winternode.com Open in urlscan Pro
172.67.208.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winternode.com/
Effective URL:
https://winternode.com/
Submission: On June 23 via api (June 23rd 2024, 4:33:05 am UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 52 HTTP transactions. The main IP is 172.67.208.177, located in United States and belongs to CLOUDFLARENET, US. The main domain is winternode.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 20th 2024. Valid for: a year.

This is the only time winternode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	172.67.208.177 172.67.208.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2400:52e0:1a0... 2400:52e0:1a00::1029:1	200325 (BUNNYCDN) (BUNNYCDN)
12	104.18.28.104 104.18.28.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.223.216 172.67.223.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:46d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	4.153.72.49 4.153.72.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:235... 2600:9000:2359:3200:15:c281:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1e0... 2400:52e0:1e00::1079:1	60068 (CDN77 _) (CDN77 _)
1	2606:4700:20:... 2606:4700:20::681a:5c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	18

13 172.67.208.177 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

winternode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1a00::1029:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

static.senja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
senja-assets.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.28.104 (None, )

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.223.216 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.winterno.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:46d0 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.senja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.153.72.49 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:3200:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

ik.imagekit.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1079:1 (Germany)

ASN60068 (CDN77 _, GB)

senjaio.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5c4 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.senja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	winternode.com 1 redirects winternode.com	371 KB
12	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 24919 image.crisp.chat — Cisco Umbrella Rank: 83237	148 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 c.clarity.ms — Cisco Umbrella Rank: 1434 i.clarity.ms — Cisco Umbrella Rank: 18771	30 KB
5	senja.io static.senja.io — Cisco Umbrella Rank: 266647 widget.senja.io — Cisco Umbrella Rank: 198615 analytics.senja.io — Cisco Umbrella Rank: 398006	62 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 361 c.bing.com — Cisco Umbrella Rank: 224	16 KB
3	b-cdn.net senja-assets.b-cdn.net — Cisco Umbrella Rank: 365846 senjaio.b-cdn.net — Cisco Umbrella Rank: 364749	94 KB
3	winterno.de analytics.winterno.de	37 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073 cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
1	imagekit.io ik.imagekit.io — Cisco Umbrella Rank: 24398	4 KB
1	gstatic.com fonts.gstatic.com	32 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	858 B
52	12

	Domain	Requested by
13	winternode.com	1 redirects winternode.com
8	client.crisp.chat	winternode.com client.crisp.chat
4	image.crisp.chat
3	i.clarity.ms	www.clarity.ms
3	www.clarity.ms	winternode.com www.clarity.ms bat.bing.com
3	bat.bing.com	analytics.winterno.de bat.bing.com
3	widget.senja.io	static.senja.io
3	analytics.winterno.de	winternode.com analytics.winterno.de
2	c.clarity.ms	1 redirects
2	senja-assets.b-cdn.net	static.senja.io
2	cloudflareinsights.com	static.cloudflareinsights.com
1	analytics.senja.io	senja-assets.b-cdn.net
1	senjaio.b-cdn.net
1	ik.imagekit.io
1	c.bing.com	1 redirects
1	static.senja.io	winternode.com
1	static.cloudflareinsights.com	winternode.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	winternode.com
1	fonts.googleapis.com	winternode.com
52	20

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
discord.com
help.winternode.com
status.winternode.com
clients.winternode.com
gcp.winternode.com
love.winternode.com
hostvenom.com
resources.winternode.com
twitter.com
tiktok.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
winternode.com Cloudflare Inc ECC CA-3	`2024-01-20` - `2024-12-31`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
static.senja.io R10	`2024-06-14` - `2024-09-12`	3 months	crt.sh
crisp.chat E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
winterno.de Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
widget.senja.io E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-11`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.imagekit.io Amazon RSA 2048 M02	`2024-01-23` - `2025-02-19`	a year	crt.sh
senja.io E5	`2024-06-14` - `2024-09-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://winternode.com/
Frame ID: 63DCE176CB04260D8A165E580FC82746
Requests: 52 HTTP requests in this frame

Frame: https://winternode.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: C6F6694F23BF0B0DC5D0B6366BECC679
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazing Game Server Hosting | WinterNode

Page URL History Show full URLs

http://winternode.com/ HTTP 307
https://winternode.com/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

52
Requests

96 %
HTTPS

71 %
IPv6

12
Domains

20
Subdomains

18
IPs

4
Countries

808 kB
Transfer

1970 kB
Size

16
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://discord.com/invite/z2yq28T
Title: Discord icon Join Discord

Search URL Search Domain Scan URL

URL: https://help.winternode.com/
Title: Knowledgebase

Search URL Search Domain Scan URL

URL: https://status.winternode.com/
Title: Status

Search URL Search Domain Scan URL

URL: https://clients.winternode.com/supporttickets.php
Title: Support Tickets

Search URL Search Domain Scan URL

URL: https://clients.winternode.com/
Title: Client Area Manage your services, invoices and support tickets all in one place

Search URL Search Domain Scan URL

URL: https://gcp.winternode.com/
Title: Game Control Panel Login to our powerful control panel to manage your game servers

Search URL Search Domain Scan URL

URL: https://love.winternode.com/
Title: from 255 reviews

Search URL Search Domain Scan URL

URL: https://hostvenom.com/dedicated
Title: Dedicated Servers Bare Metal. Fully dedicated resources. All yours. Buy from our parent brand, HostVenom.

Search URL Search Domain Scan URL

URL: https://clients.winternode.com/submitticket.php?step=2&deptid=3
Title: Talk to Our Team

Search URL Search Domain Scan URL

URL: https://resources.winternode.com/
Title: Resource Stats

Search URL Search Domain Scan URL

URL: https://twitter.com/winternode
Title: X

Search URL Search Domain Scan URL

URL: https://tiktok.com/@winternode
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WinterNode
Title: Facebook icon

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@winternode
Title: YouTube icon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winternode.com/ HTTP 307
https://winternode.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://winternode.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://winternode.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

Request Chain 35

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EBF19C7D42624A79A424663A3EAEF256&RedC=c.clarity.ms&MXFR=0BA4D224B09061E41DD9C683B4906F6E HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EBF19C7D42624A79A424663A3EAEF256&MUID=3A1679EC19E2616A06C06D4B184E609C

52 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
winternode.com/
Redirect Chain

http://winternode.com/
https://winternode.com/

39 KB
13 KB

143ms
80ms

Document
text/html

172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3f266855f21b2352c9648a7b29e940440489bf1293195a757a72739272ffd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400, must-revalidate
cf-cache-status: REVALIDATED
cf-ray: 8981c1e29abf3602-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Jun 2024 04:32:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CewbQw16loJVVV6N7U0eUcpkR%2B4JZ3uUOJui%2FMSalBKaeALLmxeo8iX%2BcXkPUGWgXrUdpwKqOICx%2Bzb86itq3OPNzS%2Bjq45F21tiRHEkEbuMcXdtQOzK9k%2F9oT6YRCLyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Location: https://winternode.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
858 B 136ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Spartan:wght@400;500;600;700;800&display=swap

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e7ec88a40ffbc2e5a22fde33f2b1a1d7b7aa519ecb2fe5a7750416e1474369a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 04:32:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Jun 2024 04:32:59 GMT

GET
H3 200 _gen.min.css
winternode.com/sass/ 18 KB
5 KB 68ms
68ms Stylesheet
text/css 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winternode.com/sass/_gen.min.css

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ebae76003ffe6848c5de09140696c6975f9b7ac1924e52d97c4a239683d7886

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"fe3cb3e25570972ddd0d92c538935eea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5PsbuZUy1G9WmVB%2BXEMB9lAgKgyB3rQh7qFTLE%2F7O57gcJiS%2FukmPYVM%2FKZTwsWQQaSG9GwXnVsRZG44Pp1PYQehvqRPbng5jgodS89m6ML2JPUFnGRD%2B%2F35lNPSfcmwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8981c1e31b3b3602-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hv.png
winternode.com/img/ 94 KB
94 KB 108ms
107ms Image
image/png 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winternode.com/img/hv.png

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

253fdd7df1a6115913d9e672e184f998ef77922e6d6a79f1ed4ea5ce34c81db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 96154
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "5f9c3e0d9aa18a8fd39970d0336fe9ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XN%2Fldu6URmFnRwc02HTLlQqhu2463gaIrVcOPBkRgakm0Ilay6f1ttj3bViEj%2BdXTgYj4TB4TpIKGhgbcDSKWt2cZpB7XQ%2FNYh4Nig9K8KB7iHlQgrZwynwmPxn2rNxoqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8981c1e31b3e3602-FRA

GET
H3 200 mc.png
winternode.com/img/ 135 KB
135 KB 80ms
79ms Image
image/png 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winternode.com/img/mc.png

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac4ed0aca88f5bae3290c808f2b516256e9a74cde92e51595f20e8c70a09f9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 137756
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "1f587248a9c6bee7d1d3c65bd5d1cbcb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cunhGfFq0k5ll2j3IXa5mAxXdVkY01VlqyXQsPFS2zEKtspaegf0l9JYTDCe2MpDZWoxsXAkDZ5bxIkvfuUfhZZWF5Etec2rvH8SJu%2BlyDdLt2a%2But7euudB4tPAgH%2BN8AlVKqbt2DWioyVDCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8981c1e31b403602-FRA

GET
H3 200 game.png
winternode.com/img/ 98 KB
98 KB 95ms
94ms Image
image/png 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winternode.com/img/game.png

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b9235acf31a276e8ae83ee4aa0bfd170d5c5e81db23eb0993b9f8043cfc99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 100152
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "6a43f288201ff5978229dca0637e0405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gntJOWhQ7c%2By0o04SEt%2FcDbvqWjZ093icBrP7caphmBScUaQTGUdVxbxcghm%2FCuacw88U%2Fu3uYiJbvGjnd9idDZUfhCCLkV1Ms0kQcQLM7bQwrW72EthM3eyz4IzuhT8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8981c1e32b533602-FRA

GET
H3 200 payment-methods.png
winternode.com/ 8 KB
8 KB 211ms
211ms Image
image/png 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winternode.com/payment-methods.png

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c0ba1804ff0c9da7af4fb74c02b67aecc8b91f3505fc802a6bce283c069cbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7689
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "c1dbfd927b84c63228d66b862fd6f70f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4xye8fDCC92y3ctmFcLTPvA2Am20oYFd1WTh%2Bx45RONwuvnCXVod6g0AbyYbnVjIVHPqt21OGuYLbSv1EXLssAL8iKOkx0T5xGJ%2Fx%2B8XczlBvBivs9zmmrW0NOwbA1tRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8981c1e32b563602-FRA

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 141ms
50ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42357
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6782
x-served-by: cache-fra-etou8220134-FRA, cache-lga21946-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CF6YKYT%2BczXIBsG6A9PAUc982k5ck00B%2B3aaxzJ4peivJBT2C8KeMuJAVjOkYZ9YquIQljGvEiJPxtaUEmXgiAezYeB%2B5IFe%2FFxyAdgeE%2BKm3sIEhQiDuBjkuLWl1jNlb4Hnf3I9UtRDrOlxiag%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8981c1e3bb3a9757-FRA

GET
H3 200 rocket-loader.min.js Show response
winternode.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 43ms
43ms Script
application/javascript 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winternode.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jun 2024 08:39:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66729944-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbDj7jb0HB5XPz2kIxemiIsuIN9wDdYaYsAb4K9QsW0Slc%2ByyCFzE%2BVZvO4fMfK5exaXXc9y8kAYQJbXN2P%2BFZs5y07QUZS0OkYUgzHyqUS8sJ6Hj3SZngfk4Gzu5PkNJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8981c1e35b813602-FRA
expires: Tue, 25 Jun 2024 04:32:59 GMT

GET
H2 200 l7gfbjR61M69yt8Z2QKtlA.woff2
fonts.gstatic.com/s/spartan/v18/ 31 KB
32 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spartan:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://winternode.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:52:32 GMT
x-content-type-options: nosniff
age: 394827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32040
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:52:32 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 153ms
71ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: winternode.com
URL: https://winternode.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8981c1e4bd0c1e33-FRA

GET
H3 200 main.min.js Show response
winternode.com/js/ 3 KB
1 KB 74ms
73ms Script
application/javascript 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winternode.com/js/main.min.js

Requested by

Host: winternode.com
URL: https://winternode.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cea5fc07985001cb513c282ddf821baf1b2bbbfcb02e77baa3a4857d98a646a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"594dbfb78c1272b4c0d2ab3ee6ca2f84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCGVuHzOCMT%2BjajpYzBLAKbkqDCdMo6lmyF%2BiVTCCnzwGPsZ0Ncca47b8mqDXpYf5IN3GRMs8rnXGMKxIUN9HuuWp2M%2B8YQmAxcbx8Ib%2F9qdAIpizkiRWXajvcqoq6c27w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8981c1e43c7e3602-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 platform.js Show response
static.senja.io/dist/ 4 KB
2 KB 429ms
131ms Script
application/javascript 2400:52e0:1a00::1029:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.senja.io/dist/platform.js
Requested by: Host: winternode.com
URL: https://winternode.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1029 /
Resource Hash: 74ab4b60ee6547e4681421dc1d282dfbb5520da2022b68b4de2eef4b87ceaff3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: br
cdn-edgestorageid: 1070
cdn-storageserver: NY-346
cdn-cachedat: 06/23/2024 04:15:07
cdn-pullzone: 1385378
last-modified: Fri, 14 Jun 2024 12:56:49 GMT
server: BunnyCDN-IL1-1029
cdn-fileserver: 622
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"666c3e11-1129"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1cd57ba7-1826-4e0d-b569-f84de683c17b
cache-control: public, max-age=0
cdn-requestid: 6a73de4b07b0b688ad221396477720b4
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

main.js Show response
winternode.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame C6F6
Redirect Chain

https://winternode.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://winternode.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

8 KB
4 KB

46ms
46ms

Script
application/javascript

172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winternode.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe64fa9fbbb63bf004405b48fcadea42c4e4c14aac2a20f9366997068b0396f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KaQQR24mDh459tuCLAMj6bjqHGSVzn%2FOljohsbWlVVTtFp9rl1X%2FzK%2B5G6t67Q%2BrHpl5L0TIvSA7qcmBjHPGO73PBZ4ZDT%2BkbFVCtN59eGoPVfeUGP5cnDpSgpFXEpFuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8981c1e48cbb3602-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 23 Jun 2024 04:32:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9x09KYrrInUpbW0oqzosFNePosVVZ28kZdtoBDV62J%2F8eM28bnHipTzDxS5lHhHPEiwLNa%2FSyI2OS6sbIO%2BBtQSoqfuH5YmFRRs5uqXuiWn2Z%2BpLrUDsFyzU41Ty5UW89Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
cache-control: max-age=300, public
cf-ray: 8981c1e43c803602-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8981c1e29abf3602 Show response
winternode.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C6F6 0
686 B 61ms
60ms XHR
text/plain 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winternode.com/cdn-cgi/challenge-platform/h/b/jsd/r/8981c1e29abf3602
Requested by: Host: winternode.com
URL: https://winternode.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BIE43t9b82%2Fsk2vZuHYC4RuVkc9Wb0gTzCD3RVRSabQdR0pBDgVp%2FTtOIKMUZHdHmYNKM2HpvuZl4N8oTacQjF%2F7B078qHPvi%2FS8Ulh%2BLgmwhvyFxfztfRdl4r2IvaKLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8981c1e55d3d3602-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 104ms
50ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: winternode.com
URL: https://winternode.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a4489b49f511fe578b16179b3e5cee5dd4fedd001148162c55134f81e370b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 52405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-2195"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1e5ce526a74-TXL
access-control-allow-headers: Content-Type, Origin
expires: Mon, 24 Jun 2024 04:32:59 GMT

GET
H3 200 matomo.js Show response
analytics.winterno.de/ 66 KB
24 KB 530ms
472ms Script
application/javascript 172.67.223.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.winterno.de/matomo.js
Requested by: Host: winternode.com
URL: https://winternode.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.223.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1560a4056debc64cf7808e9bd680f86523911aa8aa41aa83c9a1e63c26a52521

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 08:48:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERFJ7LxrsN8c%2BZ19OGd9BW1LmazBfdPTLaAmdHijCzAFkwLS%2Bc%2FAbsZomZ6a6xplMrJnvoC9Q%2FMyHpw86z9KvabYszSpeDLftwpymLJorsUFHMTzIAcyNouE95ysdi6FXyH2S%2BL%2BOTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8981c1e5def09237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 container_s4pCjIgp.js Show response
analytics.winterno.de/js/ 35 KB
12 KB 427ms
370ms Script
application/javascript 172.67.223.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.winterno.de/js/container_s4pCjIgp.js
Requested by: Host: winternode.com
URL: https://winternode.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.223.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475386a11c26ec44ecd2137b9406456adf822b114239ccf214f2ffda8a47a635

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2024 04:29:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uRHtShkdDaClxoyhKtRyJDBm0ckaaKr2nPQUrGvuO6GdFEkvWlq8FdUeOD4xup1NpGX0KG1BHf9yrQWG%2Fe1yEvaetF77erbYpf7iZ0xZ0vApzbEfgC5bXf81aW1cUUxyvCsx3yUN78Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8981c1e5deee9237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
winternode.com/favicon/ 12 KB
6 KB 70ms
70ms Other
image/vnd.microsoft.icon 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winternode.com/favicon/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13b87e61701eb63e905380eade11b0e16621b8a1960f74ec632ab8ea0d790963

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"b15d8e053f400d71ebfa1ebe95555b8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RhiRaLPko3f3fd%2FR6yqjuPn3mXd645mLgRFU3Gr70%2B%2FIx0Cy40BJOtBzLFzx%2Fogm%2FEXLCehRzpm1RRdPZ8R%2F5mc0iVd1KGs%2F7auzVkt6FewwqXoDhyzrCK36YQ8JH7KZpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8981c1e57d533602-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 8981c1e29abf3602 Show response
winternode.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C6F6 0
685 B 56ms
54ms XHR
text/plain 172.67.208.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winternode.com/cdn-cgi/challenge-platform/h/b/jsd/r/8981c1e29abf3602
Requested by: Host: winternode.com
URL: https://winternode.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.208.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NgQqBdJlV6hT1Xu%2F%2FMzW4IV1ePblZQNml%2BC%2FGLXn8rXiOUDhzdv6CODCnIUQdlkkNoRIu6D0enDrBzZr%2FtPnveqYKtYkd9RfWh51pV8bhVCnUqbHsPXb9sEqzSzdVVV4hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8981c1e60e3f3602-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 42ms
42ms XHR
text/plain 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://winternode.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8981c1e6de64690a-FRA

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 121ms
41ms Preflight
text/plain 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://winternode.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://winternode.com
access-control-max-age: 86400
cf-ray: 8981c1e69e3d690a-FRA
content-encoding: gzip
content-type: text/plain
date: Sun, 23 Jun 2024 04:32:59 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 369 KB
95 KB 88ms
88ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?222531f

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d5673e3689efeaa3dc110d52b65cdb24978bfb713353d2fabd4dec959e65cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 52405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-5c221"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1e62edd6a74-TXL
access-control-allow-headers: Content-Type, Origin
expires: Wed, 21 Jun 2034 04:32:59 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 113 KB
14 KB 53ms
52ms Stylesheet
text/css 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?222531f

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90ddc0c118b5b9df3fea58fec2a38cdf6a1d0cabfb33d0cf5612e7bb4fa7826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 52405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jun 2024 13:37:19 GMT
server: cloudflare
etag: W/"6676d38f-1c503"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1e62ede6a74-TXL
access-control-allow-headers: Content-Type, Origin
expires: Wed, 21 Jun 2034 04:32:59 GMT

GET
H2 200 da2b0b09-bce2-467a-a75e-744567c12f70 Show response
widget.senja.io/api/widget-config/ 204 KB
53 KB 171ms
66ms Fetch
application/json 2606:4700:20::ac43:46d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.senja.io/api/widget-config/da2b0b09-bce2-467a-a75e-744567c12f70
Requested by: Host: static.senja.io
URL: https://static.senja.io/dist/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc269dc38767a0e737203802282aecb3179843d9016bf471d54af4724d680a9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 01:07:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12350
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kapbBihK6jGXJqrJqumqeG8mea0RiwurEltImKpRnMUB024jdfHJSKH%2B%2BL2Tl3bFSRBFWBtdvFtzMZClVoOKfziXdyYurNMt2o0LlKyStn3%2F2g4xit%2F2xrj4hHbM39wFo7d2EHOMX1XvqY3clnQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1
cf-ray: 8981c1e79a611db0-FRA
expires: Sun, 23 Jun 2024 04:33:01 GMT

GET
H2 200 da2b0b09-bce2-467a-a75e-744567c12f70 Show response
widget.senja.io/api/widget-config/ 204 KB
40 B 229ms
57ms Fetch
application/json 2606:4700:20::ac43:46d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.senja.io/api/widget-config/da2b0b09-bce2-467a-a75e-744567c12f70
Requested by: Host: static.senja.io
URL: https://static.senja.io/dist/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc269dc38767a0e737203802282aecb3179843d9016bf471d54af4724d680a9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 01:07:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12350
vary: Accept-Encoding
access-control-allow-methods: GET,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kapbBihK6jGXJqrJqumqeG8mea0RiwurEltImKpRnMUB024jdfHJSKH%2B%2BL2Tl3bFSRBFWBtdvFtzMZClVoOKfziXdyYurNMt2o0LlKyStn3%2F2g4xit%2F2xrj4hHbM39wFo7d2EHOMX1XvqY3clnQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=1
cf-ray: 8981c1e80abf1db0-FRA
expires: Sun, 23 Jun 2024 04:33:01 GMT

GET
H2 200 bb6834b3-82c5-4c05-8647-eef8dc33c628 Show response
widget.senja.io/api/widget-config/ 18 KB
7 KB 182ms
77ms Fetch
application/json 2606:4700:20::ac43:46d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.senja.io/api/widget-config/bb6834b3-82c5-4c05-8647-eef8dc33c628
Requested by: Host: static.senja.io
URL: https://static.senja.io/dist/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a4b73400be00a878f6f8568a323a4cb13035bcb241dbf173631351e82c1f60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Jun 2024 01:07:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 12350
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYBYa1IUF1mpsmELbBm74LD4BzL4SGpktXnJpqZ8lrXP91eRfXz89ttHEQ0t%2BV5PcbvLGc%2B1MMF%2BX8UPlI7s1O84pQlkR6XXx7xRvSuRPr8WFiPQaKnfyCOktrPztJlcxmngxGRUoX2XFSvVfIc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1
cf-ray: 8981c1e79a631db0-FRA
expires: Sun, 23 Jun 2024 04:33:01 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/2b50d96b-d190-415d-83d4-7f322c41fef4/prelude/ 222 B
510 B 137ms
136ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/2b50d96b-d190-415d-83d4-7f322c41fef4/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-5-23-6-33

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?222531f

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a951eaac883ef1ce25c65fb974210a962a84ae2603aecbcea745447524170666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 23 Jun 2024 04:33:00 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1e7894a6a74-TXL
access-control-allow-headers: Content-Type, Origin
expires: Sun, 23 Jun 2024 08:33:00 GMT

GET
H2 200 avatars.js Show response
senja-assets.b-cdn.net/widgets/488b476246e644b7b2a7573777716085/ 146 KB
48 KB 471ms
132ms Script
application/javascript 2400:52e0:1a00::1029:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://senja-assets.b-cdn.net/widgets/488b476246e644b7b2a7573777716085/avatars.js
Requested by: Host: static.senja.io
URL: https://static.senja.io/dist/platform.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1029 /
Resource Hash: fba2799e288ae14fb313378f202d5a632804b24302d9235fc87b78061799aaf8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: br
cdn-edgestorageid: 871
cdn-storageserver: NY-427
cdn-cachedat: 06/22/2024 18:45:37
cdn-pullzone: 1385378
last-modified: Sat, 22 Jun 2024 18:45:11 GMT
server: BunnyCDN-IL1-1029
cdn-fileserver: 622
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"66771bb7-246aa"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1cd57ba7-1826-4e0d-b569-f84de683c17b
cache-control: public, max-age=0
cdn-requestid: 1cd4843caca4d7c2854e3b7d51f40081
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cardMarquee.js Show response
senja-assets.b-cdn.net/widgets/488b476246e644b7b2a7573777716085/ 135 KB
44 KB 722ms
391ms Script
application/javascript 2400:52e0:1a00::1029:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://senja-assets.b-cdn.net/widgets/488b476246e644b7b2a7573777716085/cardMarquee.js
Requested by: Host: static.senja.io
URL: https://static.senja.io/dist/platform.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1029 /
Resource Hash: 269d86860b17b49426ca47fab4a8d56ef1156823892fe460ac6f817fafe32d91

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: br
cdn-edgestorageid: 1070
cdn-storageserver: NY-268
cdn-cachedat: 06/22/2024 18:45:23
cdn-pullzone: 1385378
last-modified: Sat, 22 Jun 2024 18:45:10 GMT
server: BunnyCDN-IL1-1029
cdn-fileserver: 622
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"66771bb6-21de9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1cd57ba7-1826-4e0d-b569-f84de683c17b
cache-control: public, max-age=0
cdn-requestid: f462c0daf3ee170cc5dd4b709fcfb964
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 233ms
71ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: analytics.winterno.de
URL: https://analytics.winterno.de/js/container_s4pCjIgp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 23 Jun 2024 04:32:59 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DFCEACFA4B140CFAAF2AB22E85D0DBA Ref B: FRA31EDGE0115 Ref C: 2024-06-23T04:33:00Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 jdm0ohrvsi Show response
www.clarity.ms/tag/ 1004 B
1 KB 295ms
137ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jdm0ohrvsi
Requested by: Host: winternode.com
URL: https://winternode.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fc5be0f9bbcbb4a150d2fb03f15512d141200ec5b30c3004abb0dd5bac9b4001

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sun, 23 Jun 2024 04:33:00 GMT
x-azure-ref: 20240623T043300Z-17d856f5577zb7m67a9qgrrn5400000001d000000000216h
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1004
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 204 matomo.php
analytics.winterno.de/ 0
403 B 499ms
497ms Ping
text/plain 172.67.223.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.winterno.de/matomo.php?action_name=winternode.com%2FAmazing%20Game%20Server%20Hosting%20%7C%20WinterNode&idsite=2&rec=1&r=292572&h=6&m=33&s=0&url=https%3A%2F%2Fwinternode.com%2F&_id=d0fbfa1a53ede7c9&_idn=1&send_image=0&_refts=0&pv_id=aikAYh&pf_net=64&pf_srv=80&pf_tfr=40&pf_dm1=179&pf_dm2=189&pf_onl=3&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.114%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.114%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: analytics.winterno.de
URL: https://analytics.winterno.de/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.223.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyRGsjEw3tQnhh6HYdlOoCdZIsfN360ErNUsynXFBP3CIDtNvTlf9OPG2S5dv5A%2F2x%2FW6O2Sa1QNMxz6URJ2gc7iLr1moLZrXOwBGlKQcbzoJOl2d70SQP0nPYX7oWb6EZW2cR0cS8k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://winternode.com
access-control-allow-credentials: true
cf-ray: 8981c1e918399237-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 187080282.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 65ms
65ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187080282.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cd1896e40e9227c62388ee8c3bc6e93db922b4ccabcb2c49f1952f3b7f7c87d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 23 Jun 2024 04:32:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 95C97212DD964366B4B008C512C0D7B1 Ref B: FRA31EDGE0115 Ref C: 2024-06-23T04:33:00Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
288 B 99ms
98ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187080282&Ver=2&mid=87dd05f3-fc36-4530-bd3d-114d0a8e3edb&sid=ac2e7b10311911efadd22dd0f38af1eb&vid=ac2ead20311911efa00b4dd73d97dc2a&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Amazing%20Game%20Server%20Hosting%20%7C%20WinterNode&p=https%3A%2F%2Fwinternode.com%2F&r=&lt=518&evt=pageLoad&sv=1&rn=344710

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 23 Jun 2024 04:32:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F2C3EDF52BB456EB72AB3CE9AA02FB2 Ref B: FRA31EDGE0115 Ref C: 2024-06-23T04:33:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 79ms
78ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jdm0ohrvsi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240623T043300Z-17d856f5577zb7m67a9qgrrn5400000001d000000000216u
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 949203f2-601e-0050-0434-c2ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EBF19C7D42624A79A424663A3EAEF256&RedC=c.clarity.ms&MXFR=0BA4D224B09061E41DD9C683B4906F6E
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EBF19C7D42624A79A424663A3EAEF256&MUID=3A1679EC19E2616A06C06D4B184E609C

42 B
443 B

54ms
54ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EBF19C7D42624A79A424663A3EAEF256&MUID=3A1679EC19E2616A06C06D4B184E609C
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://winternode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 04:33:00 GMT
last-modified: Wed, 19 Jun 2024 18:40:50 GMT
server: Microsoft-IIS/10.0
etag: "2c9f213578c2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 23 Jun 2024 04:32:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4D13B28128A4C6E84975916D7CFF6C9 Ref B: FRA31EDGE0115 Ref C: 2024-06-23T04:33:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EBF19C7D42624A79A424663A3EAEF256&MUID=3A1679EC19E2616A06C06D4B184E609C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 187080282 Show response
www.clarity.ms/tag/uet/ 1 KB
1 KB 244ms
244ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187080282?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187080282.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 061c61d1da15103e1c2b0b1504826c2dfd5e213fb56e2d761ad24e42a7d4666e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sun, 23 Jun 2024 04:33:00 GMT
x-azure-ref: 20240623T043300Z-17d856f5577zb7m67a9qgrrn5400000001d000000000216v
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1195
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 / Show response
client.crisp.chat/settings/website/2b50d96b-d190-415d-83d4-7f322c41fef4/ 13 KB
3 KB 139ms
139ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/2b50d96b-d190-415d-83d4-7f322c41fef4/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1717500856023

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?222531f

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c03d07d95d1270e01a2442bb77eeceb8e4d83e18585de68d5e7f18ab158182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jun 2024 21:35:43 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1eaf8016a74-TXL
access-control-allow-headers: Content-Type, Origin
expires: Sun, 23 Jun 2024 08:33:00 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
278 B 528ms
263ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://winternode.com
Date: Sun, 23 Jun 2024 04:33:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 9 KB
4 KB 56ms
55ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?222531f

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?222531f

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7190512b13008ed7f2ef70111301bb0ea9a5561285d05c9aa2bb55614419a1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 43256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jun 2024 15:02:29 GMT
server: cloudflare
etag: W/"66759605-250e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1ebe9bc6a74-TXL
access-control-allow-headers: Content-Type, Origin
expires: Wed, 21 Jun 2034 04:33:00 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 avatar_aOgsMJ-eZ.png
ik.imagekit.io/senja/tr:f-jpeg/Avatars/ 3 KB
4 KB 127ms
40ms Image
image/jpeg 2600:9000:2359:3200:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/senja/tr:f-jpeg/Avatars/avatar_aOgsMJ-eZ.png?ik-sdk-version=javascript-1.4.3&updatedAt=1657796891741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:3200:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5e71407fa2192a8c4be686b401a371ea1b3a5bc998157307b8d70f01bd6877ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Jan 2024 06:04:50 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront), 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 14077691
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3237
x-request-id: 84ff9a69-c25a-44df-8278-25f2f2d548fc
last-modified: Fri, 29 Dec 2023 16:13:34 GMT
etag: "d8ca063de36c39a4d28c2b5aa876b868"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: QaDqAzRF0gDPqM2MbxX6D9drz7zFRFpAo5vUGiasyvThMpMpCEZX2A==

GET
H2 200 9f9438d3-c1dc-48cb-ae5a-238051f4ea1b_2c307d73-8df2-4d2f-908a-fd1a05e7a429_fa08590427b2183a1c92156bcc3df099.png
senjaio.b-cdn.net/public/media/ 700 B
1 KB 481ms
387ms Image
image/webp 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://senjaio.b-cdn.net/public/media/9f9438d3-c1dc-48cb-ae5a-238051f4ea1b_2c307d73-8df2-4d2f-908a-fd1a05e7a429_fa08590427b2183a1c92156bcc3df099.png?width=60&height=60&format=webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 5b63ee171527f016af60a11aa005549ff55c4831c50dff0c0e74f8aba6b1ff99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:01 GMT
x-downloadsize: 2119413
cdn-edgestorageid: 1082
x-bo-processingtime: 19
cdn-cachedat: 06/23/2024 04:33:01
cdn-pullzone: 1203141
content-length: 700
x-bo-server: LA-221
last-modified: Sun, 23 Jun 2024 04:33:01 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 172
content-type: image/webp
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 1cd57ba7-1826-4e0d-b569-f84de683c17b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
x-bo-compressionratio: 99.97%
cdn-requestid: 0aae4a4a8dc1c7da6e646b2fb1d3bd3f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 widget
analytics.senja.io/ 0
0 180ms
77ms Fetch 2606:4700:20::681a:5c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.senja.io/widget
Requested by: Host: senja-assets.b-cdn.net
URL: https://senja-assets.b-cdn.net/widgets/488b476246e644b7b2a7573777716085/avatars.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 23 Jun 2024 04:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qk%2FKd5molUdgHzyueS0vvG0YiTrLD70WfQ%2BvuRdacOw5dYUVHRf%2BOUCQeeZnsGuAOtLF9FcelzIEb9VEZJB2fvXsJyxsHdgfVUQRsLeTQTQPgAb1%2BefwGWzOs0A%2FO2dQfF7cej0io2Cm5mK6AqzrSw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8981c1ee1ae43655-FRA
content-length: 0

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
278 B 130ms
130ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://winternode.com
Date: Sun, 23 Jun 2024 04:33:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
DATA 200
OK truncated
/ 508 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 /
image.crisp.chat/process/thumbnail/ 2 KB
2 KB 353ms
338ms Image
image/webp 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2F918d03e8f005e00%2Fasset-2_zioecp.png&width=60&height=60&1717500856023

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b17e2f4db3c1c24164fc41de703d951f512554596f2e3445a36f3134db670a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1606
last-modified: Sun, 23 Jun 2024 02:08:59 GMT
server: cloudflare
etag: W/"646-19042da9624"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8981c1f8f9146a74-TXL
expires: Wed, 21 Jun 2034 04:33:03 GMT

GET
H3 200 /
image.crisp.chat/process/thumbnail/ 2 KB
2 KB 95ms
80ms Image
image/webp 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fb12da1a34a17f000%2Fvanjmali_1qa4rpg.png&width=60&height=60&1717500856023

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1054944be5a35f73af91347786248f2af30b79534db85bb85d43e98c4fdbf87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1974
last-modified: Fri, 21 Jun 2024 22:21:28 GMT
server: cloudflare
etag: W/"7b6-1903ce3ecaa"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8981c1f8f9196a74-TXL
expires: Wed, 21 Jun 2034 04:33:02 GMT

GET
H3 200 /
image.crisp.chat/process/thumbnail/ 1 KB
2 KB 157ms
143ms Image
image/webp 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Fdeab9ee759457000%2Fcute-turtle-with-sunglasses-ai_14p37nj.jpg&width=60&height=60&1717500856023

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edc78cf9554c1ef142f0527198b16ebf0f93f01c9534f1b62d69559121f78d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1298
last-modified: Sat, 22 Jun 2024 22:07:04 GMT
server: cloudflare
etag: W/"512-19041fd1787"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8981c1f8f9176a74-TXL
expires: Wed, 21 Jun 2034 04:33:02 GMT

GET
H3 200 /
image.crisp.chat/avatar/website/2b50d96b-d190-415d-83d4-7f322c41fef4/60/ 1 KB
1 KB 555ms
541ms Image
image/webp 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/website/2b50d96b-d190-415d-83d4-7f322c41fef4/60/?1717500856023

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfb81557deb0f3e1fdfb2009d78a25cae91916cf87e8861a52e980dc3d53826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1036
last-modified: Thu, 20 Jun 2024 21:31:30 GMT
server: cloudflare
etag: W/"40c-190378fcfb9"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8981c1f8f91c6a74-TXL
expires: Wed, 21 Jun 2034 04:33:03 GMT

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0

Request headers

Referer
Origin: https://winternode.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 186ms
144ms Font
application/font-woff2 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?222531f

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?222531f

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?222531f
Origin: https://winternode.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-280c"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1f93e9158d8-TXL
access-control-allow-headers: Content-Type, Origin
expires: Wed, 21 Jun 2034 04:33:03 GMT

GET
H3 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 172ms
131ms Font
application/font-woff2 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?222531f

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?222531f

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://client.crisp.chat/static/stylesheets/client_default.css?222531f
Origin: https://winternode.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 04:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-2864"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8981c1f93e9058d8-TXL
access-control-allow-headers: Content-Type, Origin
expires: Wed, 21 Jun 2034 04:33:03 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
278 B 129ms
129ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://winternode.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://winternode.com
Date: Sun, 23 Jun 2024 04:33:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winternode.com/	1970-01-21 06:17:33	Name: cf_clearance Value: RtJ.91aqD_fO45WnsVTSNxljWbjjrPsSPj4gONP5_3g-1719117179-1.0.1.1-g10qcH.DcTNTNa7jzZV031CeuMeYYYYlYm9KuohrHcqa67j4uQ4UtVrX6XIDpd6qgapTmWrcD5FRVn7QdVePEw
.winternode.com/	1970-01-21 06:57:52	Name: _pk_id.2.166c Value: d0fbfa1a53ede7c9.1719117180.
.winternode.com/	1970-01-20 21:31:58	Name: _pk_ses.2.166c Value: 1
.winternode.com/	1970-01-20 21:33:23	Name: _uetsid Value: ac2e7b10311911efadd22dd0f38af1eb
.winternode.com/	1970-01-21 06:53:33	Name: _uetvid Value: ac2ead20311911efa00b4dd73d97dc2a
www.clarity.ms/	1970-01-21 06:17:33	Name: CLID Value: 67fbc0dc35b0457dba3d5f76fb029e8c.20240623.20250623
.bing.com/	1970-01-21 06:53:33	Name: MUID Value: 3A1679EC19E2616A06C06D4B184E609C
.winternode.com/	1970-01-21 01:54:45	Name: crisp-client%2Fsession%2F2b50d96b-d190-415d-83d4-7f322c41fef4 Value: session_b2b43579-8145-4829-b85c-1263e37206d0
.winternode.com/	1970-01-21 06:17:33	Name: _clck Value: dg0hj0%7C2%7Cfmv%7C0%7C1635
.c.bing.com/	1970-01-20 21:42:01	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:53:33	Name: SRM_B Value: 3A1679EC19E2616A06C06D4B184E609C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:53:33	Name: MUID Value: 3A1679EC19E2616A06C06D4B184E609C
.c.clarity.ms/	1970-01-20 21:42:01	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:31:57	Name: ANONCHK Value: 0
.winternode.com/	1970-01-20 21:33:23	Name: _clsk Value: h5eq3u%7C1719117181225%7C1%7C1%7Ci.clarity.ms%2Fcollect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.senja.io
analytics.winterno.de
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
client.crisp.chat
cloudflareinsights.com
fonts.googleapis.com
fonts.gstatic.com
i.clarity.ms
ik.imagekit.io
image.crisp.chat
senja-assets.b-cdn.net
senjaio.b-cdn.net
static.cloudflareinsights.com
static.senja.io
widget.senja.io
winternode.com
www.clarity.ms
104.18.28.104
172.67.208.177
172.67.223.216
2400:52e0:1a00::1029:1
2400:52e0:1e00::1079:1
2600:9000:2359:3200:15:c281:3500:93a1
2606:4700:20::681a:5c4
2606:4700:20::ac43:46d0
2606:4700::6810:4f49
2606:4700::6810:5049
2606:4700::6812:ba1f
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
4.153.72.49
68.219.88.97
061c61d1da15103e1c2b0b1504826c2dfd5e213fb56e2d761ad24e42a7d4666e
1054944be5a35f73af91347786248f2af30b79534db85bb85d43e98c4fdbf87c
13b87e61701eb63e905380eade11b0e16621b8a1960f74ec632ab8ea0d790963
1560a4056debc64cf7808e9bd680f86523911aa8aa41aa83c9a1e63c26a52521
253fdd7df1a6115913d9e672e184f998ef77922e6d6a79f1ed4ea5ce34c81db7
269d86860b17b49426ca47fab4a8d56ef1156823892fe460ac6f817fafe32d91
2e7ec88a40ffbc2e5a22fde33f2b1a1d7b7aa519ecb2fe5a7750416e1474369a
2ebae76003ffe6848c5de09140696c6975f9b7ac1924e52d97c4a239683d7886
2edc78cf9554c1ef142f0527198b16ebf0f93f01c9534f1b62d69559121f78d7
475386a11c26ec44ecd2137b9406456adf822b114239ccf214f2ffda8a47a635
51a4489b49f511fe578b16179b3e5cee5dd4fedd001148162c55134f81e370b5
52b9235acf31a276e8ae83ee4aa0bfd170d5c5e81db23eb0993b9f8043cfc99d
5b63ee171527f016af60a11aa005549ff55c4831c50dff0c0e74f8aba6b1ff99
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5cfb81557deb0f3e1fdfb2009d78a25cae91916cf87e8861a52e980dc3d53826
5e71407fa2192a8c4be686b401a371ea1b3a5bc998157307b8d70f01bd6877ae
5f3f266855f21b2352c9648a7b29e940440489bf1293195a757a72739272ffd7
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
70c03d07d95d1270e01a2442bb77eeceb8e4d83e18585de68d5e7f18ab158182
7190512b13008ed7f2ef70111301bb0ea9a5561285d05c9aa2bb55614419a1ba
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
74ab4b60ee6547e4681421dc1d282dfbb5520da2022b68b4de2eef4b87ceaff3
7cea5fc07985001cb513c282ddf821baf1b2bbbfcb02e77baa3a4857d98a646a
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8d5673e3689efeaa3dc110d52b65cdb24978bfb713353d2fabd4dec959e65cea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c0ba1804ff0c9da7af4fb74c02b67aecc8b91f3505fc802a6bce283c069cbff
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a951eaac883ef1ce25c65fb974210a962a84ae2603aecbcea745447524170666
ac4ed0aca88f5bae3290c808f2b516256e9a74cde92e51595f20e8c70a09f9db
b17e2f4db3c1c24164fc41de703d951f512554596f2e3445a36f3134db670a86
bc269dc38767a0e737203802282aecb3179843d9016bf471d54af4724d680a9b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1896e40e9227c62388ee8c3bc6e93db922b4ccabcb2c49f1952f3b7f7c87d0
d90ddc0c118b5b9df3fea58fec2a38cdf6a1d0cabfb33d0cf5612e7bb4fa7826
dfe64fa9fbbb63bf004405b48fcadea42c4e4c14aac2a20f9366997068b0396f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4b73400be00a878f6f8568a323a4cb13035bcb241dbf173631351e82c1f60
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0
fba2799e288ae14fb313378f202d5a632804b24302d9235fc87b78061799aaf8
fc5be0f9bbcbb4a150d2fb03f15512d141200ec5b30c3004abb0dd5bac9b4001
fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83
fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af

winternode.com Open in urlscan Pro 172.67.208.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

71 %IPv6

12 Domains

20 Subdomains

18 IPs

4 Countries

808 kBTransfer

1970 kBSize

16 Cookies

15 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winternode.com Open in urlscan Pro
172.67.208.177 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

71 %
IPv6

12
Domains

20
Subdomains

18
IPs

4
Countries

808 kB
Transfer

1970 kB
Size

16
Cookies

52 HTTP transactions
4 data transactions