winning-post6.xn--1-td6bm19b.com Open in urlscan Pro Puny
winning-post6.攻略1.com IDN
120.136.10.41 Public Scan

Software

cafe /

Resource Hash

556416f7234ba819d58a78e3c59fe1ceee5267b8cde45bf02486028103092a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53731
x-xss-protection: 0
server: cafe
etag: 5162387426073465127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 13 Jul 2024 00:25:40 GMT

GET
H2 200 img2522201941223342.png
winning-post6.xn--1-td6bm19b.com/img/ 247 KB
248 KB 15ms
13ms Image
image/png 120.136.10.41
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winning-post6.xn--1-td6bm19b.com/img/img2522201941223342.png
Requested by: Host: winning-post6.xn--1-td6bm19b.com
URL: https://winning-post6.xn--1-td6bm19b.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 120.136.10.41 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv540.xserver.jp
Software: nginx /
Resource Hash: 28ed4ff3cd34e0222854189ef3824edf6aa9cf541b9a81b114c8b62a29a39f8f

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:39 GMT
last-modified: Fri, 12 Apr 2019 14:07:31 GMT
server: nginx
etag: "3dd89-58655d2e06000"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 253321
expires: Sat, 20 Jul 2024 00:25:39 GMT

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 33 KB
33 KB 117ms
9ms Image
image/gif 150.230.193.202
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www22.a8.net/svt/bgt?aid=200912047161&wid=037&eno=01&mid=s00000007229002090000&mc=1
Requested by: Host: winning-post6.xn--1-td6bm19b.com
URL: https://winning-post6.xn--1-td6bm19b.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.230.193.202 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 0f0f6610cf44034cc88df2dfc8e4c650eb1172ef2ace6010890af8802316ecf9

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 00:25:40 GMT
Connection: keep-alive
Content-Length: 33967
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www15.a8.net/ 43 B
168 B 117ms
9ms Image
image/gif 150.230.193.202
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www15.a8.net/0.gif?a8mat=3BM8Q7+2NVKYA+1JS2+CFYJL
Requested by: Host: winning-post6.xn--1-td6bm19b.com
URL: https://winning-post6.xn--1-td6bm19b.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.230.193.202 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 00:25:40 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tables.css
winning-post6.xn--1-td6bm19b.com/css/ 7 KB
2 KB 14ms
13ms Stylesheet
text/css 120.136.10.41
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://winning-post6.xn--1-td6bm19b.com/css/tables.css
Requested by: Host: winning-post6.xn--1-td6bm19b.com
URL: https://winning-post6.xn--1-td6bm19b.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 120.136.10.41 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv540.xserver.jp
Software: nginx /
Resource Hash: 6f0dd774f10776b2b95446777738390e42a2199e22e44e37290b655b71e4988f

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:39 GMT
content-encoding: br
last-modified: Sat, 12 Sep 2020 07:54:35 GMT
server: nginx
etag: W/"1a54-5af191ccd9eb8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 20 Jul 2024 00:25:39 GMT

GET
H2 200 commonstyles.css
winning-post6.xn--1-td6bm19b.com/css/ 25 KB
6 KB 14ms
13ms Stylesheet
text/css 120.136.10.41
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://winning-post6.xn--1-td6bm19b.com/css/commonstyles.css
Requested by: Host: winning-post6.xn--1-td6bm19b.com
URL: https://winning-post6.xn--1-td6bm19b.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 120.136.10.41 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv540.xserver.jp
Software: nginx /
Resource Hash: 69d2186d63e8118d4b2e6482f8ea5bf7db899bc9c392c3226975b0011cf581ef

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:39 GMT
content-encoding: br
last-modified: Sat, 12 Sep 2020 07:54:35 GMT
server: nginx
etag: W/"647b-5af191cc5bf0f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 20 Jul 2024 00:25:39 GMT

GET
H2 200 menu_h4.png
winning-post6.xn--1-td6bm19b.com/img/ 1 KB
2 KB 11ms
11ms Image
image/png 120.136.10.41
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winning-post6.xn--1-td6bm19b.com/img/menu_h4.png
Requested by: Host: winning-post6.xn--1-td6bm19b.com
URL: https://winning-post6.xn--1-td6bm19b.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 120.136.10.41 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv540.xserver.jp
Software: nginx /
Resource Hash: d2530e59953102b3490928cc7e37f96047ca362de4b5e800f4851b137ceed05d

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:39 GMT
last-modified: Fri, 12 Apr 2019 14:07:33 GMT
server: nginx
etag: "5c8-58655d2fb98df"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1480
expires: Sat, 20 Jul 2024 00:25:39 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/ 424 KB
143 KB 70ms
69ms Script
text/javascript 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79d6215bf9b5cd188e929678a909d5c2e35549c679f5075ac0ec9800b43b220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146789
x-xss-protection: 0
server: cafe
etag: 8786822985076917075
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 00:25:40 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame 472B 0
0 57ms
11ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 21331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 18:30:09 GMT
etag: 2738592464165616
expires: Fri, 26 Jul 2024 18:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5CCC 0
0 696ms
661ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6786079865280912&output=html&h=280&slotname=7023011588&adk=3843361467&adf=632404945&pi=t.ma~as.7023011588&w=640&abgtt=3&fwrn=4&fwrnh=100&lmt=1599897349&rafmt=1&format=640x280&url=https%3A%2F%2Fwinning-post6.xn--1-td6bm19b.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720830340145&bpp=6&bdt=249&idt=192&shv=r20240709&mjsv=m202407100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=4163064891491&frm=20&pv=2&ga_vid=1015710054.1720830340&ga_sid=1720830340&ga_hid=736378437&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331832%2C95332586%2C95334509%2C95334524%2C95334829%2C31085241%2C95336521%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2471976791974140&tmod=434366245&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50974
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 00:25:41 GMT
expires: Sat, 13 Jul 2024 00:25:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 05AE 0
0 490ms
475ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6786079865280912&output=html&h=280&slotname=5647323188&adk=3620138739&adf=4127535422&pi=t.ma~as.5647323188&w=336&abgtt=3&lmt=1599897349&format=336x280&url=https%3A%2F%2Fwinning-post6.xn--1-td6bm19b.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720830340151&bpp=2&bdt=255&idt=222&shv=r20240709&mjsv=m202407100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=640x280&correlator=4163064891491&frm=20&pv=1&ga_vid=1015710054.1720830340&ga_sid=1720830340&ga_hid=736378437&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=482&ady=2987&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331832%2C95332586%2C95334509%2C95334524%2C95334829%2C31085241%2C95336521%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2471976791974140&tmod=434366245&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=227

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12994
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 00:25:40 GMT
expires: Sat, 13 Jul 2024 00:25:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fixed&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: winning-post6.xn--1-td6bm19b.com
URL: https://winning-post6.xn--1-td6bm19b.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jul 2024 00:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 12B7 0
0 546ms
544ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6786079865280912&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1599897349&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwinning-post6.xn--1-td6bm19b.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720830340153&bpp=4&bdt=258&idt=230&shv=r20240709&mjsv=m202407100101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=640x280%2C336x280&nras=1&correlator=4163064891491&frm=20&pv=1&ga_vid=1015710054.1720830340&ga_sid=1720830340&ga_hid=736378437&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331832%2C95332586%2C95334509%2C95334524%2C95334829%2C31085241%2C95336521%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2471976791974140&tmod=434366245&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=238

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 107577
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 00:25:40 GMT
expires: Sat, 13 Jul 2024 00:25:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/ 171 KB
57 KB 49ms
49ms Script
text/javascript 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/reactive_library_fy2021.js?bust=31085241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1feddec65fa364b8223fd091be87d3fe8be721fa2d5c8c9b1f5c08180b26dcd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58803
x-xss-protection: 0
server: cafe
etag: 10747009962329416552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 00:25:41 GMT

GET
H2 200 ca-pub-6786079865280912 Show response
fundingchoicesmessages.google.com/i/ 199 KB
66 KB 135ms
70ms Script
application/javascript 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6786079865280912?href=https%3A%2F%2Fwinning-post6.xn--1-td6bm19b.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5a30b702354725ad3259c55263b48ab1244d9e893e5bc557ee8f72149cd99a3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rtKb7kKM8pZVxLj0tDhnmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rtKb7kKM8pZVxLj0tDhnmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLmaJ18fAubwITGR-FKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgbmhoZ6BibxBQYAosc5Bg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUslt9qKUtKKZ1jeiuJ5rNB35bIdLKkvzZeAHQG3zzUNtQdPOU7AqToWRO18bAeAQEzHeADU1mW6_7d9u6V0wya8_km-Wy5IybfJkP1Smh7w5cmwu9DsCnlpw68u-OWOIBdL6mJjw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
56ms Script
application/javascript 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUslt9qKUtKKZ1jeiuJ5rNB35bIdLKkvzZeAHQG3zzUNtQdPOU7AqToWRO18bAeAQEzHeADU1mW6_7d9u6V0wya8_km-Wy5IybfJkP1Smh7w5cmwu9DsCnlpw68u-OWOIBdL6mJjw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwODMwMzQxLDMwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93aW5uaW5nLXBvc3Q2LnhuLS0xLXRkNmJtMTliLmNvbS8iLG51bGwsW1s4LCJUVGhCYmxlRGNRQSJdLFs5LCJqYSJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.TThBbleDcQA.es5.O/am=HgY/d=1/rs=AJlcJMyD2_KlLf5PC9jo0cjZdkKrq3AFGQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87c32a6760cd4a13073d8b372f0c680caef55a117c92f4d5222790024eb6abd2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qUWGmjvFyrls9CIOIErKyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qUWGmjvFyrls9CIOIErKyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtHikmJw1pBiUAjbyXTe6Q7TdSCW-PqSSQ2IndJnsAYAsU_9DNYoIG69eY51MhB_fnyO9TcQJ_07z1oAxEsiLrIeSLzIevDxRdaTQCzEw9E6-fgWNoEJD68uYVTSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTA3NNQzMIkvMAAAhc060A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0973 0
0 332ms
331ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6786079865280912&output=html&h=280&adk=1807980325&adf=2849976060&pi=t.aa~a.3034153148~i.5~rp.4&w=640&abgtt=3&fwrn=4&fwrnh=100&lmt=1599897349&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3355067966&ad_type=text_image&format=640x280&url=https%3A%2F%2Fwinning-post6.xn--1-td6bm19b.com%2F&fwr=0&pra=3&rh=160&rw=640&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720830341132&bpp=1&bdt=1236&idt=-M&shv=r20240709&mjsv=m202407100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D150345863380b417%3AT%3D1720830340%3ART%3D1720830340%3AS%3DALNI_Mafca8y70zuXt8tzs0QdWniot2jJA&gpic=UID%3D00000e8e6994f0f5%3AT%3D1720830340%3ART%3D1720830340%3AS%3DALNI_MbZUQJfRHYN_LLRiXNuis0AsJHcPw&eo_id_str=ID%3D91e9243654cb8379%3AT%3D1720830340%3ART%3D1720830340%3AS%3DAA-AfjbnNtYZGG0nIHoigPhOAjqY&prev_fmts=640x280%2C336x280%2C0x0&nras=2&correlator=4163064891491&frm=20&pv=1&ga_vid=1015710054.1720830340&ga_sid=1720830340&ga_hid=736378437&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95331832%2C95332586%2C95334509%2C95334524%2C95334829%2C31085241%2C95336521%2C31078663%2C31078668%2C31078670&oid=2&psts=AOrYGsmP7qUXx88OEW3U0zpAtDK_5R4yZu9-NRlqW8Pt0CUCH67ULCQUkZwZBa8v6mWksqx1c6DxT2IqiwzinQ%2CAOrYGskoPneBNu091gejT-84UWnk9dgqoKVH2aySTD-h6nlOF2jtbnZ4u18UVsxW8jpOnHbs0bbVUdyVOwIEQsQumiygZgwV&pvsid=2471976791974140&tmod=434366245&uas=0&nvt=1&fc=384&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14332
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 00:25:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame A044 0
0 0ms
0ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 21331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 18:30:09 GMT
etag: 2738592464165616
expires: Fri, 26 Jul 2024 18:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame DBD3 0
0 0ms
0ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 21331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 18:30:09 GMT
etag: 2738592464165616
expires: Fri, 26 Jul 2024 18:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame AA01 0
0 0ms
0ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 21331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 18:30:09 GMT
etag: 2738592464165616
expires: Fri, 26 Jul 2024 18:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/ Frame 34DE 0
0 0ms
0ms Document
text/html 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 21331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 18:30:09 GMT
etag: 2738592464165616
expires: Fri, 26 Jul 2024 18:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxW7-Z_KmStwGgNZR_VJKVeryploS4BXCMDVv29NrNWNCo68sD7wtVpzdToq7K7psstCuXhya6qnd87yeHOMCjuS-ax2THhU-SeA9RfPOIfvSui0t0RBCN6ZlRxGkT8r0RDJ9_jRBw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 80ms
79ms Script
application/javascript 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW7-Z_KmStwGgNZR_VJKVeryploS4BXCMDVv29NrNWNCo68sD7wtVpzdToq7K7psstCuXhya6qnd87yeHOMCjuS-ax2THhU-SeA9RfPOIfvSui0t0RBCN6ZlRxGkT8r0RDJ9_jRBw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwODMwMzQxLDM3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImphIl0sImh0dHBzOi8vd2lubmluZy1wb3N0Ni54bi0tMS10ZDZibTE5Yi5jb20vIixudWxsLFtbOCwiVFRoQmJsZURjUUEiXSxbOSwiamEiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7db9255589edbc058170eb25c1ef45f8a1120fdf83d2d65d9ff138e38045bd0e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C3eRtXqCMQNRP2kBMpyACg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-C3eRtXqCMQNRP2kBMpyACg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhaJ18fAubwIGZx04zKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBsa6hmYxBcYAADiRTmZ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
12 KB 98ms
56ms XHR
application/json 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240709&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8152094dd1d92b0dcecc6ef4308147a2d1051054adf3cb80769cbadefdb837e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12764
x-xss-protection: 0

GET
H2 404 favicon.ico
winning-post6.xn--1-td6bm19b.com/ 3 KB
1 KB 12ms
12ms Other
text/html 120.136.10.41
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://winning-post6.xn--1-td6bm19b.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 120.136.10.41 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv540.xserver.jp
Software: nginx /
Resource Hash: d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:41 GMT
content-encoding: br
last-modified: Mon, 02 Jul 2018 00:29:17 GMT
server: nginx
etag: W/"afe-56ff949b52667"
vary: Accept-Encoding
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
46ms Script
text/javascript 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407100101/show_ads_impl_fy2021.js?bust=31085241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jul 2024 00:25:41 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8B6 0
0 12ms
9ms Document
text/html 172.217.161.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s05-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 85073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 00:47:48 GMT
expires: Sat, 12 Jul 2025 00:47:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 5656 0
0 97ms
52ms Document
text/html 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Js4h5F8Ceq-TomkYenQ5qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Js4h5F8Ceq-TomkYenQ5qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jul 2024 00:25:42 GMT
expires: Sat, 13 Jul 2024 00:25:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 iframeadsensewrapper._100x480_ Show response
fundingchoicesmessages.google.com/f/AGSKWxXCSkRH6Yxlkqjt2CslG9Rn017XIwcPRdA7KOUPOv5Ba5rqFyMy4iq9bg9lhzYAghdCWe70RJlEOEsRHsIOVA47ApfZcvGTeNMTpj_mgzRgpOCHv59U053TIJi-WLj-OvpicTDQY90GM9V02TimXx5fI6XD4... 54 B
109 B 48ms
47ms Script
application/javascript 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXCSkRH6Yxlkqjt2CslG9Rn017XIwcPRdA7KOUPOv5Ba5rqFyMy4iq9bg9lhzYAghdCWe70RJlEOEsRHsIOVA47ApfZcvGTeNMTpj_mgzRgpOCHv59U053TIJi-WLj-OvpicTDQY90GM9V02TimXx5fI6XD49bnVer3DoGorkR2uS5PLeaNVGEKcxPf/_/advertising_/adcount./tickeradsget./iframeadsensewrapper._100x480_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.TThBbleDcQA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwcNkCx6JgLNQJTF72hagycZKPX0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be542a2465e09b03174c4b3acc8354676097ec0c89bc6c34b016067160b920f3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-LA7eC4MQCAiEu4zaePp8cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-LA7eC4MQCAiEu4zaePp8cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLmaJt8fAubQMfyVg0ljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjEwNzQ0M9A5P4AgMAkFg4mQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 3ms
3ms Script
text/javascript 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3279de6db61cd26394c2ecfefa932c66e301303fd6bd06f54c450904d516315b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 23:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30804
x-xss-protection: 0
server: cafe
etag: 10760770564950829667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Jul 2024 00:43:00 GMT

POST
H3 204 AGSKWxXI6MUgWitBVw8TTw2eYCNT0mpTpQha_IRakgua7wr53ijs8Ty4gROEIqEhdee4pNnfgmwjb_2CifGAFTzOHB7JZV9HcX9QUY_0C4JVppw-sCPGTekHtgpmYaCE-3-2NtPDTIRtIg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 88ms
45ms XHR
text/html 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXI6MUgWitBVw8TTw2eYCNT0mpTpQha_IRakgua7wr53ijs8Ty4gROEIqEhdee4pNnfgmwjb_2CifGAFTzOHB7JZV9HcX9QUY_0C4JVppw-sCPGTekHtgpmYaCE-3-2NtPDTIRtIg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h13SXZ4cpih95w0wQWDOnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jul 2024 00:25:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-h13SXZ4cpih95w0wQWDOnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoAxJ8fn2P9DcRLIi6yHki8yCrEzdE2-fgWNoEDJz9ZKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA3NDQz0D8_gCAwAgLytg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://winning-post6.xn--1-td6bm19b.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXI6MUgWitBVw8TTw2eYCNT0mpTpQha_IRakgua7wr53ijs8Ty4gROEIqEhdee4pNnfgmwjb_2CifGAFTzOHB7JZV9HcX9QUY_0C4JVppw-sCPGTekHtgpmYaCE-3-2NtPDTIRtIg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xRh3SGDeCYAWr2mTW8VDHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jul 2024 00:25:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-xRh3SGDeCYAWr2mTW8VDHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoAxJ8fn2P9DcRLIi6yHki8yCrEzdE2-fgWNoETU3dZK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA3NDQz0D8_gCAwADVCr7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://winning-post6.xn--1-td6bm19b.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXI6MUgWitBVw8TTw2eYCNT0mpTpQha_IRakgua7wr53ijs8Ty4gROEIqEhdee4pNnfgmwjb_2CifGAFTzOHB7JZV9HcX9QUY_0C4JVppw-sCPGTekHtgpmYaCE-3-2NtPDTIRtIg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zZR2tmUBhNkeq1MFEJgy7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jul 2024 00:25:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-zZR2tmUBhNkeq1MFEJgy7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoAxJ8fn2P9DcRLIi6yHki8yCrEzdE2-fgWNoGOvxdslVyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgbmhoZ6BeXyBAQAT7Ss4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://winning-post6.xn--1-td6bm19b.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXI6MUgWitBVw8TTw2eYCNT0mpTpQha_IRakgua7wr53ijs8Ty4gROEIqEhdee4pNnfgmwjb_2CifGAFTzOHB7JZV9HcX9QUY_0C4JVppw-sCPGTekHtgpmYaCE-3-2NtPDTIRtIg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VrNV0csQwjyuPT4dZF8lvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jul 2024 00:25:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-VrNV0csQwjyuPT4dZF8lvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoAxJ8fn2P9DcRLIi6yHki8yCrEzdE2-fgWNoEDbxodlFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgbmhoZ6BeXyBAQAOpise"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://winning-post6.xn--1-td6bm19b.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXTXrnn3BSPQN7rhUjyhkp2ukaZ3VmXRW0kwTtFPrIt9g9C_O4iv91ajI4R-57imoWYZYUtHRbiWI1PutII3k53SVxnhyHqT32aog2ABLT-4C04D1Sxi1Z15K0ciz81uNGVW5LFAw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 56ms
56ms Script
application/javascript 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXTXrnn3BSPQN7rhUjyhkp2ukaZ3VmXRW0kwTtFPrIt9g9C_O4iv91ajI4R-57imoWYZYUtHRbiWI1PutII3k53SVxnhyHqT32aog2ABLT-4C04D1Sxi1Z15K0ciz81uNGVW5LFAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwODMwMzQyLDEwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiamEiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93aW5uaW5nLXBvc3Q2LnhuLS0xLXRkNmJtMTliLmNvbS8iLG51bGwsW1s4LCJUVGhCYmxlRGNRQSJdLFs5LCJqYSJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bcb5ef8c799e8aa390e4ecdb9632158bde490eb0b329ac63034e570120ffc2e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vHRyyGfSn2IErNB9H1o7uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 00:25:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vHRyyGfSn2IErNB9H1o7uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLmaJt8fAubwIdXc52VNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMDQ31DEziCwwAt_s5eA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWN0uOx2OglJ3QAWFjow5COdrUnENKEqn1rdWEbKpw4UY_gWkyvX4qdN7VBDUPDh5c02XJISIZSLVOxPn74mUJqewmHqdrBBEks3OMsdM_SMnCGVVRiGBuRYTdq48hOdLT3PcwzOA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
46ms XHR
text/html 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWN0uOx2OglJ3QAWFjow5COdrUnENKEqn1rdWEbKpw4UY_gWkyvX4qdN7VBDUPDh5c02XJISIZSLVOxPn74mUJqewmHqdrBBEks3OMsdM_SMnCGVVRiGBuRYTdq48hOdLT3PcwzOA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dCqIvsaEwjVZ6GImAPsRyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winning-post6.xn--1-td6bm19b.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Jul 2024 00:25:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-dCqIvsaEwjVZ6GImAPsRyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoAxJ8fn2P9DcRLIi6yHki8yCrEzdE2-fgWNoETu79HKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA3NDQz0D8_gCAwAsQSuH"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://winning-post6.xn--1-td6bm19b.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXI6MUgWitBVw8TTw2eYCNT0mpTpQha_IRakgua7wr53ijs8Ty4gROEIqEhdee4pNnfgmwjb_2CifGAFTzOHB7JZV9HcX9QUY_0C4JVppw-sCPGTekHtgpmYaCE-3-2NtPDTIRtIg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS