urlscan.io logo urlscan.io
SecurityTrails logo

winning-wizard.com Open in urlscan Pro
104.21.95.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://winning-wizard.com/
Submission: On March 24 via manual from NL — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 106 HTTP transactions. The main IP is 104.21.95.194, located in and belongs to CLOUDFLARENET, US. The main domain is winning-wizard.com.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.
This is the only time winning-wizard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 104.21.95.194 13335 (CLOUDFLAR...)
8 192.0.77.37 2635 (AUTOMATTIC)
2 142.250.186.138 15169 (GOOGLE)
3 104.22.71.197 13335 (CLOUDFLAR...)
11 142.250.186.130 15169 (GOOGLE)
10 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
1 104.20.66.115 13335 (CLOUDFLAR...)
1 142.250.181.227 15169 (GOOGLE)
1 149.56.240.31 16276 (OVH)
7 172.217.16.130 15169 (GOOGLE)
7 142.250.181.225 15169 (GOOGLE)
19 142.250.186.65 15169 (GOOGLE)
13 142.250.185.142 15169 (GOOGLE)
3 172.217.18.99 15169 (GOOGLE)
1 142.250.185.228 15169 (GOOGLE)
106 17
16    104.21.95.194 (None, )

ASN13335 (CLOUDFLARENET, US)
winning-wizard.com
8    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
3    104.22.71.197 (None, )

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
11    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
10    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    104.20.66.115 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
1    149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net
s4.histats.com
7    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
googleads.g.doubleclick.net
7    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
cdn.ampproject.org
19    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
tpc.googlesyndication.com
13    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
fundingchoicesmessages.google.com
3    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net
www.gstatic.com
1    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
511 KB
20 wp.com
c0.wp.com — Cisco Umbrella Rank: 11205
i0.wp.com — Cisco Umbrella Rank: 4903
stats.wp.com — Cisco Umbrella Rank: 3674
pixel.wp.com — Cisco Umbrella Rank: 3385
219 KB
16 winning-wizard.com
winning-wizard.com
52 KB
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724
www.google.com — Cisco Umbrella Rank: 5
74 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 328
128 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
75 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
63 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 5328
28 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 9091
s4.histats.com — Cisco Umbrella Rank: 9069
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
106 10
Domain Requested by
19 tpc.googlesyndication.com googleads.g.doubleclick.net
cdn.ampproject.org
winning-wizard.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
16 winning-wizard.com winning-wizard.com
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 pagead2.googlesyndication.com winning-wizard.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 i0.wp.com winning-wizard.com
8 c0.wp.com winning-wizard.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
winning-wizard.com
3 www.gstatic.com winning-wizard.com
googleads.g.doubleclick.net
3 static.addtoany.com winning-wizard.com
static.addtoany.com
2 fonts.googleapis.com winning-wizard.com
1 www.google.com tpc.googlesyndication.com
1 pixel.wp.com winning-wizard.com
1 s4.histats.com s10.histats.com
1 fonts.gstatic.com fonts.googleapis.com
1 s10.histats.com winning-wizard.com
1 stats.wp.com winning-wizard.com
106 17

This site contains links to these domains. Also see Links.

Domain
bit.ly
Subject Issuer Validity Valid
winning-wizard.com
GTS CA 1P5		 2024-03-05 -
2024-06-03		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
static.addtoany.com
E1		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
histats.com
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://winning-wizard.com/
Frame ID: 5A06C720416DB02E56D10CD4048CB4FB
Requests: 64 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: F8324194969AE5FA75A88AE6B9D52FFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&adk=1812271804&adf=3025194257&lmt=1711080698&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l&format=0x0&url=https%3A%2F%2Fwinning-wizard.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887217&bpp=6&bdt=1198&idt=650&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8190045893287&frm=20&pv=2&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=676
Frame ID: B697F7BBACEF2B9F403DA76E029124CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Frame ID: BD827E9086C1DF66C40766A4A13B820F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=249660825&adf=1952578352&pi=t.ma~as.4098919653&w=625&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=625x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887225&bpp=1&bdt=1206&idt=693&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x280&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=696
Frame ID: 8D5BB86991855E52C7DA58A83BE2762F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=600&slotname=4098919653&adk=137014501&adf=592498440&pi=t.ma~as.4098919653&w=285&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=285x600&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887225&bpp=1&bdt=1207&idt=721&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x280%2C625x280&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=724
Frame ID: 17FF0AF307ED4113E21E2A39A84A7B46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=54630664&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887226&bpp=1&bdt=1207&idt=735&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x280%2C625x280%2C285x600&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=3556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=738
Frame ID: DD31463D1183AB7C071AE84C1C255647
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Frame ID: FF9D237D24888BCFE5B2AF7D88C368E0
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: C4513D56F964CC6B2336B038E6D9AF37
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EBB75D6D2A4D285C006387ABD28D7D3A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js
Frame ID: C977A5A20E16D1C414B195ECFF4CF4C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60EDD3C940FC2C8F11CEA28A9F301427
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6254A64A9D0B7CFC9D78FC77731C5316
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Winning Wizard - Info Bisnis dan Teknologi

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

106
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

17
Subdomains

17
IPs

3
Countries

1158 kB
Transfer

3149 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winning-wizard.com/ 		101 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877813293509d163156f5c3e11a2fe3dadee23d8afbcd8e5bea1d9de9529cdda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86954925f8264c76-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 24 Mar 2024 08:28:05 GMT
last-modified
Fri, 22 Mar 2024 04:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMrDmDz%2FNIvoEU7oTAl4bxlcPeWY0xxK%2FXoux%2Fe%2Bezk6LFhoegHsNOF8e0KBeqOEyG3uoxmcomwTefhXNN2bWT4tQ1HTLmg%2BodMGEAkBvb2MJmh6ziDyAZlOu5lKOOPCD9gipdg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.min.css
c0.wp.com/c/6.4.3/wp-includes/css/dist/block-library/ 		108 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.3/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 24 Jan 2024 19:02:28 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
wp-mediaelement.min.css
c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
jquery-ui.css
winning-wizard.com/wp-content/plugins/faq-schema-for-pages-and-posts//css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/faq-schema-for-pages-and-posts//css/jquery-ui.css?ver=2.0.0
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8f82c45b478f1a5b6945e093836b3f52dd160470090a30e4baa0173d8cb2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Mar 2023 12:29:28 GMT
server
cloudflare
etag
W/"64170028-4995"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9yPNw4Dqbrx1GJlDLxrSvzOmWe6sB0HtneoElDXqtHgG9VPCFwtOLJeZBKVDToLBPz4cxLr6kXS09c9C7%2BzSgIetu1n0AkuYO2x5kNxj1Lr9HB46cEhEMLJacrhOO197U35Fms%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492a0c154c76-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
widget-areas.min.css
winning-wizard.com/wp-content/themes/generatepress/assets/css/components/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.4.0
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 21 Mar 2024 07:17:43 GMT
server
cloudflare
etag
W/"65fbdf17-d1c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wQXaXX0w7utNaKKzxqiGZZVY%2FBhaGtVow%2BL0TVUMQw%2FpPvXjpkZzpK4xR6FJrjVBn1bw0WG67ETEhzrp%2Bj2%2BNc1URNcjs0OMBQ6%2BbYtf%2B13Q8UTzMKrWjK484mn9BeHt%2Bhk1HI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492a0c174c76-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
main.min.css
winning-wizard.com/wp-content/themes/generatepress/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 21 Mar 2024 07:17:43 GMT
server
cloudflare
etag
W/"65fbdf17-4c6c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nFAGF%2FUsXZ74SeDNnRQeB7UgoxfBj2W3Tx2H9OwiaQm3%2BaA%2F9gWVN4MUaOkmyVuSyycMjWO%2BPHtmVhWq2DSLimGTYQlt09w5jV%2BSh1cw2e5aQQsfQhI1toZU454tVFyuXo2Sso%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492a0c184c76-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
style.css
winning-wizard.com/wp-content/themes/gpclassic/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/themes/gpclassic/style.css?ver=1697510907
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b829f09c0e84bf2a97e4871d794d7511d44bccb14fa767033f9859b3cdf8a6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 02:48:27 GMT
server
cloudflare
etag
W/"652df5fb-4dc8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2SzFDku2c1kARDH9uf0zN%2BiwvCvdGIYsqwFI4LDQH909H95sgYUEX7nF5Z2Iomf8n62BKCC27V9rPvW%2F2WN5W4rWlqpsyJRploutMSaJEcFgNDQ5pwzgjb6W51qXRpuvJ1iiOw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492a6c714c76-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&display=auto&ver=3.4.0
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
f890500123c1243d3536321f4d96e78093d92e56117c6874bd798cb386bdc24a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 08:28:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Mar 2024 08:28:06 GMT
addtoany.min.css
winning-wizard.com/wp-content/plugins/add-to-any/ 		2 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 17 Nov 2023 01:49:47 GMT
server
cloudflare
etag
W/"6556c6bb-644"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BoB9TKny1fcOpoND1M7V%2FENoBG2EuRB3m5utQGNVnAw%2FaV8Fr1BY0Zp1%2BMjbZx8MLNbsUoww%2BwWO5b3FYM08qQdn8QDja7gI9R%2BdUWlRN9%2B6l7MSFAtocgun9otP3Rm7YQOtUik%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492a6c734c76-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
f2d83cb0-22aa-4d73-9d0f-4727c06b5bea
https://winning-wizard.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://winning-wizard.com/f2d83cb0-22aa-4d73-9d0f-4727c06b5bea
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
he-IL,he;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
featured-images.min.css
winning-wizard.com/wp-content/plugins/gp-premium/blog/functions/css/ 		3 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.1.2
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 02:38:07 GMT
server
cloudflare
etag
W/"652df38f-d37"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQY5GuHKC%2BeFyPoZps%2BsID9E1apGfCbpJ04U1uleDu%2BQXhdWoZJxLI0IqvGE7KwCxp856xbxiIji1VTvriG388ik9rwVbkLfxiHBUttz3c7UNaYCSXhePzlA6uQkeBm4Gh8NRc0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492accd24c76-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
offside.min.css
winning-wizard.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e0a0cbd95b4ea35efc98fbff81df090292953d6da6e3f89c609993a672849c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 02:38:07 GMT
server
cloudflare
etag
W/"652df38f-1730"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RQk4N2UlqkxRzGLcfwt8Q0EeAfshd%2F%2B7OXhkPpmRotab7hholQpQcw75FnKyq%2FI8YOkouFaD5siuZosMr4kM5bxMCF6wOJJhYm83WClNSr4KnYKKv0avZ0n0Q7OXjR9H98TFxI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492accd44c76-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
jetpack.css
c0.wp.com/p/jetpack/13.2.1/css/ 		105 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/13.2.1/css/jetpack.css
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d12394014afcdb75f7a413f63e39deea025e753b30f52e60b82bc0b9ad59f020
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Mon, 04 Mar 2024 16:06:41 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12096
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"257f9651f9cfd949f6dde30f51352116"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iHvfBudMtC%2BwLmr%2Bp9WKJonZJxuOM7dgZIPfhmuY894p8ArMQ1jKrDf3iE6IcgBXyItYTIdzy3HmOa0xaigDEjd4Rz4ltdNYxWCR3jJPeEn45rE6SZTjvAc4EzYilwlrLC6V%2BTt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
8695492fea065246-MXP
jquery.min.js
c0.wp.com/c/6.4.3/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.3/wp-includes/js/jquery/jquery.min.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
jquery-migrate.min.js
c0.wp.com/c/6.4.3/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.3/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
addtoany.min.js
winning-wizard.com/wp-content/plugins/add-to-any/ 		129 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 17 Nov 2023 01:49:47 GMT
server
cloudflare
etag
W/"6556c6bb-81"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EIb7zkHh25a6EvUSShEONTAFOmoINpj6VpVcwLM1p6KO5OMPbWZGX5YjZ60K7b6sOv9b1EkX7ObBvCy5aVlO7CM2r%2FCGBli8NRZSs%2BUKNXctpK5%2BWuOSuwBEY281wrSpvazCaew%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=31536000
cf-ray
8695492e6c5e523c-MXP
expires
Mon, 24 Mar 2025 08:28:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6695465547643521
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
410ce1fbd3499584ee9df520e8bd9d9f202e4063c933f9a1a82d065f4291c6a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Origin
https://winning-wizard.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51724
x-xss-protection
0
server
cafe
etag
18317651733190810648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 24 Mar 2024 08:28:07 GMT
ww-removebg-preview.png
i0.wp.com/winning-wizard.com/wp-content/uploads/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2023/10/ww-removebg-preview.png?fit=501%2C88&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
0ce65499ae484159bdce018ce17657672852407efe4a6f7a68fefd43fc34d755
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
17256
x-nc
MISS mxp 7
last-modified
Mon, 26 Feb 2024 08:19:21 GMT
server
nginx
etag
"4181bd0fe96c0ada"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2023/10/ww-removebg-preview.png>; rel="canonical"
expires
Wed, 25 Feb 2026 20:19:21 GMT
BANK-Mandiri-2.jpg
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/03/BANK-Mandiri-2.jpg?fit=537%2C302&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
d6569979df77a310df9bd1f1f96ee44e979730096092794a4f68c18e0aecf606
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
15386
x-nc
MISS mxp 5
last-modified
Sat, 16 Mar 2024 14:21:55 GMT
server
nginx
etag
"b08e47f745bc529f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/03/BANK-Mandiri-2.jpg>; rel="canonical"
expires
Tue, 17 Mar 2026 02:21:55 GMT
BANK-Mandiri.jpg
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/03/BANK-Mandiri.jpg?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3311b9e167fd405ed03f8c98522588f0e8a1bed16b7b891e3574be84fa11ad26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3832
x-nc
MISS mxp 6
last-modified
Sat, 16 Mar 2024 16:34:50 GMT
server
nginx
etag
"28789094e5a11926"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/03/BANK-Mandiri.jpg>; rel="canonical"
expires
Tue, 17 Mar 2026 04:34:50 GMT
offside.min.js
winning-wizard.com/wp-content/plugins/gp-premium/menu-plus/functions/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 02:38:07 GMT
server
cloudflare
etag
W/"652df38f-1631"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctOBBhCU7mrCeLJ5WMJ2GfWrU%2BOD%2Bo2FuzYWdAkPyMDIPpJzl3ZgS5gRO%2Ff6mypkJape8AerhYjMnY13OOWDFYbZfACGabQ66dt3jddjnyfx73%2BujdTHbTF3XYnefsLT7FhqlCU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492d2ae7523c-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
image-cdn.js
winning-wizard.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 		701 B
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 23 Mar 2024 13:40:17 GMT
server
cloudflare
etag
W/"65fedbc1-2bd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j38AU4dG%2BwKKql3Xr%2BZmA3nITTpfBSEplnMb7bbVMgKCJFfwPCzhtuVPB4M172Wx563y1P%2FByTaVkBJGtOIFUp%2BJFeVSoTfmTX23CvDzAD0KVJjjOHZ35qv9w34zOhD6H3i%2ByqM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492d5b16523c-MXP
expires
Mon, 24 Mar 2025 08:28:20 GMT
core.min.js
c0.wp.com/c/6.4.3/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.3/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Thu, 02 Feb 2023 16:36:32 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
accordion.min.js
c0.wp.com/c/6.4.3/wp-includes/js/jquery/ui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.3/wp-includes/js/jquery/ui/accordion.min.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 1
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Thu, 02 Feb 2023 16:36:32 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 24 Mar 2025 08:28:06 GMT
frontend.js
winning-wizard.com/wp-content/plugins/faq-schema-for-pages-and-posts//js/ 		188 B
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/faq-schema-for-pages-and-posts//js/frontend.js?ver=2.0.0
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59b310ca0567c17489b7a3d7affa46e41c22971abd4f007e51384c4838c0d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Mar 2023 12:29:28 GMT
server
cloudflare
etag
W/"64170028-bc"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LACu8D%2FQJVG2qvV8qOOuU8PoXZr%2FQxHY2l32YzbFSOkrtnyjN%2FHCsdW6ztmRMoYygmoIAOECEZPlBsotEqoiSxmm%2FwQaKt10Yo0zn7vm45YKS5WloPU9HNJNS69rDH57EEuZS7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=31536000
cf-ray
8695492e6c58523c-MXP
expires
Mon, 24 Mar 2025 08:28:21 GMT
smooth-scroll.min.js
winning-wizard.com/wp-content/plugins/gp-premium/general/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.1.2
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 02:38:07 GMT
server
cloudflare
etag
W/"652df38f-1ae5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LB0EmbKa5%2BBqg42F30si%2FTXWm3HxWaSwjkQsEVcTVFbEOugvetpfCuHGyHSYi9CBBy8ZeVZ%2BG1%2B7mQ1DeRXSyES34fPbiLBEPPIIcyRYlGyx4c3e5hgFCXXQ%2Fvfddi0l6cB8NgU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492e6c59523c-MXP
expires
Mon, 24 Mar 2025 08:28:21 GMT
menu.min.js
winning-wizard.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 21 Mar 2024 07:17:43 GMT
server
cloudflare
etag
W/"65fbdf17-1b2d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNFt%2BKCj6uUehpi0luN1OL5V2y101vUy4CZkM22Sqmmk11oeiLOfjDR5xNDMvFQC1Q0t8PXCon%2BYcgdz0w3u2MFV4BqtWFO4ULB0sG08j0qhvedJdWPsTvLan0rYgi7Z0q4%2BSfc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492e6c5a523c-MXP
expires
Mon, 24 Mar 2025 08:28:21 GMT
modal.js
winning-wizard.com/wp-content/themes/generatepress/assets/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-content/themes/generatepress/assets/dist/modal.js?ver=3.4.0
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 21 Mar 2024 07:17:43 GMT
server
cloudflare
etag
W/"65fbdf17-d65"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6FWfqXFcFUSGUCeKYa7gvQX4LJdcFa81FyaPEOw3Z5HrxOZbz1LfZvKZcSsfAIexk20jwYLDHlvpj73pZ3SuI034esBp85NjTy7lcqEXB9nTYIt8EUwH%2BG1%2Fud3CbDIyQuuDF4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8695492e6c5b523c-MXP
expires
Mon, 24 Mar 2025 08:28:21 GMT
e-202412.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202412.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT mxp
date
Sun, 24 Mar 2024 08:28:06 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402358485.9985
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 16 Mar 2025 12:49:08 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.66.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
44042
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8695492fef445242-MXP
content-length
4547
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&display=auto&ver=3.4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winning-wizard.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:48:41 GMT
x-content-type-options
nosniff
age
434366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:48:41 GMT
winning-wizard.jpg
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/02/winning-wizard.jpg?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3f9af4dfd8df6acd0137a1fefdda083329feccdc7986c34d684c515aca9f4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3730
x-nc
MISS mxp 3
last-modified
Thu, 07 Mar 2024 20:17:21 GMT
server
nginx
etag
"3b7326ca52efd4f0"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/02/winning-wizard.jpg>; rel="canonical"
expires
Sun, 08 Mar 2026 08:17:21 GMT
winning-wizard-3-3.png
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-3-3.png?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
96e06d9d34a266b479099ae1ef63c0022ff8d67b8ae51ed3a463def0a377667c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
18510
x-nc
MISS mxp 8
last-modified
Mon, 26 Feb 2024 08:19:21 GMT
server
nginx
etag
"728e25695faea221"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-3-3.png>; rel="canonical"
expires
Wed, 25 Feb 2026 20:19:21 GMT
winning-wizard-3-1.jpg
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-3-1.jpg?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c8fc77527ed1d063b4c6492903ed111680abb3fea686691a2ec91728a7b9a57c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3528
x-nc
MISS mxp 7
last-modified
Mon, 26 Feb 2024 08:19:22 GMT
server
nginx
etag
"0efcebdc859a6f4e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-3-1.jpg>; rel="canonical"
expires
Wed, 25 Feb 2026 20:19:22 GMT
winning-wizard-2.jpg
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-2.jpg?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
f8fdf2b0568a4da92fb616c9d8d6196ff583c9077b348eb0958326767ecaca23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3852
x-nc
MISS mxp 1
last-modified
Mon, 26 Feb 2024 08:19:22 GMT
server
nginx
etag
"e2bfd61d994f45cf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-2.jpg>; rel="canonical"
expires
Wed, 25 Feb 2026 20:19:22 GMT
winning-wizard-2-5.png
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-2-5.png?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
161f4105fcf9ea1a56ec72333e519bce25ccd8806d9fa331c8b21fe5340148ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
20498
x-nc
MISS mxp 6
last-modified
Mon, 26 Feb 2024 08:19:22 GMT
server
nginx
etag
"e3d808cb5e08efdc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-2-5.png>; rel="canonical"
expires
Wed, 25 Feb 2026 20:19:22 GMT
winning-wizard-1-5.png
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-1-5.png?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9f4bb92185a3839d4759bc8b734ab6a6bbdd0118cc7d955b0985a1ff674b8ea1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
20082
x-nc
MISS mxp 7
last-modified
Mon, 26 Feb 2024 08:19:22 GMT
server
nginx
etag
"8f92bda07fdbfdce"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-1-5.png>; rel="canonical"
expires
Wed, 25 Feb 2026 20:19:22 GMT
winning-wizard-17.png
i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-17.png?resize=200%2C135&ssl=1
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
dce91532a920914844f6716eeb4755b21ee8bf5af580e7622ae087691453a1ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
22738
x-nc
MISS mxp 6
last-modified
Mon, 26 Feb 2024 08:19:23 GMT
server
nginx
etag
"9138c0c885aa2c9b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://winning-wizard.com/wp-content/uploads/2024/01/winning-wizard-17.png>; rel="canonical"
expires
Wed, 25 Feb 2026 20:19:23 GMT
sm.25.html
static.addtoany.com/menu/ Frame F832 		716 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

access-control-allow-origin
*
age
11044
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
86954930bad55246-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 08:28:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wU20Yb%2BBplEo29l%2FK9Yoydeb3jaQuEI%2BkziT5qdWQtbULCRYDAxKu45kOg%2Ff5gJcaoL4rmQXysTn4pZ4ctgn8hOC1IszljeGQQgGiys8jBnZjpmiSlu2fhGOerQLd5Z0crPLZ0P"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.Ep5bSEmr.js
static.addtoany.com/menu/modules/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winning-wizard.com/
Origin
https://winning-wizard.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a995aaed2cd978eb5749462d1dc3635e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6%2BjT9JGmY85dO%2BQnPcKGn5gX9diLWh0ObMe7m6QfBSYAVcbE4F4xjRQfCA4CeOObNDgbUUDCncvYOzj2IG8nHxlJWa%2F3UIF47fbFAQ%2Bc1BxKWSPbkFpnOlu4Qhw7e2fjfqzNKp6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
86954930fc8fe3d7-TLV
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4806435&@f16&@g1&@h1&@i1&@j1711268887103&@k0&@l1&@mWinning%20Wizard%20-%20Info%20Bisnis%20dan%20Teknologi&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:31700167&@b3:1711268887&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwinning-wizard.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534110.ip-149-56-240.net
Software
/
Resource Hash
7604abbee0b2c399a86f5872b2b71f0856e9a0e0e81efc1306c7debc39ce6be0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 08:28:05 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6695465547643521
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4904d3eabdbe9d6b4ea31c312b3923adaf547cd04ff7c2909be3988e9cf9554f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141407
x-xss-protection
0
server
cafe
etag
14272906344306581395
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 08:28:07 GMT
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=208278298&post=0&tz=7&srv=winning-wizard.com&j=1%3A13.2.1&host=winning-wizard.com&ref=&fcp=1644&rand=0.11708742180971687
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Mar 2024 08:28:07 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
winning-wizard.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winning-wizard.com/wp-includes/js/wp-emoji-release.min.js?ver=2ba627982d816f3f326c8a14fa221b5f
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 30 Mar 2023 01:59:12 GMT
server
cloudflare
etag
W/"6424ecf0-4904"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mx5xLz5IisA5QTCfcTdsrlkHcZuQYXiGoNUXD81NWdWlaqXuoDlRMWmsxdihyPrOXNiA2IH5v%2Be%2FNjzoeks2p01Ux%2FggfT3d3ltD212JgtQD7aQEiYUjZ6baHyjQXzIpf7LRDto%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
86954932386c523c-MXP
expires
Mon, 24 Mar 2025 08:28:21 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B697 		208 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&adk=1812271804&adf=3025194257&lmt=1711080698&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l&format=0x0&url=https%3A%2F%2Fwinning-wizard.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887217&bpp=6&bdt=1198&idt=650&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8190045893287&frm=20&pv=2&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=676
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
4912e7a5dd03064f2d2a43f328172970f8b02ca3c8572b93caef9e1f1edc7d88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56036
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 08:28:08 GMT
expires
Sun, 24 Mar 2024 08:28:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BD82 		70 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
facb6d32ed5b88bb9c55a724b5e51a6ca38be533d099a749983d9d63381079ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13832
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 08:28:08 GMT
expires
Sun, 24 Mar 2024 08:28:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8D5B 		868 B
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=249660825&adf=1952578352&pi=t.ma~as.4098919653&w=625&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=625x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887225&bpp=1&bdt=1206&idt=693&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x280&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=696
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
5708f90690265469a6ca1196dd580b3ff658a00abd6fad8c4d384afd02f268ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
409
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 08:28:08 GMT
expires
Sun, 24 Mar 2024 08:28:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 17FF 		868 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=600&slotname=4098919653&adk=137014501&adf=592498440&pi=t.ma~as.4098919653&w=285&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=285x600&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887225&bpp=1&bdt=1207&idt=721&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x280%2C625x280&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=724
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
eb4d128afd2769ddf4e5822e1e4a6b1016a89e627237d9aebce1e22d7111d5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 08:28:08 GMT
expires
Sun, 24 Mar 2024 08:28:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DD31 		868 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=54630664&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887226&bpp=1&bdt=1207&idt=735&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C950x280%2C625x280%2C285x600&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=3556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=738
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ee8cdc6b3059dd54193a7faf73c44ee91b1f25a2c2e3280e95830e5cdaf4d255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
413
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 08:28:08 GMT
expires
Sun, 24 Mar 2024 08:28:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402262017000/ Frame FF9D 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 07:49:16 GMT
age
434333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56141
x-xss-protection
0
server
sffe
etag
"28cb2d39d2a36ad8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Mar 2025 07:49:16 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame FF9D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 18:11:24 GMT
age
483405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5220
x-xss-protection
0
server
sffe
etag
"49cab81f34612748"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 18 Mar 2025 18:11:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame FF9D 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 07:53:37 GMT
age
434072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29016
x-xss-protection
0
server
sffe
etag
"d87e4eaec13170fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Mar 2025 07:53:37 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame FF9D 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
f3636b46d1a150bad69440ea8cde6eacd4ca1bfcd43dd1b5a194c801f1218c9e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 07:51:34 GMT
age
434195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16659
x-xss-protection
0
server
sffe
etag
"333974c171bd9503"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Mar 2025 07:51:34 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame FF9D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 18:11:24 GMT
age
483405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"92d49a70059f031a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 18 Mar 2025 18:11:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402262017000/v0/ Frame FF9D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 18:11:24 GMT
age
483405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12941
x-xss-protection
0
server
sffe
etag
"abc788b0a91a2b6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 18 Mar 2025 18:11:24 GMT
truncated
/ Frame FF9D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43dd2bc08aad607589b5b66e9222ec11ebd495d2e67a10c16001caf91388b679

Request headers

accept-language
he-IL,he;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF9D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 19:05:30 GMT
x-content-type-options
nosniff
server
cafe
age
48159
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Sun, 24 Mar 2024 19:05:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF9D 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 19:01:23 GMT
x-content-type-options
nosniff
server
cafe
age
48406
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 24 Mar 2024 19:01:23 GMT
I0_txt.png.png
tpc.googlesyndication.com/sadbundle/17501626684574057268/images/ Frame FF9D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17501626684574057268/images/I0_txt.png.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
bf65d372a7cd3881ca6d5ba74ba8509dbcbc8f4f2c06a6f748db8daffc24eba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 19 Mar 2025 06:58:04 GMT
date
Tue, 19 Mar 2024 06:58:04 GMT
x-content-type-options
nosniff
age
437405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1667
x-xss-protection
0
last-modified
Mon, 09 May 2022 07:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
I1_logo.png.png
tpc.googlesyndication.com/sadbundle/17501626684574057268/images/ Frame FF9D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17501626684574057268/images/I1_logo.png.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
ad3ab3409be01b10313c9528362e91ea50cbd3d143c614a4cf845836e94c9b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 19 Mar 2025 08:06:17 GMT
date
Tue, 19 Mar 2024 08:06:17 GMT
x-content-type-options
nosniff
age
433312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4404
x-xss-protection
0
last-modified
Mon, 09 May 2022 07:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
I2_guarentee.png.png
tpc.googlesyndication.com/sadbundle/17501626684574057268/images/ Frame FF9D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17501626684574057268/images/I2_guarentee.png.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
e59d50067b6906fc1629722c9b9d5b535fa2e57448985cdde3543cf002cce8ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 19 Mar 2025 09:38:11 GMT
date
Tue, 19 Mar 2024 09:38:11 GMT
x-content-type-options
nosniff
age
427798
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Mon, 09 May 2022 07:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
I3_btn.png.png
tpc.googlesyndication.com/sadbundle/17501626684574057268/images/ Frame FF9D 		307 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17501626684574057268/images/I3_btn.png.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
f08b46784cf307786adb2a403bbf379bc334934c497d97ceae458ab938802860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 19 Mar 2025 08:06:17 GMT
date
Tue, 19 Mar 2024 08:06:17 GMT
x-content-type-options
nosniff
age
433312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
x-xss-protection
0
last-modified
Mon, 09 May 2022 07:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
I4_pic.png.png
tpc.googlesyndication.com/sadbundle/17501626684574057268/images/ Frame FF9D 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17501626684574057268/images/I4_pic.png.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
cb1ce821271704ef4e4bb398327a4b2366021639dd361915eaf60e21bc26502f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 18 Mar 2025 15:08:46 GMT
date
Mon, 18 Mar 2024 15:08:46 GMT
x-content-type-options
nosniff
age
494363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67878
x-xss-protection
0
last-modified
Mon, 09 May 2022 07:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
I5_bg.jpg.jpg
tpc.googlesyndication.com/sadbundle/17501626684574057268/images/ Frame FF9D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17501626684574057268/images/I5_bg.jpg.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
2b8d77b8dfed720ae5dd25acc2f30eae30bb157cadf700a215a3b88e6788f031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 18 Mar 2025 22:05:50 GMT
date
Mon, 18 Mar 2024 22:05:50 GMT
x-content-type-options
nosniff
age
469339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3963
x-xss-protection
0
last-modified
Mon, 09 May 2022 07:59:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a320e9c0399f7671218b17f3bb971b55551842b3e3f7af8dca6da904ef0be4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57637
x-xss-protection
0
server
cafe
etag
2010416837652647794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 08:28:09 GMT
ca-pub-6695465547643521
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6695465547643521?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e1ffc3f3ee4e73e590fb139204266124d9cc7450a4bdb8f1d9a244f134795855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sQBKWUFW3AKKjlHejk54Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sQBKWUFW3AKKjlHejk54Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDMfPE__VsAg-2dM1iBADaKDFL"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012402262017000/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402262017000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
ff8695c092f55061ab8aedc6ee29bdc4540ac71921aadb6826aeb07e0b2a588c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Mar 2024 18:11:47 GMT
age
483382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7819
x-xss-protection
0
server
sffe
etag
"3393388e74a178e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 18 Mar 2025 18:11:47 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF9D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 19:05:30 GMT
x-content-type-options
nosniff
server
cafe
age
48159
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Sun, 24 Mar 2024 19:05:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FF9D 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 19:01:23 GMT
x-content-type-options
nosniff
server
cafe
age
48406
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 24 Mar 2024 19:01:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FF9D 		0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLAbHGOT_Za3gDbOK-cAP8pGBmAzLoMimdquR1uGcEtvZHhABINzt4JcBYPm69IOcEKAB3cbN0wPIAQmpApT88WEAdZI-qAMByAMIqgSQAk_QDFDkiwAxwIlkJSvAOe78RU3IpKHE55kAtFOFq0SanXCXOxv0iCud1DA1tNwv9YMMmPMFQsABYx6ndd_WuiZIfSvOOXvtYrv7XNDjmkGLRqg8AEAgs1V25Xvm0d-6ADWvAyhouOYAFQFNfO-3iKbEfL2WVCBwduTqA9IX-npZMLDE0z1-_IKIARfIFS5h3zwth3DrFDPHwqHJEPk_N3_Hhd7M4t6j5yIDx3glFkij9k31iFCOgYCgn70Qrivq_j6nT3JLpYrFKhc0Gx2U6TIjbtzx48wkjc9c6_NeXagpTYTfh1ynrFugG9j9q2HNRJFCMJvvkHhZUmXLrCrcvrykwIiFAF9PcIEPWWSiGdiVwATh-t3VzASIBfOBq4hAkgUECAQYAZIFBAgFGASgBi6AB4u5siyoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBCH3QPSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYwKHJsb2MhQOaCRtodHRwczovL3d3dy5kYXRlNGRvcy5jby5pbC-ACgHICwHaDBAKChDQqeOD3vvrikASAgED2BMN0BUBmBYBgBcBshccChoIABIUcHViLTY2OTU0NjU1NDc2NDM1MjEYALIYBRguIgEA6BgB&sigh=fswmxf-68SI&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgB7FLtq7yVFcsOL083wgI9Oc-JR0uCaxLZYuRqFREkerUY6ariy_UU1x3G6kyDcGtzjeLs6K_X4lGEnlvLMHzwnZ-TSze8SiOvSPRstwhgB&template_id=419&cbvp=2
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6695465547643521&output=html&h=280&slotname=4098919653&adk=1353564021&adf=854766408&pi=t.ma~as.4098919653&w=950&fwrn=4&fwrnh=100&lmt=1711080698&rafmt=1&format=950x280&url=https%3A%2F%2Fwinning-wizard.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711268887223&bpp=2&bdt=1204&idt=679&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8190045893287&frm=20&pv=1&ga_vid=344558358.1711268888&ga_sid=1711268888&ga_hid=790951580&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082032%2C31082034%2C95325975%2C95326315%2C95322195%2C95326919&oid=2&pvsid=1820927322371025&tmod=1085709470&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=685
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Mar 2024 08:28:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Mar 2024 08:28:09 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame C451 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

age
48428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 19:01:01 GMT
etag
5035419970550746386
expires
Sat, 06 Apr 2024 19:01:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWFZyli1m_bbQrgdzm0oe4i1KMDOwhv5gcH0w6Hd7i5ml0nBStLWfVnaAh8ne6Ay1IyoYctWJmMxqWUUlzVL__kEsvcOEmnS6l-X1HUVMweVJmPUN6wyE_cIxI7orNuPdasRE_vKA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWFZyli1m_bbQrgdzm0oe4i1KMDOwhv5gcH0w6Hd7i5ml0nBStLWfVnaAh8ne6Ay1IyoYctWJmMxqWUUlzVL__kEsvcOEmnS6l-X1HUVMweVJmPUN6wyE_cIxI7orNuPdasRE_vKA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjY4ODg5LDU1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93aW5uaW5nLXdpemFyZC5jb20vIixudWxsLFtbOCwiQlhYd0tNQUNvZmciXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
bef72ef6b13374599576223f95f4128e9d0d041687f792682227eed59451a93c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dusOJbQEnrUfRHsTH0T9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dusOJbQEnrUfRHsTH0T9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDMfPE__VsAh-ONqxnAgDZ5TF2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame EBB7 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Mar 2024 08:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 06:41:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Mar 2024 08:28:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame EBB7 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 22:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
36274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 22:23:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame EBB7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 22:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
36274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 22:23:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame EBB7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 22:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
36274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 22:23:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame EBB7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 22:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
36274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 22:23:35 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EBB7 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 07:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 08:53:00 GMT
6cb69919cbc522bfc1e6ced177eee5f6.js
www.gstatic.com/mysidia/ Frame EBB7 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6cb69919cbc522bfc1e6ced177eee5f6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
5bd3d0de974ed0967bf98e6fa7dad0f2cbdb56e1e9c92678ca26d00f6dcafc93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 21:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15248
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 20:51:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 21:02:12 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame C451 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
30319
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6452
x-xss-protection
0
server
cafe
etag
12428443125520643955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 00:02:50 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C451 		205 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:58:34 GMT
x-content-type-options
nosniff
age
433775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 19 Mar 2025 07:58:34 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C451 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 20:17:01 GMT
x-content-type-options
nosniff
age
475868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 18 Mar 2025 20:17:01 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame C451 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
30319
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9112
x-xss-protection
0
server
cafe
etag
499061885667062015
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Apr 2024 00:02:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
14b4f967a4c8a4a99f27979b6117a2b4fdab68887a1673d2830a007b1ab66fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12206
x-xss-protection
0
e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js
pagead2.googlesyndication.com/bg/ Frame C977 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e64RHnFQNIx84XxHRhxg9DwZA7LLjKxb4Db67P0QgzI.js
Requested by
Host: winning-wizard.com
URL: https://winning-wizard.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7bae111e7150348c7ce17c47461c60f43c1903b2cb8cac5be036faecfd108332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 08:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
433234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20325
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 08:07:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Mar 2024 08:28:10 GMT
ad
fundingchoicesmessages.google.com/f/AGSKWxXWa-_4JaU7B6dX2Ub55M6Q8_VZ-o9TxiIOGi0EgIa2gvNpTeK0oeM63t4u1cY9Vm0nVGHr8bIzWfgtVlMdTto6wZ-EUynAq0bPTsR0j2AfrBSuNX9fAXfxxkIkgLSs0eYGUlxtdcw1HCvKBqWKySkIUUr25... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXWa-_4JaU7B6dX2Ub55M6Q8_VZ-o9TxiIOGi0EgIa2gvNpTeK0oeM63t4u1cY9Vm0nVGHr8bIzWfgtVlMdTto6wZ-EUynAq0bPTsR0j2AfrBSuNX9fAXfxxkIkgLSs0eYGUlxtdcw1HCvKBqWKySkIUUr25Y0ouzq4EeoNv9wjh9NWMS4wkEdC93Kk/_/get/ad?.com/a?network_160x400..com/adx_/inline_ad_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxiM_XZs7KZzHvYlWBT8KDahYEZ1Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
c74a69166244e52e681f82bc743b4fb1a57627b39e5d0e55beefd47f649ec1b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f7hP7FlrW8_VgvYq4OYlyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-f7hP7FlrW8_VgvYq4OYlyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw05BiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaOry-ZJIBYDYj51k1nVQFizfXTWQOBOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAfHLBedaLQCzEwzHrxP_1bAI7-vffYAQALFU2hQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxiM_XZs7KZzHvYlWBT8KDahYEZ1Q/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 07:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
2823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24450
x-xss-protection
0
server
cafe
etag
12071440461849196005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Mar 2024 08:41:07 GMT
AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P3cT4XIlEnOQb6vA4NhAbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P3cT4XIlEnOQb6vA4NhAbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBiqGV4xtQKxE7pM1hDgFiIh2PWif_r2QQ-bNhznAkAydMM3w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://winning-wizard.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FF9D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnYt5lqWm5-0KgMcSzd2qw6ls-xni0mupDBVAg0-9Ow4JukECuAMLR68A0iiej0ybbNRSrK2iU2aRrEhcmlKPvjwace-R7Xn90GietjpwgN-CMYCBxTScyXKOwbBSmH0mlI9KkbL3skqmSBsTjUgUbDYUftD4QUCY&sai=AMfl-YTCg5klbFps-7I5o80MdQKjB6eJuRzUTmRsF4X0vMA0f5XTA2V00EHeVlMBA3kW2Q8StjPi5QtzXrFbnLGBXtCAI8G5ryN-9djwh8-pL5KHysLJ162z0uUhFA_R9RjodRtyLMyZ2esoigITBV4B&sig=Cg0ArKJSzFb4brk7afaXEAE&cid=CAQSTgB7FLtq7yVFcsOL083wgI9Oc-JR0uCaxLZYuRqFREkerUY6ariy_UU1x3G6kyDcGtzjeLs6K_X4lGEnlvLMHzwnZ-TSze8SiOvSPRstwhgB&id=ampim&o=325,107&d=950,245&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=746&tls=1746&g=100&h=100&tt=1748&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 08:28:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GIUXAzqsr63KkRZfTXuQ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GIUXAzqsr63KkRZfTXuQ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIh2PWif_r2QRW_PxzggkAyesNHg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://winning-wizard.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1HfnCrMB4s2PdQg-U9or8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-1HfnCrMB4s2PdQg-U9or8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh2PWif_r2QRWrJh7nAkAyHYMdA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://winning-wizard.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ijqppsvz6sw347gx8eNEeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ijqppsvz6sw347gx8eNEeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1hDgFiIh2PWif_r2QQeLLhyjAkAyHkMzg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://winning-wizard.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUhYWrsuSE-g33lxvee3H2qFGbBCh-_sJ-fwWI5BQpA5vv0jaLzxEYaVU4HB0euuGqYgKXnwKOK4aDvjb3uN7Uwi8dEtqzRhs4BM5tzZxzU0Qc516Djmg_8HJL-Z7171tW-lWfDgQ==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUhYWrsuSE-g33lxvee3H2qFGbBCh-_sJ-fwWI5BQpA5vv0jaLzxEYaVU4HB0euuGqYgKXnwKOK4aDvjb3uN7Uwi8dEtqzRhs4BM5tzZxzU0Qc516Djmg_8HJL-Z7171tW-lWfDgQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjY4ODkwLDU0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd2lubmluZy13aXphcmQuY29tLyIsbnVsbCxbWzgsIkJYWHdLTUFDb2ZnIl0sWzksIml3Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
0f4f7f6c877b5243370d7c2b918dbbf44d5947af07ed1b5111392fcc1e4a48ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-09xoBYoZBC6ZB3pkMF8UtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-09xoBYoZBC6ZB3pkMF8UtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDMevE__VsAidWnV7LBADWezF2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60ED 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

accept-ranges
bytes
age
46404
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 19:34:46 GMT
expires
Sun, 23 Mar 2025 19:34:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6254 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
9b050ff309a4eaf2a6320244770a4183de6e98cfa5c71c1a78ad9a244b17e57f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4godDKTyQ_7CRsfkVwuVJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winning-wizard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4godDKTyQ_7CRsfkVwuVJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 08:28:10 GMT
expires
Sun, 24 Mar 2024 08:28:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a5RWglrVCctTv1gGf_K72w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a5RWglrVCctTv1gGf_K72w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1hDgFiIh2PWif_r2QQa1q_5yAQAyNMMkA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://winning-wizard.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVC3FgcHdeWs_jz0CIcz9_sRhqCGlQ1ok8XFm2z60jAEggRZYCZ8YTpJc8tanSo_-xseAjW7wyuEiIVLwcgRAbqdsFINY1gywKYDeGzkPW4Wcxp9QnhqiQmFnFvnd0RFwZjzZDa6w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVC3FgcHdeWs_jz0CIcz9_sRhqCGlQ1ok8XFm2z60jAEggRZYCZ8YTpJc8tanSo_-xseAjW7wyuEiIVLwcgRAbqdsFINY1gywKYDeGzkPW4Wcxp9QnhqiQmFnFvnd0RFwZjzZDa6w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjY4ODkwLDcwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd2lubmluZy13aXphcmQuY29tLyIsbnVsbCxbWzgsIkJYWHdLTUFDb2ZnIl0sWzksIml3Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
dca03426724b9af9e1b16afa556b03b4be4ba0552ee4aa03b27dd4058b343a43
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BvylfI1jGFImfVj-H1p2xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BvylfI1jGFImfVj-H1p2xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDMevE__VsAgdWrPvBBADYxDGf"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame 60ED 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 13:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
66910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Mar 2025 13:53:00 GMT
AGSKWxW8ob2IbBErHx-G10S-ziC0ylXEEQpVyy8zCKKj_3QRMCkOcDMG2lIoaS-yatFhzfXQmwyqjgK1TdIKLbr3SslhZntYb0pS9rzrYCQoRGklIYa5IuG1cwKTASfVRQSByoonreJMQA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW8ob2IbBErHx-G10S-ziC0ylXEEQpVyy8zCKKj_3QRMCkOcDMG2lIoaS-yatFhzfXQmwyqjgK1TdIKLbr3SslhZntYb0pS9rzrYCQoRGklIYa5IuG1cwKTASfVRQSByoonreJMQA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjY4ODkwLDg3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93aW5uaW5nLXdpemFyZC5jb20vIixudWxsLFtbOCwiQlhYd0tNQUNvZmciXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
bf90f505dfe885e7a85eee07a9c66601627b66b270b8f34d17043b8f1fe27d9f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0DSdu9aXVBRHUyI1OZ6A2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-0DSdu9aXVBRHUyI1OZ6A2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDMevE__VsAg92fTrCDADe9zHt"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 60ED 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SEmlOQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 08:28:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6254 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240320&jk=1820927322371025&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
AGSKWxXIuHRgSTJuznAF0EOyc42VJVg6sbCLhxMW-qZReXSYSvjqtEmt3PcjEJTtLWW7Sk8EnRrgtSPy1mDlCe3KoBJJ-6RSb8hYuF-0pdGZMbra7Y0DmuXlUWo6s0up44LZIsitkx3wbA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXIuHRgSTJuznAF0EOyc42VJVg6sbCLhxMW-qZReXSYSvjqtEmt3PcjEJTtLWW7Sk8EnRrgtSPy1mDlCe3KoBJJ-6RSb8hYuF-0pdGZMbra7Y0DmuXlUWo6s0up44LZIsitkx3wbA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s8_7HCiSGOP0W5JZrfVLUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Mar 2024 08:28:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s8_7HCiSGOP0W5JZrfVLUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIm2P2if_r2QR2rP-rDgC70AxE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://winning-wizard.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVng1l8FzrdLKTKkmUz0UVMJwhSADhThK9AxHsjPYnORDUwdzTh3kwbbLMhQ6P8ZIDxK5NeV2XdL85oLyLdr_Yd8HV5k7IT9iCMUeMrQtHrhRIa1LOBqgPJh9G3X6Pm1QUBNfBmHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyQklqGWqRF-YV_JA7HSkk1gIh02w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tTXcxlsn37yOSL9k60MWeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winning-wizard.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Mar 2024 08:28:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tTXcxlsn37yOSL9k60MWeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBiqGV4xtQKxE7pM1hDgFiIm2P2if_r2QR2fH-kAQC7zgxt"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://winning-wizard.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=1820927322371025&bg=!kJOlk9zNAAZaswqNerM7ADQBe5WfOJCFMQ_PkkZaJDRC7WMWXioFc1k8OcZw3eJpFK9u9y4MTkdq1Qs9uubu_x-9nI_EAgAAAHxSAAAABWgBB34ANUE0vapsgK1NHlNQdvbUoKkmDbWLYi-2SNK1kfYRYLTk4lvaW1qRtb7Kli5qidLe16DiHOkrmQJ45ms2cunPIe6-Ugrr2Pnj1nJtj2qxkvbVCi-8ZPo320zzkCD7GLLs6dVkrWUf0EU6bzxmuBEEa4dAD1p51QNRIaanDYXTjqY8NFJ0DV_UsMQud0qDjGsPN97ZqKQmKSiF10z-wfN-FGM-tNGrAD59H1IY8LwdkRJ1gM24Myz73xsjA26bmkTCchv7uv9L8DTvTgKMC-4QioUzvjLGGdW0qxE80KEVgidyCGXOP9B_p95_eWGUV6m-x6wf6piyLyR7E_V4duwRbrCICw6JwO8EOSmyQiAjxmJStOis0sBxQy5Qp5y4WvVi0tWyDRXgM5mr_flpi_48XTsb7rP9iPtDzj6wdANoG894fcjfY5zXmLt6xicpHI3BjrjqoEKpFqQGirLJsZrDS_UyUO3ZgOWC1dKZ5owHVLBnXxuwYsgt5-hP_AkZ7-p8Fqj8igig3FzQIkNrQGReEOl81dVlVNcuvUDkLuFc9uDyqRKK1SLjuD-q7RGFXvmFRmn0_FQGZZtahLGh2DWUnxi9h2fvxEX_X_-foo18XCKQgFN0ITmKdcqjB8P99q2VEhockkSbo6bsf-rbIqlRySjTsx6CfK2b8UHsHIvOEhu8fKtY93OSaKaDkntBJrQ0ABpvHcHysVlioTukHm49gm2HrxsoAAf7asKsgRYFTRYxcFsTNMR8bxhLgiI28VOtChkPCx6jt29aqb-4GPshDCPcVoBW31zMUgTz-1IMMklPSvnt5kaEcVmmZC1HArXa_2byDGwZoZ4zJFbKOqALZXr377YG2Z-YUe2eaxwCLZvPXrW9LdaiwSigJXmE6CuBoPoRWthcakG---uzjMzzTbM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://winning-wizard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| _wpemojiSettings object| a2a_config undefined| $ function| jQuery object| _Hasync object| adsbygoogle object| offSide object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction function| offside object| a2a function| a2a_init function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| smooth object| gpscroll function| SmoothScroll object| generatepressMenu function| st_go function| linktracker_init object| wpcom object| _stq object| _HistatsCounterGraphics_0_setValues function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| N2ViNGU3ZDY5MjU2MTI2ZmxvYWRlcl9qcw== string| N2ViNGU3ZDY5MjU2MTI2ZmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag object| GoogleGcLKhOms boolean| bb08aa1e-df65-416a-ba73-1234841e6efe object| _google_rum_ns_ undefined| google_rum_values object| google_image_requests

12 Cookies

Domain/Path Name / Value
winning-wizard.com/ Name: HstCfa4806435
Value: 1711268887103
winning-wizard.com/ Name: HstCla4806435
Value: 1711268887103
winning-wizard.com/ Name: HstCmu4806435
Value: 1711268887103
winning-wizard.com/ Name: HstPn4806435
Value: 1
winning-wizard.com/ Name: HstPt4806435
Value: 1
winning-wizard.com/ Name: HstCnv4806435
Value: 1
winning-wizard.com/ Name: HstCns4806435
Value: 1
.winning-wizard.com/ Name: __gads
Value: ID=414bcf8a96e2f17c:T=1711268888:RT=1711268888:S=ALNI_Ma_gFN_Xs0lCbUbohSm6HPder0bjg
.winning-wizard.com/ Name: __gpi
Value: UID=00000d816ce7935b:T=1711268888:RT=1711268888:S=ALNI_MaGelSwaKE6Xg_O1xy-QJjCryS8EQ
.winning-wizard.com/ Name: __eoi
Value: ID=03d76e1c39350b56:T=1711268888:RT=1711268888:S=AA-AfjbE2URPxXJcO8iPez0eRNtX
.doubleclick.net/ Name: IDE
Value: AHWqTUmeW2XMmN5gGY_ksVfQlhd_FgoXiIQD0V-M1B1VtEV9zPaWxPx3SOa797nlRxU
.winning-wizard.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8Nye2iGjlAO3utPVSr8ZwpxlxMFFWbUTkJIgPJaYeU5G47dnV6aued18R-yu-KzF5huzWacYh7aHAQnxN_fn821uzhmm798zw9V2MnMmr0WK8nIZhfGbQ8cHltP-F1hHNUNCtxSJVA92f9vVy-C0iSKb7Q1w%3D%3D%22%5D%5D

9 Console Messages

Source Level URL
Text
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://winning-wizard.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c0.wp.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
pixel.wp.com
s10.histats.com
s4.histats.com
static.addtoany.com
stats.wp.com
tpc.googlesyndication.com
winning-wizard.com
www.google.com
www.gstatic.com
104.20.66.115
104.21.95.194
104.22.71.197
142.250.181.225
142.250.181.227
142.250.185.142
142.250.185.228
142.250.186.130
142.250.186.138
142.250.186.65
149.56.240.31
172.217.16.130
172.217.18.99
192.0.76.3
192.0.77.2
192.0.77.37
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0b829f09c0e84bf2a97e4871d794d7511d44bccb14fa767033f9859b3cdf8a6b
0ce65499ae484159bdce018ce17657672852407efe4a6f7a68fefd43fc34d755
0f4f7f6c877b5243370d7c2b918dbbf44d5947af07ed1b5111392fcc1e4a48ad
10e0a0cbd95b4ea35efc98fbff81df090292953d6da6e3f89c609993a672849c
14b4f967a4c8a4a99f27979b6117a2b4fdab68887a1673d2830a007b1ab66fe5
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
161f4105fcf9ea1a56ec72333e519bce25ccd8806d9fa331c8b21fe5340148ab
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2b8d77b8dfed720ae5dd25acc2f30eae30bb157cadf700a215a3b88e6788f031
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3311b9e167fd405ed03f8c98522588f0e8a1bed16b7b891e3574be84fa11ad26
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d
3f9af4dfd8df6acd0137a1fefdda083329feccdc7986c34d684c515aca9f4a8f
410ce1fbd3499584ee9df520e8bd9d9f202e4063c933f9a1a82d065f4291c6a0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43dd2bc08aad607589b5b66e9222ec11ebd495d2e67a10c16001caf91388b679
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4904d3eabdbe9d6b4ea31c312b3923adaf547cd04ff7c2909be3988e9cf9554f
4912e7a5dd03064f2d2a43f328172970f8b02ca3c8572b93caef9e1f1edc7d88
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5708f90690265469a6ca1196dd580b3ff658a00abd6fad8c4d384afd02f268ab
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5bd3d0de974ed0967bf98e6fa7dad0f2cbdb56e1e9c92678ca26d00f6dcafc93
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
7604abbee0b2c399a86f5872b2b71f0856e9a0e0e81efc1306c7debc39ce6be0
7bae111e7150348c7ce17c47461c60f43c1903b2cb8cac5be036faecfd108332
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1
877813293509d163156f5c3e11a2fe3dadee23d8afbcd8e5bea1d9de9529cdda
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
91b2dc9cd7ac64ecf6e58b3a6929024bb30b9af8de18de40d63e10ec4fbb35ea
96e06d9d34a266b479099ae1ef63c0022ff8d67b8ae51ed3a463def0a377667c
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38
9b050ff309a4eaf2a6320244770a4183de6e98cfa5c71c1a78ad9a244b17e57f
9d8f82c45b478f1a5b6945e093836b3f52dd160470090a30e4baa0173d8cb2b3
9f4bb92185a3839d4759bc8b734ab6a6bbdd0118cc7d955b0985a1ff674b8ea1
a320e9c0399f7671218b17f3bb971b55551842b3e3f7af8dca6da904ef0be4ff
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d
ad3ab3409be01b10313c9528362e91ea50cbd3d143c614a4cf845836e94c9b56
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e
bef72ef6b13374599576223f95f4128e9d0d041687f792682227eed59451a93c
bf65d372a7cd3881ca6d5ba74ba8509dbcbc8f4f2c06a6f748db8daffc24eba8
bf90f505dfe885e7a85eee07a9c66601627b66b270b8f34d17043b8f1fe27d9f
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c59b310ca0567c17489b7a3d7affa46e41c22971abd4f007e51384c4838c0d3d
c74a69166244e52e681f82bc743b4fb1a57627b39e5d0e55beefd47f649ec1b3
c8fc77527ed1d063b4c6492903ed111680abb3fea686691a2ec91728a7b9a57c
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb1ce821271704ef4e4bb398327a4b2366021639dd361915eaf60e21bc26502f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
d12394014afcdb75f7a413f63e39deea025e753b30f52e60b82bc0b9ad59f020
d6569979df77a310df9bd1f1f96ee44e979730096092794a4f68c18e0aecf606
dca03426724b9af9e1b16afa556b03b4be4ba0552ee4aa03b27dd4058b343a43
dce91532a920914844f6716eeb4755b21ee8bf5af580e7622ae087691453a1ed
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e1ffc3f3ee4e73e590fb139204266124d9cc7450a4bdb8f1d9a244f134795855
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59d50067b6906fc1629722c9b9d5b535fa2e57448985cdde3543cf002cce8ea
eb4d128afd2769ddf4e5822e1e4a6b1016a89e627237d9aebce1e22d7111d5be
ee8cdc6b3059dd54193a7faf73c44ee91b1f25a2c2e3280e95830e5cdaf4d255
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08b46784cf307786adb2a403bbf379bc334934c497d97ceae458ab938802860
f3636b46d1a150bad69440ea8cde6eacd4ca1bfcd43dd1b5a194c801f1218c9e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227
f890500123c1243d3536321f4d96e78093d92e56117c6874bd798cb386bdc24a
f8fdf2b0568a4da92fb616c9d8d6196ff583c9077b348eb0958326767ecaca23
facb6d32ed5b88bb9c55a724b5e51a6ca38be533d099a749983d9d63381079ed
ff8695c092f55061ab8aedc6ee29bdc4540ac71921aadb6826aeb07e0b2a588c