
hb.spotim.market/ Frame 8D46 		503 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/csyncs?aid1=572165&aid2=605039&aid3=623328
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/wrapper_hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
009c759eceed7d2c4b89920e59b501e3794b281c12b40dcc960851daa848e15e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:08 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://winteriscoming.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
285
tracking
ghb.adtelligent.com/adunit/ Frame AA87 		43 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fwinteriscoming.net&adid=128d097b2c4923&vpbv=M053&client_id=307825&site_id=8200&lifecycle_tte=472
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://p.zetarail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.zetarail.com
Date
Thu, 13 May 2021 16:53:08 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
go1.aniview.com/api/adserver/tag/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_ZmrvuyvQ&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&AV_CDIM4=585de4e1-8732-4b02-a425-64571302eb9a&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f832df0df2cb9218e72fe35&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=winteriscoming.net&AV_DADPOS=3&v=6.1.1.243&avtoken=789035&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1620924789075
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
703dea5e30d2a5764e9a159528a9bbe9321248a3a7b2201edb5ab47707cbdf9e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 02 May 2021 03:06:29 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
view
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js?ver=2.67.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:09 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
csync
sync.adtelligent.com/ Frame 8D46
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
86 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:08 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.adtelligent.com/ Frame 8D46
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3685782002405673524
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3685782002405673524
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.37:80
AN-X-Request-Uuid
8a556744-d5da-4302-be27-0de88e1d9711
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3685782002405673524
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum.casalemedia.com/ Frame B93A
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5347b5aca992b428746d95d42a861d018c6d3bbd269abe1122584fe2394728a

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winteriscoming.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJ1ZdXGi6oNe0-NUBhOx.gAA; CMPS=3226
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|45|73|152|105|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1775
Expires
Thu, 13 May 2021 16:53:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ1ZdXGi6oNe0-NUBhOx.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 May 2022 16:53:09 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 11 Aug 2021 16:53:09 GMT CMPRO=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 11 Aug 2021 16:53:09 GMT CMRUM3=27609d59750b40&69609d597505a0&98609d597505a00&49609d597505a0&be609d597505a0&f1609d597505a0&e6609d59752760&2d609d597505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 May 2022 16:53:09 GMT CMST=YJ1ZdWCdWXUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 16:53:09 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 13 May 2021 16:53:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ1ZdXGi6oNe0-NUBhOx.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 May 2022 16:53:09 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 11 Aug 2021 16:53:09 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 84FE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D72%26pid%3D5e0e...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1620924789034-974133586802-007324-009-003325
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-length
0

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
content-length
0
date
Thu, 13 May 2021 16:53:08 GMT
server
AC1.1
usync.html
eus.rubiconproject.com/ Frame 33EF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winteriscoming.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 May 2021 16:53:09 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date
Thu, 13 May 2021 16:53:09 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
cookiesyncendpoint
sync.aniview.com/ Frame 1FDE
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=2&key=b1490eb8-b40b-11eb-a195-1860f0710506
0
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=2&key=b1490eb8-b40b-11eb-a195-1860f0710506
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=2&key=b1490eb8-b40b-11eb-a195-1860f0710506
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1620924789034-974133586802-007324-009-003325
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-length
0
set-cookie
2_C_2=b1490eb8-b40b-11eb-a195-1860f0710506; Path=/; Domain=aniview.com; Expires=Thu, 20 May 2021 16:53:09 GMT; Secure; SameSite=None 2_C_2=b1490eb8-b40b-11eb-a195-1860f0710506; Path=/; Expires=Thu, 20 May 2021 16:53:09 GMT; Secure; SameSite=None

Redirect headers

Server
nginx
Date
Thu, 13 May 2021 16:53:09 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=b1490eb8-b40b-11eb-a195-1860f0710506; expires=Fri, 13-May-2022 17:59:49 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=2&key=b1490eb8-b40b-11eb-a195-1860f0710506
X-fe
143
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF1C 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winteriscoming.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63; KRTBCOOKIE_1101=23040-6961818958032664718; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&16736-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23019-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23114-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3; KRTBCOOKIE_391=22924-7135139224381836002&KRTB&23263-7135139224381836002; SPugT=1620924788; KRTBCOOKIE_409=22966-4P15e8GnslR3B0ZtSfibWzO1; KRTBCOOKIE_80=16514-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&22987-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&23025-CAESENu-zFqCUeAekIBlSo6W1e0; KRTBCOOKIE_57=22776-3685782002405673524; KRTBCOOKIE_336=5844-8527752969132549622; KRTBCOOKIE_153=19420-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY&KRTB&22979-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY; KRTBCOOKIE_377=6810-375508ba-2d30-473d-9651-eafacb183e46&KRTB&22918-375508ba-2d30-473d-9651-eafacb183e46&KRTB&23031-375508ba-2d30-473d-9651-eafacb183e46; KRTBCOOKIE_22=14911-7149985847909831442; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17105-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003&KRTB&17107-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003; KRTBCOOKIE_466=16530-db5b6833-2104-45e0-9dfc-1eece6cf9f6e; KRTBCOOKIE_1074=22956-e_2883f239-1595-4371-9fec-6811b9fe3d69; KRTBCOOKIE_218=22978-YJ1ZdQAA17W3WwBg&KRTB&23194-YJ1ZdQAA17W3WwBg&KRTB&23209-YJ1ZdQAA17W3WwBg&KRTB&23244-YJ1ZdQAA17W3WwBg; PugT=1620924788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=139137
Expires
Sat, 15 May 2021 07:32:06 GMT
Date
Thu, 13 May 2021 16:53:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
pixel.advertising.com/ups/58268/ Frame 4835 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
APID=UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 4CD4
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=55&key=3685782002405673524
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=55&key=3685782002405673524
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=55&key=3685782002405673524
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1620924789034-974133586802-007324-009-003325
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-length
0
set-cookie
2_C_55=3685782002405673524; Path=/; Domain=aniview.com; Expires=Thu, 20 May 2021 16:53:09 GMT; Secure; SameSite=None 2_C_55=3685782002405673524; Path=/; Expires=Thu, 20 May 2021 16:53:09 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Thu, 13 May 2021 16:53:09 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=55&key=3685782002405673524
AN-X-Request-Uuid
7a16b44b-00ee-493d-aeaa-cbbf8560fc25
Set-Cookie
uuid2=3685782002405673524; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 11-Aug-2021 16:53:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.235:80
306998
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/306998?VPI=MP4&content_page_url=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&cb=924789417&player_width=400&player_height=300&ip_addr=144.76.109.30&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000789
X-SpotX-Timing-SpotMarket
0.008371
X-SpotX-Timing-Page-Mux
0.001059
X-SpotX-Timing-Page-Require
0.000516
X-fe
035
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
Content-Length
77
X-SpotX-Timing-Page
0.022273
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000574
Last-Modified
Thu, 13 May 2021 16:53:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008371
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://winteriscoming.net
X-SpotX-Timing-Page-Misc
0.010918
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
video-ads.rubiconproject.com/video/17184/260262/1289098/204/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/17184/260262/1289098/204/vast.xml?tg_c.language=en&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
2cd142f5b707b5c4587893969b7d1814dfd07ebd41ad90889cba143d3878c3b2

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://winteriscoming.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
956
Expires
Thu, 13 May 2021 16:53:09 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=17184&site_id=363542&zone_id=1972978&size_id=201&tg_c.language=en&width=400&height=300&gdpr=1&gdpr_consent=&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.190.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 2F49 		265 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8c939f8edc776de7d55fa9c360e8d19a99e5f6d9553c26c9d16aa0abf739ddb8

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzv313aS_61EnmbhUiVB5iV4dNZ1zBvWgllbdeUguRLpjIbwQvNcjyj-KVtvWamMuc5xIrFEWDQsRFyXbtGO3soimBdkw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
85371
last-modified
Thu, 06 May 2021 11:02:07 GMT
server
UploadServer
etag
"5ad25e5d24f7c113b39d573bab6a3d38"
vary
Accept-Encoding
x-goog-hash
crc32c=YSevlA==, md5=WtJeXST3wROznVc7q2o9OA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1620298927832409
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
85371
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 13 May 2021 16:58:09 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=winteriscoming.net&rs=winteriscoming.net&sid=24334&t=1620924789&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1620924789034-974133586802-007324-009-003325&cha=0.7&cb=44457927675&cd4=585de4e1-8732-4b02-a425-64571302eb9a&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd1=sp_ZmrvuyvQ&cd2=Desktop&cd3=pitc&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f832df0df2cb9218e72fe35&e=request&cb=1620924789423&asid=5ff322342d4919083a16bde2%2C5e85d2f0d23d91608a46c4c2%2C6028cfd26fcf442a2b297962%2C5fb5756e6a973179765f33c3%2C606ad3fbab545d54873de6d4%2C608f958921f08368ca76dc2d&ofpr=%2C%2C%2C4.98%2C5.5%2C3.8&fpo=%2C%2C%2C%2C%2C
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/233979/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233979/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://winteriscoming.net
pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
X-SpotX-Timing-Transform
0.000508
X-SpotX-Timing-SpotMarket
0.007896
X-SpotX-Timing-Page-Mux
0.001503
X-SpotX-Timing-Page-Require
0.000420
X-fe
002
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.016305
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000353
Last-Modified
Thu, 13 May 2021 16:53:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007896
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://winteriscoming.net
X-SpotX-Timing-Page-Misc
0.005585
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225e5c374ffd92da%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22sid%22%3A%22pub_yXO4Yd5V1rhJ%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226ecae20838b1ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22sid%22%3A%22400x300%22%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
35053148e333510eb3716655bea0249abcb614260d10b70b1ba81d1d44d77900

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Thu, 13 May 2021 16:53:09 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8F52 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D1%26key%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=1B129891-F9CA-479A-8537-0ED2EF02ECA5; chkChromeAb67Sec=1; DPSync3=1622073600%3A201_227_226_221; SyncRTB3=1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63; KRTBCOOKIE_1101=23040-6961818958032664718; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&16736-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23019-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23114-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3; KRTBCOOKIE_391=22924-7135139224381836002&KRTB&23263-7135139224381836002; SPugT=1620924788; KRTBCOOKIE_409=22966-4P15e8GnslR3B0ZtSfibWzO1; KRTBCOOKIE_80=16514-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&22987-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&23025-CAESENu-zFqCUeAekIBlSo6W1e0; KRTBCOOKIE_57=22776-3685782002405673524; KRTBCOOKIE_336=5844-8527752969132549622; KRTBCOOKIE_153=19420-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY&KRTB&22979-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY; KRTBCOOKIE_377=6810-375508ba-2d30-473d-9651-eafacb183e46&KRTB&22918-375508ba-2d30-473d-9651-eafacb183e46&KRTB&23031-375508ba-2d30-473d-9651-eafacb183e46; KRTBCOOKIE_22=14911-7149985847909831442; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17105-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003&KRTB&17107-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003; KRTBCOOKIE_466=16530-db5b6833-2104-45e0-9dfc-1eece6cf9f6e; KRTBCOOKIE_1074=22956-e_2883f239-1595-4371-9fec-6811b9fe3d69; KRTBCOOKIE_218=22978-YJ1ZdQAA17W3WwBg&KRTB&23194-YJ1ZdQAA17W3WwBg&KRTB&23209-YJ1ZdQAA17W3WwBg&KRTB&23244-YJ1ZdQAA17W3WwBg; PugT=1620924788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D1%26key%3D

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=118355
Expires
Sat, 15 May 2021 01:45:44 GMT
Date
Thu, 13 May 2021 16:53:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame B93A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJ1ZdXGi6oNe0-NUBhOx.gAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame B93A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEK5jCZ4xwX7YsvZZBeGgGlo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEK5jCZ4xwX7YsvZZBeGgGlo&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 13 May 2021 16:53:09 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEK5jCZ4xwX7YsvZZBeGgGlo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B93A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B93A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJ1ZdXGi6oNe0-NUBhOx.gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmQT3lDmjrHy0O6406iwoc&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmQT3lDmjrHy0O6406iwoc&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 May 2021 16:53:09 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmQT3lDmjrHy0O6406iwoc&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B93A 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B93A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=8f754e76-7439-49b6-a3b3-a3ede7f517b1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=8f754e76-7439-49b6-a3b3-a3ede7f517b1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 May 2021 16:53:09 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=8f754e76-7439-49b6-a3b3-a3ede7f517b1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B93A
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 May 2021 16:53:09 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Thu, 13 May 2021 16:53:09 GMT
server
nginx/1.18.0
content-length
76
getuid
ib.adnxs.com/ Frame B93A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookiesyncendpoint
sync.aniview.com/ Frame B93A 		0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1620924789034-974133586802-007324-009-003325&biddername=42&key=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1620924789034-974133586802-007324-009-003325%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 33EF 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68536
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Fri, 14 May 2021 11:55:25 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=winteriscoming.net&rs=winteriscoming.net&sid=24334&t=1620924789&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1620924789034-974133586802-007324-009-003325&cha=0.7&cb=44457927675&cd4=585de4e1-8732-4b02-a425-64571302eb9a&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd1=sp_ZmrvuyvQ&cd2=Desktop&cd3=pitc&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f832df0df2cb9218e72fe35&e=bid&cb=1620924789612&asid=5e85d2f0d23d91608a46c4c2&ofpr=&fpo=
Requested by
Host: winteriscoming.net
URL: https://winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister/?a_aid=42860&fbclid=PAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-31032.js
video-ads.rubiconproject.com/video/ Frame EA3C 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31032.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 09:40:09 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"100d7-5bfd76a7cf040-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19979
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame EA3C 		28 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&account_id=17184&site_id=260262&zone_id=1289098&size_id=204&tg_c.language=en&rp_schain=1.0,1!spotim.market,sp_K16VHJZS,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=400&p_aso.video.ext.ad.h=300&width=400&height=300&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=450823296639590.9&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.190.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2plx0wbTGP8G8okXbI6J6AwNwfT31-RKh1mXN_tMSCevrdUuG2nQ_c09Kwh_BidluH6Qj4A
memorizeneck.com/ 		216 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://memorizeneck.com/v2plx0wbTGP8G8okXbI6J6AwNwfT31-RKh1mXN_tMSCevrdUuG2nQ_c09Kwh_BidluH6Qj4A
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0fa36edac7fbc502bda4a061867d21b396815ce727109f97625aa71d6a932586
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 13 May 2021 16:53:10 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
eef55514
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Thu, 13 May 2021 16:53:09 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 33EF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Content-Type
image/gif
v2nfabL47jXgofFK9ZDiW3yTgVT7NzZHf5C52vw3rjK_QnAhcukPUSaS-eqWkb3aweqBR5Qk
memorizeneck.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://memorizeneck.com/v2nfabL47jXgofFK9ZDiW3yTgVT7NzZHf5C52vw3rjK_QnAhcukPUSaS-eqWkb3aweqBR5Qk
Requested by
Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 13 May 2021 16:53:10 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winteriscoming.net
access-control-allow-credentials
true
x-hostname
eef55514
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwinteriscoming.net%2F&domain=winteriscoming.net&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://winteriscoming.net
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1399
date
Thu, 13 May 2021 16:53:09 GMT
content-encoding
gzip
vary
Accept-Encoding
rtb
trends.revcontent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/rtb?apiKey=b7b594eb3a542d84f1718555eb51303d1083ca46&userId=152441
Protocol
H2
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://winteriscoming.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 16:53:10 GMT
content-type
text/plain
content-length
13
server
Grizzly/2.4.4
allow
POST,OPTIONS
access-control-allow-origin
https://winteriscoming.net
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
sid
mug.criteo.com/ Frame 8D46
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwinteriscoming.net%2F&domain=winteriscoming.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=zKH1inw5ZWZsSU9nbmFyNUpndkZ5aC9lQkI0eVRaeVBLZjNIa0F4QVZPNWRXNzdNZlVhSmM4Vys1Q0lGVzkvZFBiVUdJQUpsMnZFblFWTzZpMURqNk1RTkhVdHNwbWc0ZlcvSzhubUgwN1lLKzJFKzg4S01qQlI2bVhiRV...
344 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zKH1inw5ZWZsSU9nbmFyNUpndkZ5aC9lQkI0eVRaeVBLZjNIa0F4QVZPNWRXNzdNZlVhSmM4Vys1Q0lGVzkvZFBiVUdJQUpsMnZFblFWTzZpMURqNk1RTkhVdHNwbWc0ZlcvSzhubUgwN1lLKzJFKzg4S01qQlI2bVhiRVk4cnNBK0dYaUkyaUNZUW1JcmdENFdiaWJCRkpueXQ3ZmcxMVJ6bStldUFjUG05OHBVcllNdFFycis0VElLTFVsbmxJN2RXYlFVQjlvQXFicUdwUFRRR1VDeW9ndUt0b05mZy9NSlJjR3B2c01QTSsyN3pNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f82705a09505698ee1bf7da5dbd25e8a5508ace8c4e2abb5210a5d16bf5f2b64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 13 May 2021 16:53:10 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2450
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 13 May 2021 16:53:09 GMT
location
https://mug.criteo.com/sid?cpp=zKH1inw5ZWZsSU9nbmFyNUpndkZ5aC9lQkI0eVRaeVBLZjNIa0F4QVZPNWRXNzdNZlVhSmM4Vys1Q0lGVzkvZFBiVUdJQUpsMnZFblFWTzZpMURqNk1RTkhVdHNwbWc0ZlcvSzhubUgwN1lLKzJFKzg4S01qQlI2bVhiRVk4cnNBK0dYaUkyaUNZUW1JcmdENFdiaWJCRkpueXQ3ZmcxMVJ6bStldUFjUG05OHBVcllNdFFycis0VElLTFVsbmxJN2RXYlFVQjlvQXFicUdwUFRRR1VDeW9ndUt0b05mZy9NSlJjR3B2c01QTSsyN3pNPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1718
content-length
482
expires
0
/
b1h.zemanta.com/api/bidder/prebid/bid/ Frame 8D46 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://winteriscoming.net
Access-Control-Allow-Credentials
true
bidRequest
c2shb.ssp.yahoo.com/ Frame 8D46 		62 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=4850946&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
383d6f603601e98c1d41d226897126aedf52bf2ee6ca3e1f4425b9186441f1af

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://winteriscoming.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ Frame 8D46 		62 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=5242527&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
b68c9d1cd9f95c384f80510e0b22a3560121d0f97a95a1cd8f00fb1df502aba3

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://winteriscoming.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ Frame 8D46 		62 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=8a969435017777a74966b045e6a00410&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
05e2ce59f4eef992c52196874711db42c6e891282054b72e533225ce303a1b32

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://winteriscoming.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
cygnus
htlb.casalemedia.com/ Frame 8D46 		24 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22792866db1fce0b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.36.0-1%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22pub_yXO4Yd5V1rhJ%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228965361608893c%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2294cf1fc9049e41%22%2C%22ext%22%3A%7B%22siteID%22%3A%22581365%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%228965361608893c%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%228965361608893c%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
76ce06d3330674a88584db7d73e3164ac72964360d95502027091add0e00dce7

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Thu, 13 May 2021 16:53:10 GMT
prebid
lockerdome.com/ladbid/ Frame 8D46 		11 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Content-Encoding
gzip
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin
https://winteriscoming.net
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
31
translator
hbopenbid.pubmatic.com/ Frame 8D46 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
08951789f92f22742ad8179896b1ea81511c43d77d4fc048b3776a16fa6e7105

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:10 GMT
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
content-type
application/json
/
ghb.adtelligent.com/v2/auction/ Frame 8D46 		241 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
731750962638c2fa8bbfad5b82064746e54ecf4a7e8fcc8e22cf825ee4e89ad9

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:09 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://winteriscoming.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
159
prebid
ib.adnxs.com/ut/v3/ Frame 8D46 		19 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.106:80
AN-X-Request-Uuid
9a32677e-e756-4dc6-89bd-866bdc23e501
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://winteriscoming.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 8D46 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0-1&cb=27728465269
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:09 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8D46 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,&eid_pubcid.org=c837d802-220c-4c87-a0b5-b6300dab47ab%5E1&rf=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&tk_flint=pbjs_lite_v4.36.0-1&x_source.tid=b4313994-9941-4b45-8cc4-8143d6c4e5b2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30052868542514144
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6fccbb11d8c4f7eae33cc94b3191276d1541b945178cb5ed544ea5e0cfaf4985

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://winteriscoming.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 8D46 		374 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F&PublisherDomain=https%3A%2F%2Fwinteriscoming.net
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
8cd7f3f78ff32d8dd32cf8509f3215fa6983d498a3b0a0f05b3a15f17aef35b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winteriscoming.net
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
44
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
374
expires
0
/
ghb1.adtelligent.com/v2/auction/ Frame 8D46 		121 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
c9fe582c048b7a576086527855a4c9f69f67bde91e260c1c8f81d7629a6e58a7

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://winteriscoming.net
Date
Thu, 13 May 2021 16:53:09 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
121
Content-Type
application/json; charset=UTF-8
arj
spot-im-d.openx.net/w/1.0/ Frame 8D46 		172 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b4313994-9941-4b45-8cc4-8143d6c4e5b2%2Cb4313994-9941-4b45-8cc4-8143d6c4e5b2%2Cb4313994-9941-4b45-8cc4-8143d6c4e5b2&nocache=1620924790104&pubcid=c837d802-220c-4c87-a0b5-b6300dab47ab&schain=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250&divIds=div-gpt-ad-1569497303950-0%2Cdiv-gpt-ad-1569497303950-0%2Cdiv-gpt-ad-1569497303950-0&auid=540934835%2C541192057%2C543856208
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
b402cd3ea07d70b4268cb9a27afbde7b8b536581b539ffabe80e24c584246f0e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://winteriscoming.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
rtb
trends.revcontent.com/ Frame 8D46 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/rtb?apiKey=b7b594eb3a542d84f1718555eb51303d1083ca46&userId=152441
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-79-244.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
d9b968d0b23b154fe4359f798a2fee52293f77f928856866c523118b438e788e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:10 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
content-length
5005
content-type
application/json
hb
ice.360yield.com/ Frame 8D46 		95 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22436faf80cb79aff%22%2C%22version%22%3A%227.3.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22270443%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c837d802-220c-4c87-a0b5-b6300dab47ab%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240be64b1ef6f446%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22360432%2C%22tid%22%3A%22b4313994-9941-4b45-8cc4-8143d6c4e5b2%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.115.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0e29fa7dfba462a25016d38272ccaf4f46074430079fc3ebb7909ce6de2d81e9

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:10 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame 8D46 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame AA87 		19 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.zetarail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid
ec917e08-7c60-4cda-83b1-4585f58809da
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://p.zetarail.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame AA87 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22&cb=57953269212
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.zetarail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.zetarail.com
date
Thu, 13 May 2021 16:53:09 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ Frame AA87 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.zetarail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://p.zetarail.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
hb
ice.360yield.com/ Frame AA87 		95 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22159c570d441cfc2%22%2C%22version%22%3A%226.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwinteriscoming.net%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22145d592c94a32ef%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22386767%2C%22tid%22%3A%2213630040fdabb08%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.115.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
932e0748d149e7c695e4a175d2a31f7e000f44bfd86bf48ddb1f5a30b22d95bc

Request headers

Referer
https://p.zetarail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://p.zetarail.com
date
Thu, 13 May 2021 16:53:10 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AA87 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.zetarail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.zetarail.com
date
Thu, 13 May 2021 16:53:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ixmatch.html
js-sec.indexww.com/um/ Frame DF8B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://winteriscoming.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Thu, 13 May 2021 16:53:10 GMT
Content-Length
1151
Connection
keep-alive
tap.php
pixel.rubiconproject.com/ Frame 33EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIu7Ge-ZFhIrJ1PM9sg3im4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIu7Ge-ZFhIrJ1PM9sg3im4&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIu7Ge-ZFhIrJ1PM9sg3im4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 33EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 33EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/FHoyV0VXrYOZR6FpBXiPqA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3418583757419626257
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3418583757419626257
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Thu, 13 May 2021 16:53:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3418583757419626257
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 33EF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Thu, 13 May 2021 16:53:03 GMT
Server
MT3 3736 915c305 master zrh-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 13 May 2021 16:53:02 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 33EF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 33EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ONFJPM1gtWS1NSDk=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ONFJPM1gtWS1NSDk=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ONFJPM1gtWS1NSDk=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 33EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KON4RO3X-Y-MH9&sigv=1&esig=2~37c885eda60e12003b030d259fae2230c7ef930b
0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KON4RO3X-Y-MH9&sigv=1&esig=2~37c885eda60e12003b030d259fae2230c7ef930b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:10 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KON4RO3X-Y-MH9&sigv=1&esig=2~37c885eda60e12003b030d259fae2230c7ef930b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 33EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU2YTUyZGE0MzQ5NDE1YThkYTQ2NGQyZGFkODIxMWIyNTNjMDUzOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU2YTUyZGE0MzQ5NDE1YThkYTQ2NGQyZGFkODIxMWIyNTNjMDUzOQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU2YTUyZGE0MzQ5NDE1YThkYTQ2NGQyZGFkODIxMWIyNTNjMDUzOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame FA8F 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://p.zetarail.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3685782002405673524
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p.zetarail.com/

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Fri, 13 May 2022 16:53:10 GMT
Date
Thu, 13 May 2021 16:53:10 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 323B 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1620924790168
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1620924790168
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p.zetarail.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p.zetarail.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E2D9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e115c0b89e6e5eb11382795d8ba12de05953919b443c1bc6b61704098a168d8

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJ1ZdXGi6oNe0-NUBhOx.gAA; CMPS=3226; CMPRO=1121; CMST=YJ1ZdWCdWXUA; CMRUM3=69609d597505a00&27609d59750b40&98609d597527608f754e76-7439-49b6-a3b3-a3ede7f517b1&49609d597505a0&f1609d597505a0&be609d597505a0&e6609d59752760&2d609d59752760CAESEBmQT3lDmjrHy0O6406iwoc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|206|3|88|221|156|188|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1668
Expires
Thu, 13 May 2021 16:53:10 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ1ZdXGi6oNe0-NUBhOx.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 May 2022 16:53:10 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 11 Aug 2021 16:53:10 GMT CMPRO=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 11 Aug 2021 16:53:10 GMT CMST=YJ1ZdWCdWXYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 14 May 2021 16:53:10 GMT CMRUM3=e6609d59752760&ce609d597605a0&03609d597605a0&49609d597505a0&bc609d597605a00&be609d597505a0&f1609d597505a0&69609d597505a00&27609d59750b40&2d609d59752760CAESEBmQT3lDmjrHy0O6406iwoc&2e609d597605a0&dd609d59762760&98609d597527608f754e76-7439-49b6-a3b3-a3ede7f517b1&58609d597605a0&9c609d597605a00&40609d597605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 May 2022 16:53:10 GMT
306998
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/306998?VPI=MP4&content_page_url=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&cb=924790185&player_width=400&player_height=300&ip_addr=144.76.109.30&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000286
X-SpotX-Timing-SpotMarket
0.006251
X-SpotX-Timing-Page-Mux
0.001604
X-SpotX-Timing-Page-Require
0.000313
X-fe
110
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
Content-Length
77
X-SpotX-Timing-Page
0.014447
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000294
Last-Modified
Thu, 13 May 2021 16:53:10 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006251
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://winteriscoming.net
X-SpotX-Timing-Page-Misc
0.005666
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
video-ads.rubiconproject.com/video/17184/260262/1289098/204/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/17184/260262/1289098/204/vast.xml?tg_c.language=en&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
2cd142f5b707b5c4587893969b7d1814dfd07ebd41ad90889cba143d3878c3b2

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://winteriscoming.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
956
Expires
Thu, 13 May 2021 16:53:10 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=17184&site_id=363542&zone_id=1972978&size_id=201&tg_c.language=en&width=400&height=300&gdpr=1&gdpr_consent=&rp_schain=1.0,1!spotim.market,pub_yXO4Yd5V1rhJ,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.190.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=winteriscoming.net&rs=winteriscoming.net&sid=24334&t=1620924789&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1620924789034-974133586802-007324-009-003325&cha=0.7&cb=44457927675&cd4=585de4e1-8732-4b02-a425-64571302eb9a&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd1=sp_ZmrvuyvQ&cd2=Desktop&cd3=pitc&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f832df0df2cb9218e72fe35&e=request&cb=1620924790186&asid=5ff322342d4919083a16bde2%2C5e85d2f0d23d91608a46c4c2%2C6028cfd26fcf442a2b297962%2C5fb5756e6a973179765f33c3%2C606ad3fbab545d54873de6d4%2C608f958921f08368ca76dc2d&ofpr=%2C%2C%2C4.98%2C5.5%2C3.8&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/233979/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233979/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://winteriscoming.net
pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
X-SpotX-Timing-Transform
0.000419
X-SpotX-Timing-SpotMarket
0.006929
X-SpotX-Timing-Page-Mux
0.003060
X-SpotX-Timing-Page-Require
0.000456
X-fe
128
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.025666
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000514
Last-Modified
Thu, 13 May 2021 16:53:10 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006929
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://winteriscoming.net
X-SpotX-Timing-Page-Misc
0.014254
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221201d0f49ff4823%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22sid%22%3A%22pub_yXO4Yd5V1rhJ%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22138afa64281c922%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22sid%22%3A%22400x300%22%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0587a1a243d44683752ba7c2381ce5a82dd37fd65301d74498fd6fb04a6b56d0

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Thu, 13 May 2021 16:53:10 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zKH1inw5ZWZsSU9nbmFyNUpndkZ5aC9lQkI0eVRaeVBLZjNIa0F4QVZPNWRXNzdNZlVhSmM4Vys1Q0lGVzkvZFBiVUdJQUpsMnZFblFWTzZpMURqNk1RTkhVdHNwbWc0ZlcvSzhubUgwN1lLKzJFKzg4S01qQlI2bVhiRVk4cnNBK0dYaUkyaUNZUW1JcmdENFdiaWJCRkpueXQ3ZmcxMVJ6bStldUFjUG05OHBVcllNdFFycis0VElLTFVsbmxJN2RXYlFVQjlvQXFicUdwUFRRR1VDeW9ndUt0b05mZy9NSlJjR3B2c01QTSsyN3pNPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1009
date
Thu, 13 May 2021 16:53:09 GMT
content-encoding
gzip
vary
Accept-Encoding
getuid
secure.adnxs.com/ Frame E2D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame E2D9 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YJ1ZdXGi6oNe0_NUBhOx-gAABGEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame E2D9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 May 2021 16:53:10 GMT

Redirect headers

Date
Thu, 13 May 2021 16:53:03 GMT
Server
MT3 3736 915c305 master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 13 May 2021 16:53:02 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame E2D9 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1620924790.223564,VS0,VE89
x-served-by
cache-hhn4073-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
tpid=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame E2D9
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121?gdpr_consent=&us_privacy=&gdpr=1
49 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.64
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJ1ZdXGi6oNe0-NUBhOx.gAA%261121?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.15.21
content-length
0
expires
0
cookiesync
bttrack.com/pixel/ Frame E2D9 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Thu, 13 May 2021 16:52:33 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
CookieIndex
rtb.adentifi.com/ Frame E2D9 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.163.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
rum
dsum-sec.casalemedia.com/ Frame E2D9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1623516790
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1623516790
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 May 2021 16:53:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:09 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1623516790
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E2D9 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YJ1ZdXGi6oNe0-NUBhOx.gAA%261121?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://winteriscoming.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2135
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 May 2021 17:28:45 GMT
async_usersync
secure.adnxs.com/ Frame FA8F 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 May 2021 16:53:10 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.253:80
AN-X-Request-Uuid
5f85273d-44bf-4093-82e6-a0a0d0a43e8d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
supply
events.browsiprod.com/events/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/supply?p=eb922ffc-2a49-4854-92df-327b62f6beb4
Requested by
Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/sd/apps/middy/middy-desktop-3.6.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.42.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-42-89.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://winteriscoming.net
date
Thu, 13 May 2021 16:53:10 GMT
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=winteriscoming.net&rs=winteriscoming.net&sid=24334&t=1620924789&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1620924789034-974133586802-007324-009-003325&cha=0.7&cb=44457927675&cd4=585de4e1-8732-4b02-a425-64571302eb9a&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd1=sp_ZmrvuyvQ&cd2=Desktop&cd3=pitc&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f832df0df2cb9218e72fe35&e=bid&cb=1620924790246&asid=5e85d2f0d23d91608a46c4c2&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-31032.js
video-ads.rubiconproject.com/video/ Frame 4E7C 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31032.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 16:53:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 09:40:09 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"100d7-5bfd76a7cf040-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19979
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 4E7C 		28 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&account_id=17184&site_id=260262&zone_id=1289098&size_id=204&tg_c.language=en&rp_schain=1.0,1!spotim.market,sp_K16VHJZS,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=400&p_aso.video.ext.ad.h=300&width=400&height=300&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7253682702188047&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31032.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.190.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 16:53:10 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
mut
ghb.adtelligent.com/adunit/ Frame AA87 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.zetarail.com
URL: https://p.zetarail.com/prebidlink/18760/pbm_307825_8200.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.zetarail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.zetarail.com
Date
Thu, 13 May 2021 16:53:10 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=winteriscoming.net&rs=winteriscoming.net&sid=24334&t=1620924789&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1620924789034-974133586802-007324-009-003325&cha=0.7&cb=44457927675&cd4=585de4e1-8732-4b02-a425-64571302eb9a&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd1=sp_ZmrvuyvQ&cd2=Desktop&cd3=pitc&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 May 2021 16:53:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v2_270443_5178.json
player.spotim.market/prebidlink/2701541/ Frame 8D46 		28 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/2701541/v2_270443_5178.json?cb=winteriscoming.net
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/wrapper_hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8ca0098632edd2d40f3d58a5f93dc6f9463a1621b4dcf000ee5878cf5deeb22e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:11 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 15:39:19 GMT
server
nginx
etag
W/"609d4827-6e4e"
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
expires
Thu, 13 May 2021 17:53:11 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
multitracking
hb.spotim.market/adunit/ Frame 8D46 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/wrapper_hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://winteriscoming.net
Date
Thu, 13 May 2021 16:53:11 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
/
go1.aniview.com/api/adserver/tag/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_ZmrvuyvQ&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_yXO4Yd5V1rhJ%2C1%2C%2C%2C&AV_CDIM4=585de4e1-8732-4b02-a425-64571302eb9a&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f832df0df2cb9218e72fe35&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=winteriscoming.net&AV_DADPOS=3&v=6.1.1.243&avtoken=789035&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1620924791813
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dc689653bfefa6bf3ac46d9a2fc980537dc922f4e052252dace85e0edbe8699e

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:11 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://winteriscoming.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 02 May 2021 03:06:31 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8D46 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:12 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 10:39:22 GMT
server
nginx
etag
W/"60990d5a-14816"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 May 2021 16:53:12 GMT
syncframe
gum.criteo.com/ Frame 1CE2 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=winteriscoming.net&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=winteriscoming.net&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://winteriscoming.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://winteriscoming.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1560
set-cookie
uid=10075f1f-cb60-46bc-b068-13b68ffe38db; expires=Fri, 13 May 2022 16:53:11 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 13 May 2021 16:53:11 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8D46 		82 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 16:53:12 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 10:39:22 GMT
server
nginx
etag
W/"60990d5a-14816"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 May 2021 16:53:12 GMT
692.json
id5-sync.com/g/v2/ Frame 8D46 		213 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
70db7637fe76a02ad71f62317ee4c7b4683f46eedd290990ddfdfc682ed39aaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://winteriscoming.net
Date
Thu, 13 May 2021 16:53:12 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 8D46 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1432
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 May 2021 16:53:13 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://winteriscoming.net
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame 8D46 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6df9fa5a0443c24d0ac1fca9e215d5134309af4b0bf1befeda4b3c59a1145e5d

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 May 2021 16:53:13 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winteriscoming.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 12 Jun 2021 16:53:13 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=winteriscoming.net&rs=winteriscoming.net&sid=85893&t=1620924791&cip=144.76.109.30&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1620924791864-920849025802-007720-013-005689&cha=0.7&cb=89800939127&cd4=585de4e1-8732-4b02-a425-64571302eb9a&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd1=sp_ZmrvuyvQ&cd2=Desktop&cd3=pitc&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.129.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 May 2021 16:53:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixels
pix.spot.im/api/v1/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_ZmrvuyvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winteriscoming.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
c142c473c4
bam-cell.nr-data.net/events/1/ Frame 6663 		24 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/c142c473c4?a=6096085&v=1208.49599aa&to=Y1ABYhEAD0JWVhFRDloaNFMBNRNQWUYEWxVdWg0ZJgwDVFN2ClYVRloPWgYTTnRaVwBc&rst=12228&ck=1&ref=https://omny.fm/shows/take-the-black-podcast/playlists/podcast/embed
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 13 May 2021 16:53:18 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://omny.fm
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
64ed66f89b194ac3-FRA
Content-Length
24
cf-request-id
0a083eaf5b00004ac32ea31000000001

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| apstag function| __tcfapi function| __uspapi function| displaySellInfoLink function| displayCaModal function| isTcfLoaded function| loadTcf function| showAds function| addGdprNavLinks object| _wpemojiSettings object| mm_video_data object| fs_detect object| siteData function| $ function| jQuery function| iFrameResize object| dataLayer object| googletag object| fs_ad_slots object| riddleAPI object| twemoji object| wp boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| _comscore object| s1 function| fsLongformScroll object| jQuery112405210916620957979 object| evtPreviewData object| disqusData function| ignoreerror function| lazyLoadInit function| siteSidebarMatchMainHeight function| fsTouchDetect function| fsUuid function| fsGetCookie function| sendDataToOneTrust function| setEuConsentCookie function| checkAdVisibility function| lazyLoadAd function| requestTick function| requestPinnedTick function| empty function| hidePinnedAd function| refreshPinnedAd function| showPinnedAd function| moveHeaderAdToTop function| attachGPTEvent function| breakingNewsDetect function| load_mosaic_slider function| loadHotStoriesSlider function| loadVideoSlider function| debounce function| throttle function| getSectionPos function| setMenuSelect boolean| DEBUG_MODE object| adVars function| disqus_config object| $nav function| resizeSetAppMenu function| scrollSetAppMenu object| Stickyfill string| ispage object| infiniteScrollInitialData object| ua_result object| revcontent function| dspCriteoRTUSCallback function| renderRCWidget string| siteName object| _sp_ object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR object| __OW_CONFIG__ object| webpackChunk_spotim_launcher string| OW_AD_UNIT_TYPE object| __OPEN_WEB__ string| __SPOTIM_PAGE_VIEW_ID__ object| regeneratorRuntime object| __SPOTIM__ object| webpackChunkads object| process boolean| __OW_STANDALONE_SCRIPT_RUN__ object| __OW_ASYNC_CALL_POST_IDS__ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| udm_ object| ns_p object| COMSCORE object| __twttrll object| twttr object| __twttr function| admiral function| 4dm1r11545242527 object| browsitag string| browsi_bootstrap_loaded object| _middyo function| __tcfapiui object| __OW_AD_OPS_CONFIG__ function| __SPOTIM_DISABLE_ADS__ string| $$SPOTIM_VID$$ string| $$SPOTIM_BID$$ object| SPOTIM function| owActionQueue object| adblockDetector function| avPlayer object| storageAni

66 Cookies

Domain/Path Name / Value
.spotim.market/ Name: a271858
Value: 3685782002405673524
.spotim.market/ Name: vmuid
Value: 262be029e212b68e
.spotim.market/ Name: a281178
Value: 1B129891-F9CA-479A-8537-0ED2EF02ECA5
.spotim.market/ Name: a301276
Value: b1490eb8-b40b-11eb-a195-1860f0710506
.tribalfusion.com/ Name: ANON_ID
Value: a7nseFwyEojpuMNpbIFwkjZdGZbhuui7QlCr1tPcjUCCZcVBCUWbrIS0fskHBjO6Ina5JpV322YZcARibE0lkhlZd
.rubiconproject.com/ Name: vis201
Value: 363542^1
.rubiconproject.com/ Name: ses201
Value:
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUfJM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV//AbqBkxQPOEClmbteZ8c4
.rubiconproject.com/ Name: khaos
Value: KON4RO3X-Y-MH9
.aniview.com/ Name: 2_C_42
Value: YJ1ZdXGi6oNe0-NUBhOx.gAA&1121
.casalemedia.com/ Name: CMRUM3
Value: 69609d597505a00&27609d59750b40&98609d597527608f754e76-7439-49b6-a3b3-a3ede7f517b1&49609d597505a0&f1609d597505a0&be609d597505a0&e6609d59752760&2d609d59752760CAESEBmQT3lDmjrHy0O6406iwoc
winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister Name: isMobile
Value: false
.casalemedia.com/ Name: CMST
Value: YJ1ZdWCdWXUA
sync.aniview.com/ Name: 2_C_42
Value: YJ1ZdXGi6oNe0-NUBhOx.gAA&1121
.casalemedia.com/ Name: CMPS
Value: 3226
sync.aniview.com/ Name: 2_C_2
Value: b1490eb8-b40b-11eb-a195-1860f0710506
.casalemedia.com/ Name: CMID
Value: YJ1ZdXGi6oNe0-NUBhOx.gAA
.adtelligent.com/ Name: a323548
Value: 3685782002405673524
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: PugT
Value: 1620924788
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-db5b6833-2104-45e0-9dfc-1eece6cf9f6e
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003&KRTB&17107-RX-3cb4a9b8-6cf9-4ba4-9bc5-b5e0e8e136bf-003
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.rubiconproject.com/ Name: vis204
Value: 260262^1
sync.aniview.com/ Name: 2_C_55
Value: 3685782002405673524
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7149985847909831442
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY&KRTB&22979-IDYihyM_LNY7NCzScz422nIxKtE7MCjTdT6b1fBY
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YJ1ZdQAA17W3WwBg&KRTB&23194-YJ1ZdQAA17W3WwBg&KRTB&23209-YJ1ZdQAA17W3WwBg&KRTB&23244-YJ1ZdQAA17W3WwBg
.aniview.com/ Name: aniC
Value: 1620924789034-974133586802-007324-009-003325
.rubiconproject.com/ Name: ses204
Value:
.winteriscoming.net/ Name: spotim_visitId
Value: {%22visitId%22:%2210d83659-9dbe-4401-9b80-2deecaadbd3b%22%2C%22creationDate%22:%222021-05-13T16:53:07.626Z%22%2C%22duration%22:0}
.adtelligent.com/ Name: a309017
Value: no-consent
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-4P15e8GnslR3B0ZtSfibWzO1
.aniview.com/ Name: 2_C_55
Value: 3685782002405673524
.adtelligent.com/ Name: vmuid
Value: 59f64aa0590608ce
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_2883f239-1595-4371-9fec-6811b9fe3d69
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0kBFKpJ36Vve99qzxPzGzoY2ahiEyvI7rk6PaYIBv1/JUo/N8VX/Rx2HGSCUrhpGjgcRgjl6EitUxkBIWMWoVW3OlDu/ORdD8=
winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister Name: isTablet
Value: false
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7135139224381836002&KRTB&23263-7135139224381836002
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1622073600%3A55_21_189_176_220_234_230_71_231_7_22_8_166_88_13_81_56_3_165_204_99_161_54%7C1621468800%3A67_15_2_223%7C1623456000%3A203%7C1622160000%3A35%7C1621728000%3A63
winteriscoming.net/ Name: __browsiSessionID
Value: 8e37277b-e943-4594-b045-838f36d0eb12&false&false&DEFAULT&de&desktop-3.6.2&false
.pubmatic.com/ Name: DPSync3
Value: 1622073600%3A201_227_226_221
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-375508ba-2d30-473d-9651-eafacb183e46&KRTB&22918-375508ba-2d30-473d-9651-eafacb183e46&KRTB&23031-375508ba-2d30-473d-9651-eafacb183e46
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6961818958032664718
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&16736-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23019-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3&KRTB&23114-uid:6fa8609d-5974-4200-a8ac-b74d7eb7dfb3
.omny.fm/ Name: _gid
Value: GA1.2.1084093302.1620924788
.pubmatic.com/ Name: PUBMDCID
Value: 3
.casalemedia.com/ Name: CMPRO
Value: 1121
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3685782002405673524
winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister Name: countryCode
Value: DE
.ads.pubmatic.com/ Name: KCCH
Value: YES
.omny.fm/ Name: _ga
Value: GA1.2.759600852.1620924788
winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister Name: userDevice
Value: desktop
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&22987-CAESENu-zFqCUeAekIBlSo6W1e0&KRTB&23025-CAESENu-zFqCUeAekIBlSo6W1e0
.spotim.market/ Name: a290146
Value: y-S5ymd5NE2uH9czYYwMKx0oA.N9CL1xZB~A~UPb1419ff6-b40b-11eb-aac2-06eef5fa6fd2
.pubmatic.com/ Name: SPugT
Value: 1620924788
www.riddle.com/ Name: sid
Value: 6f19212421df7bdef3e985d33311a9ae
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8527752969132549622
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1B129891-F9CA-479A-8537-0ED2EF02ECA5
.omny.fm/ Name: _gat
Value: 1
winteriscoming.net/ Name: __browsiUID
Value: 0169b3f2-0765-4bf3-9407-b78fa0fe8744
winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister Name: stateCode
Value: HE
.bidr.io/ Name: bito
Value: AAA9RE7BOrMAACumbfbSxw
.aniview.com/ Name: 2_C_2
Value: b1490eb8-b40b-11eb-a195-1860f0710506
winteriscoming.net/2021/04/12/which-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister Name: cityCode
Value: FRANKFURT

9 Console Messages

Source Level URL
Text
console-api warning URL: https://www.riddle.com/assets/js/lib/angular.min.js(Line 119)
Message:
This browser does not support Web Storage!
console-api log URL: https://cdn.raygun.io/raygun4js/raygun.min.js(Line 5)
Message:
Omny embed: PlayerJS receiver ready
console-api log URL: https://cdn.raygun.io/raygun4js/raygun.min.js(Line 5)
Message:
No AdProvider for type "Triton"
console-api debug URL: https://assets.omny.fm/bundles/embed-5007945400.js(Line 1)
Message:
Could not find ad provider for "Triton". No pre-roll ad will be displayed.
console-api log URL: https://cdn.raygun.io/raygun4js/raygun.min.js(Line 5)
Message:
No AdProvider for type "Triton"
console-api debug URL: https://assets.omny.fm/bundles/embed-5007945400.js(Line 1)
Message:
Could not find ad provider for "Triton". No ad will be displayed at 2193998ms
console-api warning URL: https://player.spotim.market/prebidlink/450256/hb_270443_5178.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31032.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&account_id=17184&site_id=260262&zone_id=1289098&size_id=204&tg_c.language=en&rp_schain=1.0,1!spotim.market,sp_K16VHJZS,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=400&p_aso.video.ext.ad.h=300&width=400&height=300&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=450823296639590.9&rp_secure=1
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31032.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&account_id=17184&site_id=260262&zone_id=1289098&size_id=204&tg_c.language=en&rp_schain=1.0,1!spotim.market,sp_K16VHJZS,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwinteriscoming.net%2F2021%2F04%2F12%2Fwhich-game-of-thrones-house-are-you-quiz-stark-targaryen-lannister%2F%3Fa_aid%3D42860%26fbclid%3DPAAaZeptoc7vhre_28TRz7o73u0kxg0YgmUs2k0tuQSuyNKt5rsuwxPkeqERU&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=400&p_aso.video.ext.ad.h=300&width=400&height=300&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7253682702188047&rp_secure=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ajax.googleapis.com
api-2-0.spot.im
api.rlcdn.com
assets.omny.fm
assets.revcontent.com
aud.pubmatic.com
audit-tcfv2.quantcast.mgr.consensu.org
b1h.zemanta.com
bam-cell.nr-data.net
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.fansided.com
cdn.raygun.io
cdn.revcontent.com
cdn.riddle.com
cdn3.optimizely.com
cm.adgrx.com
cm.g.doubleclick.net
csync.loopme.me
d.adroll.com
d3ujids68p6xmq.cloudfront.net
d5p.de17a.com
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
events-collector.spot.im
events.browsiprod.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gammamaximum.com
ghb.adtelligent.com
ghb1.adtelligent.com
go1.aniview.com
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb.spotim.market
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.revcontent.com
images2.minutemediacdn.com
img.revcontent.com
js-agent.newrelic.com
js-sec.indexww.com
launcher.spot.im
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
memorizeneck.com
middycdn-a.akamaihd.net
mug.criteo.com
mwzeom.zeotap.com
native.sharethrough.com
omny.fm
onetag-sys.com
optimized-by.rubiconproject.com
p.zetarail.com
pix.spot.im
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
quantcast.mgr.consensu.org
rtb.adentifi.com
rtb.gumgum.com
rumcdn.geoedge.be
s.adtelligent.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spot-im-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.targeting.unrulymedia.com
syndication.twitter.com
tag.1rx.io
test.quantcast.mgr.consensu.org
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trends.revcontent.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
video-ads.rubiconproject.com
visitor.fiftyt.com
winteriscoming.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.omnycontent.com
www.riddle.com
x.bidswitch.net
yield-manager.browsiprod.com
104.111.230.142
104.154.142.214
104.244.42.8
13.224.103.105
13.224.95.101
13.224.95.85
13.32.6.35
142.250.181.226
142.250.184.194
151.101.114.110
151.101.114.49
151.101.14.217
151.139.128.11
159.65.197.210
162.247.243.146
162.55.6.210
169.197.150.7
169.50.137.190
172.217.23.102
178.250.0.157
178.250.0.163
178.250.2.131
18.156.0.31
18.156.190.73
18.197.99.6
18.208.241.4
18.214.150.11
18.235.163.155
184.25.115.31
185.184.10.30
185.184.8.30
185.255.84.150
185.29.133.208
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.87
185.94.180.124
185.94.180.125
188.165.4.142
192.132.33.46
198.148.27.139
2.16.107.139
2.16.107.155
2.16.107.210
2.16.107.83
2.16.186.17
2.18.232.130
2.18.233.180
2.18.234.21
2001:1bc7::1002
2001:678:cb4:bbbb::11
213.155.156.167
213.174.135.1
213.174.135.2
213.19.147.42
213.19.147.45
213.19.162.51
23.227.137.155
23.45.103.78
23.79.143.124
2600:9000:206e:e400:3:a4cd:8380:93a1
2600:9000:211a:3e00:9:46dc:4700:93a1
2600:9000:214f:a200:17:62f0:2dc0:93a1
2600:9000:2190:3000:4:b37b:9440:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:6a3e
2606:4700:10::6814:6b3e
2606:4700:10::6816:1857
2606:4700:3039::6815:c02e
2606:4700::6812:d05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c08::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:120::211:7bc8
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00::210:ba11
2a02:26f0:6c00::210:ba18
2a02:fa8:8806:12::1370
2a0c:5c81:5139::2
2a0c:5c81:5142::2
3.248.28.111
34.120.133.55
34.254.122.11
34.98.107.212
34.98.64.218
35.158.172.137
35.190.48.184
35.201.96.126
35.201.98.64
35.210.53.219
35.244.174.68
37.157.2.238
37.252.172.37
37.252.173.38
51.89.21.30
51.89.9.253
52.19.106.86
52.28.203.152
52.94.232.32
54.156.129.176
54.184.42.89
54.194.226.253
54.234.118.98
54.234.240.118
54.72.188.165
54.93.115.47
62.149.0.72
64.202.112.159
66.155.71.25
69.173.144.139
72.251.241.206
76.223.111.131
77.243.60.138
8.43.72.98
85.114.159.93
99.81.79.244
99.86.242.100
99.86.245.196
009c759eceed7d2c4b89920e59b501e3794b281c12b40dcc960851daa848e15e
010db7d01d00dbae12550ed882000b32fcce25934a8ee2d5d9b95d61ae7cc92d
0247ea31301c2ab60feb2588244ba025b64b5f93160ba023a692cee10b79bd04
0587a1a243d44683752ba7c2381ce5a82dd37fd65301d74498fd6fb04a6b56d0
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
05e2ce59f4eef992c52196874711db42c6e891282054b72e533225ce303a1b32
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077860ef5bf21cc8ffb37d78bdc0513a7df152e1d0d221b64e2e110090e744e8
07b8af617db841e5e0496e80ed0ec520f6d29700f0ed86929a206d6ba1b5f343
08951789f92f22742ad8179896b1ea81511c43d77d4fc048b3776a16fa6e7105
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be
0b409fda772c3b5ef8259b9d8cc7caab9d2a85d0d40b6e72bb2552b4c26e0f4e
0b7ecf290440d368a28fc0f040065a0258fc73f6b263fd9c82a7d5652193bf18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0df746adb7b920bb59febfde208313594acfdfd0843a4a794b51b745ab43be92
0e29fa7dfba462a25016d38272ccaf4f46074430079fc3ebb7909ce6de2d81e9
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebe4c3492473460e2cd9d1f71c2722e31282f4b89fcf0319310d65f39d6fa65
0f2d9f92453e353ebda2b55eec2ce174f12111820920debab00f156d1297d629
0fa36edac7fbc502bda4a061867d21b396815ce727109f97625aa71d6a932586
120358186432591c0e04921b3e25c355bb3262969a66382b51b7361158398404
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
150112b1716556aa87026b2bfeb405b98e02597682e8bcd642f0e5197e998707
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a0ac6f42136b391b9da86da972b414d0963967c31737e2b173641c1273b9cd7
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1d4ee68a4b4d3d329089adf12dc360b975f7d6cc57f0a051365f651a4e34643c
1f7f6b5d4c2aa3e8f3a326ba7383d14991eeee28e82ad79ec9d845a8cfad90bd
2048b69d21dd2112d872eefdab41dd78a47109d79461f7359a673327291d5d3d
210727fe39e1bb52bbfece9c74ff8670b73f1ad4fa81ba782a21da8b70fce905
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5
22ac7ccc3bcfb226b1219334a20053d313ea8ab679ab5f7834c0594ef690914b
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
29aeb6bc3a004338b09faab998fd1e973b386802b1204fff3961b2d12d6be27e
29d2b25fa85905bb005ef172e8cc97f6f6276c55a266ae9c89c98e0d8e98cd04
2a571ed6f812ebbd6147e9943c18080da219219ade8862d012e321e68585c81e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd142f5b707b5c4587893969b7d1814dfd07ebd41ad90889cba143d3878c3b2
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e54f982fc5fa8eb842fb3a7bc648e21e1fee5c7e82a215f845d5a8afe541b6f
2ed5eafcdeab063370d4f5a420608633bfe79c0897e39a092c541cba22895ae3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ffa8379bb36a946af8a6583a802ad5a74683a0aa01994f051edfd863b434d88
30421e006b68d71bc0bcb0619c519e44a0a218d0b0e748bb7af7355914365ddb
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141
342a7d56c7ac2c581ab014436362c9bf07efcd0aef18fbd411ebfa36dc10a2a7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
35053148e333510eb3716655bea0249abcb614260d10b70b1ba81d1d44d77900
36a9e03d1116cc94b5ec602a5737992734dd845d831a91349e975c610f132307
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
380438fbfce6f2930e3deb99dbadfeee4eca7bfa3f09a6cc8a2250af90df13f7
383d6f603601e98c1d41d226897126aedf52bf2ee6ca3e1f4425b9186441f1af
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6c775069eb7d0df59730bad968e32ed1e4f5f968c56259f09f882ed22c4920
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
42213451aa623fd3aece028309ec6a7297ba1c8ed5b321118a451d8c6cf836e0
447a6c6e30f0a5e502248effde8e143948e1bb084646edc30761bb5b316ff9f7
449575f5659f0f21299e1582a4d6d9352af51c137f3a6586625fa6f2159777a4
454694d534e0c78f2903288b2850091bee9d3b1d8bc6e6e5b0081670d76a5d72
47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2
47d2309144476c3a4e956019c4a0e7f70f00ff3bda5e8afd4b1916d2052f7366
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e42ea86f89e5cfc82043f292ddceeecabb0109d0aa068f7ab8b2eca128a76b
4ac3464fe96c2ff843d29b063829627ff89a598185d169c4506c5d05b0949f1c
4d9ebbca5a5e9ba28cf277632a4e27c3334a255ca46a42b4abf3f116a2d56403
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edd9e9f4bbab1c9c4bd2174e3b44e81fe9f3acc328d533524393e72ca5345de
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fcf2b8d7d89b5b04715acc90824dd9288943e8287ddc68a15a0a6caf0ebd894
5256842d8a79f8324d30e91706743f6f8e8346754b9aaba36262440a06b5c06f
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53dd1e0500d8c43a4a79e8ee638f4b5a100d88da17ebfa8c6d7c10ff320c1b38
5591ede83d1f0abe213a680bec0de9abff316625ff666c88d2f89ca36be2542d
57897e7f83eaaa14132d1d33cb25970c3e5af6d4833acae868e2b4a204b63128
59f8d5a25924ec3010749debd4f4b6604639b151429dd4e0fc547b59a06bdcb7
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
5d70547ab2a0d9b1447b5542762fb2e408e7b88c067ff23da9e19866c964dc72
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
607991f891db3c5fe48ebfcc8cc10a00c16452aaf5587951023b2441adc3d70b
61980b41e975afb196b47af054d5bf6f25da4959c5af53c811d193e672d9b2f7
64f461d1a9f6c520fa8119c1ddca40ef86931ab882cc19c71bdef84885c6cc37
6556109b1920a3d7bf965c491c18a213ebf2b025cf281b94b43e637d55d7f386
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6664b1b1e3b7d5d19c85b63e90fad0f50167a35982ebf1817ac057e366e80cf4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67902d0eff4e6841fff7a38d9dba092e0f772e741b6c02ba44906d663c8c37ac
67df28796000ae955dd87b48fa364a710d89918d505ce765aa6f31456d63445e
69c04b224da0b06518a50f1adba8bfeb60f0e0a43ff923088b11d9b0d126a4cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6df9fa5a0443c24d0ac1fca9e215d5134309af4b0bf1befeda4b3c59a1145e5d
6f79251795bee966eabc621ed72551e7884ca501284ea757d496df7c0a738722
6fccbb11d8c4f7eae33cc94b3191276d1541b945178cb5ed544ea5e0cfaf4985
703dea5e30d2a5764e9a159528a9bbe9321248a3a7b2201edb5ab47707cbdf9e
70db7637fe76a02ad71f62317ee4c7b4683f46eedd290990ddfdfc682ed39aaa
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
731750962638c2fa8bbfad5b82064746e54ecf4a7e8fcc8e22cf825ee4e89ad9
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
76ce06d3330674a88584db7d73e3164ac72964360d95502027091add0e00dce7
786ed2768dc7c5b4f42d80f32f9391164c167fd4baa52f618412cb1821ebb87e
78944ddc802cff3d466c7f6df8beb7fa1b26b00e8a4873b5af628c60f8feb7a9
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e0b76ba656a23249e979a497eabbf0df7059dd291e68458d129a21d826c7f54
7e115c0b89e6e5eb11382795d8ba12de05953919b443c1bc6b61704098a168d8
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80c9f927f7a5659bdf1e321fcebb9fa0bd3bb2a29894928f12570cd639c3b946
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
82d83c408a0e00c7fa6789bdc95e0032137f6766cc128c8aab981b4dd2cb399b
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855a5c9a8e65aee9bdebe4ca751bceaa7c1dfb2e853567c4c98e790b2162e484
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8a40e45d9fe1f9a25876629eaf1d0a953dc5cc071db088589d9b00b50a24a77e
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8c6ff364fe17d53e4933cb59322cd144f11be650088337e1a2f18efbc5f740e9
8c939f8edc776de7d55fa9c360e8d19a99e5f6d9553c26c9d16aa0abf739ddb8
8ca0098632edd2d40f3d58a5f93dc6f9463a1621b4dcf000ee5878cf5deeb22e
8ccc8dbfbc617fe6da1ac19caf5c5e88890bdc44b0cc7851a4287590765666b1
8cd7f3f78ff32d8dd32cf8509f3215fa6983d498a3b0a0f05b3a15f17aef35b9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
932e0748d149e7c695e4a175d2a31f7e000f44bfd86bf48ddb1f5a30b22d95bc
9834bf819b476da3427abb68b3518eed5eb82ced0e324d0317f19f194ffe4c9e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a168b5bcc2cbef69ae7f7a0a2278afe01397c072fb328fb9e2e516237edeb3bf
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3d57490a237e750d92a0e3fcaf0e52f398aa3b0e35701dcce709eef1435fe17
a482d2f55898d0ef08eb04f002cd4a5a73118892286c713858110a0042365231
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a
adda655c3a8cc36748679a0e92f5342e91aef91261fc6d2f3d007bc2e4f92cdc
aeaf96b33b73b169c1c0633e6a86bd7b3ff634b2f2ac6bdd36c3f5c11e81c99a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2
b31bdf25764a12a6f6b9a0af7c2e405414a8bf1c3212883f800d41620be0bcc1
b402cd3ea07d70b4268cb9a27afbde7b8b536581b539ffabe80e24c584246f0e
b68c9d1cd9f95c384f80510e0b22a3560121d0f97a95a1cd8f00fb1df502aba3
b8b13e33b045cdbc031d5e22906a3d9219e563082a55f982f733267fd71d0985
b8ed5b9a1b3af80ad20de85350e9b9ad53c8307f58d8cd5be06c11dcf87999ca
ba5a1c1a1407bc114fbacdc2c547d0a34fdd671fd545b0c51c4a596104fe4a09
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bde2523e87c632b0cea672cc3f2814cea89fbcec95bcfd2c5922aeffa8893644
c065073d48a6bff3d1775b1dbf0036ae2a026bb2390ed2c570adf6f0d004d36c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5347b5aca992b428746d95d42a861d018c6d3bbd269abe1122584fe2394728a
c5f9c5c7d2673f760dcd7cc3d67b021d8c628d4097c4a1b27e871ce2d1560ea3
c625a53adde29d216b53ec8253e9087c78a79468d955690a6e1aa8932f4d3186
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9fe582c048b7a576086527855a4c9f69f67bde91e260c1c8f81d7629a6e58a7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac9ca1d702b834da088656a85e83c599af4b71852a8b28d17d7ebdf362fd177
caf7ca3470d5db20ff3526cf8782425ba251dc7dd2857e491245b6d2561ab838
cb7edeb0a4ccf589a08cad9102cbba6d0438311ece53b3a9a166ab52fa968a0f
ced502ac5573ccd197c3f0b1019323a5bc79954b290499a15bbb08b2854ad6f8
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d39f9fa24f855a7884fa9a70885b026963f845ead2e47576e8d0101eb78dac39
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
d4ec213372e68dac893b5e32b3a9f275e4f74d69837e929ec1bca220106bfb08
d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec
d850554475a4336419ae7485d6381151d076a6db032975f193197af9fc775af2
d9b968d0b23b154fe4359f798a2fee52293f77f928856866c523118b438e788e
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc689653bfefa6bf3ac46d9a2fc980537dc922f4e052252dace85e0edbe8699e
dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e175230f4b01fe10db90b19b9893d3ee21f6cca46da1aca166983aff7ff6fc7d
e23e5cf4a79f944047830e837941be9f23d03550d1dc699c3c4554ae98b4b5b4
e3139ada76ff9b4907268ae944a8617102cd8727eade25bda06983551a20a648
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ade9a6c48ba9bee1abc9e6fed3bd1a48072c59e401cc9cb78528354390f628
e9a0e0b134f1411b7b143bcdad9da50fc38b1ac3b9bc57b029ebbc9932e05183
ec7082421f8ee31bd6682341fd8b812c369c40e55fc33337f8e1059865e3607b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681
f4594634ae49556e011269584ce065f26b63e7c67f7182a980ab6ac8916ff2f3
f467df29d6bb3a418a7b898a490ff91a062e2e9e4e0ff17c84f9c75169869223
f61929a6118b8e6aaa0431b8d6677a0818f385e434d2acff9edacec5238617e6
f67c9fc7ad0558c58898685bd853127c9a0e975fea5ab9bae88071157c7c440d
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6c474e894dd8f9ddcb9417e7e09a34092aa6179ab49903ad6ee16a12f7223a9
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c
f82705a09505698ee1bf7da5dbd25e8a5508ace8c4e2abb5210a5d16bf5f2b64
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc