winmoregov.com
84.32.84.32  Public Scan Open in urlscan Pro

Internal
urlscan.io (IP) urlscan.io (Domain)
Effective Hostname
VirusTotal SecurityTrails crt.sh
Submitted URL
Google Safe Browsing Archive.org
Effective URL Pivot
Google Safe Browsing Archive.org
Effective IP
VirusTotal SecurityTrails Domaintools Censys
Go To Rescan
Add Verdict Report
Submitted URL:
http://winmoregov.com/ 6mo old
Effective URL:
https://winmoregov.com/ 6mo old
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On January 03 via api (January 3rd 2026, 10:52:35 pm UTC) from JP — Scanned from JP
Summary HTTP 11 Redirects Links 5  Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 11 HTTP transactions. The main IP is 84.32.84.32, located in Vilnius, Lithuania and belongs to AS-HOSTINGER Hostinger International Limited, CY. The main domain is winmoregov.com. 6mo old
TLS certificate: Issued by R12 on December 31st 2025. Valid for: 3mo.
This is the only time winmoregov.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 84.32.84.32 84.32.84.32 47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
1 2404:6800:400... 2404:6800:4004:810::200a 15169 (GOOGLE) (GOOGLE)
2 2404:6800:400... 2404:6800:4004:81d::2008 15169 (GOOGLE) (GOOGLE)
1 216.58.220.99 216.58.220.99 15169 (GOOGLE) (GOOGLE)
1 2404:6800:400... 2404:6800:4004:806::200e 15169 (GOOGLE) (GOOGLE)
1 2404:6800:400... 2404:6800:4004:827::200e 15169 (GOOGLE) (GOOGLE)
1 2404:6800:400... 2404:6800:4008:c15::9d 15169 (GOOGLE) (GOOGLE)
1 142.251.42.195 142.251.42.195 15169 (GOOGLE) (GOOGLE)
11 8
3    84.32.84.32 (Vilnius, Lithuania)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)
winmoregov.com 6mo old
VirusTotal SecurityTrails crt.sh Domaintools
1    2404:6800:4004:810::200a (Australia)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
fonts.googleapis.com 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
2    2404:6800:4004:81d::2008 (Australia)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
www.googletagmanager.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    216.58.220.99 (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
PTR: syd10s01-in-f99.1e100.net
fonts.gstatic.com 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2404:6800:4004:806::200e (Australia)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
www.google-analytics.com 13yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2404:6800:4004:827::200e (Australia)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
analytics.google.com 9yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    2404:6800:4008:c15::9d (Taiwan)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
1    142.251.42.195 (United States)
IP Lookup
urlscan.io SecurityTrails VirusTotal AbuseIPDB Censys Domaintools ipinfo.io Shodan
ASN Lookup
urlscan.io CAIDA Rank ipinfo.io CIRCL BGP Ranking

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f3.1e100.net
www.google.co.jp 10yr old
VirusTotal SecurityTrails crt.sh Domaintools
Apex Domain
Subdomains		 Transfer
3 winmoregov.com
winmoregov.com 6mo old
104 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 59 13yr old
263 KB
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 16350 10yr old
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 226 10yr old
557 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 198 9yr old
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 83 13yr old
21 KB
1 gstatic.com
fonts.gstatic.com 10yr old
61 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79 10yr old
777 B
11 8
Domain Requested by
3 winmoregov.com winmoregov.com
2 www.googletagmanager.com winmoregov.com
www.googletagmanager.com
1 www.google.co.jp winmoregov.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com winmoregov.com
11 8

This site contains links to these domains. Also see Links.

Domain
hpanel.hostinger.com
www.hostinger.com
Subject Issuer Validity Valid
winmoregov.com
R12		 2025-12-31 -
2026-03-31		 3mo crt.sh
upload.video.google.com
WR2		 2025-12-03 -
2026-02-25		 3mo crt.sh
*.google-analytics.com
WR2		 2025-12-03 -
2026-02-25		 3mo crt.sh
*.gstatic.com
WR2		 2025-12-03 -
2026-02-25		 3mo crt.sh
*.google.com
WR2		 2025-12-03 -
2026-02-25		 3mo crt.sh
*.g.doubleclick.net
WE2		 2025-12-03 -
2026-02-25		 3mo crt.sh
*.google.co.jp
WR2		 2025-12-03 -
2026-02-25		 3mo crt.sh

This page contains 1 frames:

Primary Page: https://winmoregov.com/
Frame ID: DE31629F7A25D93DD681A9A053159998
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Parked Domain name on Hostinger DNS system

Page URL History Show full URLs

  1. http://winmoregov.com/ HTTP 307
    https://winmoregov.com/ Page URL

Detected technologies

(Analytics)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
(Font scripts)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
(Tag managers)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

11
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

450 kB
Transfer

1021 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://winmoregov.com/ HTTP 307
    https://winmoregov.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol		 Status Resource
Path		 Size
x-fer		 Time
Latency		 Type
MIME-Type		 IP
Location
GET
H2 		200
 Primary Request / Show response
winmoregov.com/
Redirect Chain
  • http://winmoregov.com/
  • https://winmoregov.com/
29 KB
9 KB 		188ms
3ms 		Document
text/html		 84.32.84.32
AS-HOSTINGER Host...
General
Check archive.org
Download Go to
Full URL
https://winmoregov.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.32.84.32 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
hcdn /
Resource Hash
a588da31d3bd9ffcf8553eca8cdd16abcf4852058f9ae0536b854035b8936913

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-encoding
br
content-length
9235
content-type
text/html
date
Sat, 03 Jan 2026 22:52:35 GMT
expires
Sat, 03 Jan 2026 22:52:34 GMT
server
hcdn
vary
Accept-Encoding
x-hcdn-request-id
b4b2d700e26b7a6e21c96cce0c96ca7a-tok-edge4

Redirect headers

Location
https://winmoregov.com/
Non-Authoritative-Reason
HttpsUpgrades
GET
H2 		200
 css2
fonts.googleapis.com/ 		2 KB
777 B 		54ms
45ms 		Stylesheet
text/css		 2404:6800:4004:810::200a
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000&display=swap
Requested by
Host: winmoregov.com
URL: https://winmoregov.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e40566f5e3333aae66afa5d57775578c8c0f9efbc94d717c3471e559d3a560a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, max-age=86400
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 03 Jan 2026 22:52:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 03 Jan 2026 22:52:35 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
GET
H2 		200
 js Show response
www.googletagmanager.com/gtag/ 		313 KB
112 KB 		63ms
53ms 		Script
application/javascript		 2404:6800:4004:81d::2008
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-26575989-44
Requested by
Host: winmoregov.com
URL: https://winmoregov.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c63508bb5f3f8ec9724cd7fb55b21a1942dc80bf663716f9a5d6fd8ed585201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

content-encoding
zstd
expires
Sat, 03 Jan 2026 22:52:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 03 Jan 2026 22:52:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 03 Jan 2026 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
113919
x-xss-protection
0
server
Google Tag Manager
GET
H2 		200
 bold-moves.webp
winmoregov.com/ 		85 KB
86 KB 		2ms
1ms 		Image
image/webp		 84.32.84.32
AS-HOSTINGER Host...
General
Check archive.org
Download Go to Show image
Full URL
https://winmoregov.com/bold-moves.webp
Requested by
Host: winmoregov.com
URL: https://winmoregov.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.32.84.32 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
hcdn /
Resource Hash
f0d60a0a71d9c16e9a1769fa1a956c207c5950ae1663488ccd7fd185c9f7c219

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

x-hcdn-request-id
e005164df7b8299ad745b9596e8ec79b-tok-edge4
cache-control
no-cache
expires
Sat, 03 Jan 2026 22:52:34 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
87332
date
Sat, 03 Jan 2026 22:52:35 GMT
content-type
image/webp
vary
Accept-Encoding
server
hcdn
GET
H3 		200
 rP2Hp2ywxg089UriCZOIHTWEBlw.woff2
fonts.gstatic.com/s/dmsans/v17/ 		61 KB
61 KB 		8ms
3ms 		Font
font/woff2		 216.58.220.99
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v17/rP2Hp2ywxg089UriCZOIHTWEBlw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd10s01-in-f99.1e100.net
Software
sffe /
Resource Hash
aa530716b0d351866af7dbfa3eee4120fb36f2d071baff8c234185141865c7ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://winmoregov.com
Referer
https://fonts.googleapis.com/

Response headers

age
42376
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 03 Jan 2027 11:06:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 03 Jan 2026 11:06:20 GMT
last-modified
Wed, 10 Sep 2025 16:31:13 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
62556
x-xss-protection
0
server
sffe
GET
H2 		200
 js Show response
www.googletagmanager.com/gtag/ 		451 KB
151 KB 		43ms
42ms 		Script
application/javascript		 2404:6800:4004:81d::2008
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S4HMJ5EXYY&cx=c&gtm=4e5ca1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26575989-44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
546d8a0b43aa827f5ac2fb537737427a8b702c5823a4ea272a83c63593465528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 03 Jan 2026 22:52:36 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154335
date
Sat, 03 Jan 2026 22:52:36 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
GET
H2 		200
 analytics.js Show response
www.google-analytics.com/ 		51 KB
21 KB 		12ms
2ms 		Script
text/javascript		 2404:6800:4004:806::200e
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26575989-44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:806::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

content-encoding
gzip
age
3257
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 03 Jan 2026 23:58:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 03 Jan 2026 21:58:19 GMT
last-modified
Tue, 15 Jul 2025 00:44:26 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20737
server
Golfe2
POST
H2 		204
 collect
analytics.google.com/g/ 		0
0 		53ms
43ms 		Fetch
text/plain		 2404:6800:4004:827::200e
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-S4HMJ5EXYY&gtm=45je5ca1v9135860898za20g&_p=1767480756008&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1779717882.1767480756&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116251938~116251940~116682876&sid=1767480756&sct=1&seg=0&dl=https%3A%2F%2Fwinmoregov.com%2F&dt=Parked%20Domain%20name%20on%20Hostinger%20DNS%20system&en=page_view&_fv=1&_ss=1&tfd=631
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S4HMJ5EXYY&cx=c&gtm=4e5ca1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:170:0
report-to
{"group":"ascnsrsggc:170:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:170:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winmoregov.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:170:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 03 Jan 2026 22:52:36 GMT
content-type
text/plain
server
Golfe2
POST
H2 		204
 collect
stats.g.doubleclick.net/g/ 		0
557 B 		115ms
38ms 		Ping
text/plain		 2404:6800:4008:c15::9d
GOOGLE
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S4HMJ5EXYY&cid=1779717882.1767480756&gtm=45je5ca1v9135860898za20g&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116251938~116251940~116682876
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S4HMJ5EXYY&cx=c&gtm=4e5ca1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c15::9d , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0
report-to
{"group":"ascnsrsggc:138:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:138:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winmoregov.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:138:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 03 Jan 2026 22:52:36 GMT
content-type
text/plain
server
Golfe2
GET
H3 		200
 ga-audiences
www.google.co.jp/ads/ 		42 B
63 B 		10ms
6ms 		Image
image/gif		 142.251.42.195
GOOGLE
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S4HMJ5EXYY&cid=1779717882.1767480756&gtm=45je5ca1v9135860898za20g&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116251938~116251940~116682876&z=1353504515
Requested by
Host: winmoregov.com
URL: https://winmoregov.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 03 Jan 2026 22:52:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
GET
H2 		200
 favicon.ico
winmoregov.com/ 		29 KB
9 KB 		1ms
1ms 		Other
text/html		 84.32.84.32
AS-HOSTINGER Host...
General
Check archive.org
Download Go to
Full URL
https://winmoregov.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.32.84.32 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
hcdn /
Resource Hash
a588da31d3bd9ffcf8553eca8cdd16abcf4852058f9ae0536b854035b8936913

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://winmoregov.com/

Response headers

x-hcdn-request-id
465ff59ff7a40cb5eeac1f67ed1f82fa-tok-edge4
cache-control
no-cache
content-encoding
br
expires
Sat, 03 Jan 2026 22:52:35 GMT
alt-svc
h3=":443"; ma=86400
content-length
9235
date
Sat, 03 Jan 2026 22:52:36 GMT
content-type
text/html
vary
Accept-Encoding
server
hcdn

Verdicts & Comments Add Verdict or Comment

15 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| punycode string| pathName string| unicodeDomain object| account object| emailExample function| sanitizeDomain object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path Expires Name / Value
.winmoregov.com/ 1970-01-21
10:59:27 		Name: _gid
Value: GA1.2.950665007.1767480756
.winmoregov.com/ 1970-01-21
10:58:00 		Name: _gat_gtag_UA_26575989_44
Value: 1
.winmoregov.com/ 1970-01-21
20:34:00 		Name: _ga_S4HMJ5EXYY
Value: GS2.1.s1767480756$o1$g0$t1767480756$j60$l0$h0
.winmoregov.com/ 1970-01-21
20:34:00 		Name: _ga
Value: GA1.1.1779717882.1767480756