esd.wcup.one Open in urlscan Pro
172.67.132.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://esd.wcup.one/
Effective URL:
https://esd.wcup.one/
Submission: On June 16 via api (June 16th 2024, 1:06:23 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 42 HTTP transactions. The main IP is 172.67.132.145, located in United States and belongs to CLOUDFLARENET, US. The main domain is esd.wcup.one.
TLS certificate: Issued by E1 on May 1st 2024. Valid for: 3 months.

This is the only time esd.wcup.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	172.67.132.145 172.67.132.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	45.150.234.43 45.150.234.43	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
9	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
42	9

19 172.67.132.145 (United States)

ASN13335 (CLOUDFLARENET, US)

esd.wcup.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.150.234.43 (Frankfurt am Main, Germany)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

melban7.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	wcup.one esd.wcup.one	560 KB
10	gstatic.com fonts.gstatic.com	320 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 726	127 KB
4	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 11755	3 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136	247 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	8 KB
1	melban7.top melban7.top
42	7

	Domain	Requested by
19	esd.wcup.one	esd.wcup.one
10	fonts.gstatic.com	fonts.googleapis.com esd.wcup.one
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	counter.yadro.ru	2 redirects esd.wcup.one
4	pagead2.googlesyndication.com	esd.wcup.one pagead2.googlesyndication.com
2	fonts.googleapis.com	esd.wcup.one
1	melban7.top	esd.wcup.one
42	7

This site contains links to these domains. Also see Links.

Domain
slots.wcup.one
www.liveinternet.ru

Subject Issuer	Validity	Valid
wcup.one E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
melban7.top R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://esd.wcup.one/
Frame ID: 3F7540FEBB8138B32BBFDAB268D6FCD7
Requests: 41 HTTP requests in this frame

Frame: https://melban7.top/I?tag=s_3162201m_34097c_&site=3162201&ad=34097
Frame ID: 04007416412AFC457D2F2852FFC19FAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sport OnLine — Топовый спорт! и ничего лишнего…

Page URL History Show full URLs

http://esd.wcup.one/ HTTP 307
https://esd.wcup.one/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

42
Requests

95 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

1263 kB
Transfer

3101 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://slots.wcup.one/bookofra-besplatno-online/
Title: Book of Ra играть бесплатно

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;sport-on

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://esd.wcup.one/ HTTP 307
https://esd.wcup.one/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9058672137078934 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9058672137078934

Request Chain 21

https://counter.yadro.ru/hit;sport-on?t26.1;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9871714205793629 HTTP 302
https://counter.yadro.ru/hit;sport-on?q;t26.1;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9871714205793629

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
esd.wcup.one/
Redirect Chain

http://esd.wcup.one/
https://esd.wcup.one/

38 KB
8 KB

127ms
57ms

Document
text/html

172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: f8fbc85c1f40aa4d315bc5ac028fc72487a3526bda1f05cca3790871b2a8f2ca

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 463
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 894b04343b3318d4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 13:06:18 GMT
last-modified: Sun, 16 Jun 2024 12:58:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ye7jbuyvyOTSRxXk1G5fI%2BYs4eFo05KhZumNq35Lz6IuYBZuMk6S45x9m5igTXMT%2Fqt6wDIRR1mq1gd7Db3kiTYwPNWufWm3qknSA8kZT8rYGeaLX2hMgpNVVuUmW%2FU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

Redirect headers

Location: https://esd.wcup.one/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.min.css
esd.wcup.one/wp-includes/css/dist/block-library/ 108 KB
15 KB 93ms
92ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Feb 2024 08:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9648
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7%2BSuET8bQ1DB2rC2w%2BVfrnF0nsrHGbwrRUPHJJ2yyV3OFUeXwq1VZlnXXauhoN6CsHxPH%2FHa90Juj0TUdJPynjEQf8b8Pt522gjURN%2B4AF3QU4mBtt1FhX%2FO0iWDn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abc718d4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 pagenavi-css.css
esd.wcup.one/wp-content/plugins/wp-pagenavi/ 237 B
646 B 52ms
50ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=374
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 09:18:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pgmx1kmP9YyaqCG3eTKs4gYtMH9f93VStxMxLzTXJ0rIV5%2BEI%2BJOgH%2BfY0WLT8S9DXeuAQJi8KXes6cKzhuthy0bzLhDii3Bpolx0VaKeQWu4WYf8Y9efVfXqE10TU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abcb18d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 style.css
esd.wcup.one/wp-content/themes/skt-filmmaker/ 39 KB
10 KB 55ms
53ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/style.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28cbf58b89da49f6bb89e13713daf017165726c616508558cbacddbdc2256a67

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=53174
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gdn7KNxyNClWwilvJMcnWmpkZCX31pqkN%2BnRbcmNoNtg0t%2BHp6AfOKwGiQoA8gcNyqQNYiEa7TITkg6yAUIhoZTkfF8YAUxcdHlIknL03YTpxHL4MVchhY%2BmSYaOH1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abce18d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 style.css
esd.wcup.one/wp-content/themes/skt-filmmaker-child/ 804 B
878 B 53ms
51ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker-child/style.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c28a88fd236382aea5fae3c4f7c3309a59c204aa892e76f323f998250b14cbf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=1149
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 06 Dec 2019 09:49:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJM8%2Bt6fgo4V0Cpv0qZeC9%2FoFVhqTFDhG2nvt5AK8cHS3GczrIBwQ%2FA5Ht62hxNGxYLZP2HjD4eq2nvasBst%2FH6WbEQGaivK6fpwMTuZjYPv9lVcHNNpwLfZq2YIHsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abd018d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 responsive.css
esd.wcup.one/wp-content/themes/skt-filmmaker/css/ 15 KB
4 KB 94ms
92ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/css/responsive.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6efc6fb6f6b9c9aed39489e2511229341c5182264f2b2eaa0d4543835379e678

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=19140
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8bek0AgiQDgsRUkxoNheLAEYCU6bCDG01U6YD2r%2BqLrloMngwCcpl6QBLVMqUrOorpE%2BM8Q3MCmIq8Ig6D43Yy4BSDC5mw4NhXFgp3KfXazL%2BR4XaQhasZ2Fp%2F4o%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abd318d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 66 KB
3 KB 142ms
53ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CAssistant%3A200%2C300%2C400%2C600%2C700%2C800%7CAnton%3A400%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COswald%3A200%2C300%2C400%2C500%2C600%2C700%7CSix+Caps%3A400&ver=6.4.4

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36a2b3aa6faf967d825316762ef387d94a4bb4963e23181be8cd434d6ea06cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 13:06:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jun 2024 13:06:19 GMT

GET
H3 200 editor-style.css
esd.wcup.one/wp-content/themes/skt-filmmaker/ 99 B
592 B 95ms
93ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/editor-style.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4add27298565bdbb6fec494ec961b19500c77b441d74099be2daed02301900a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=139
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoUQjtRFwg05PbpTyMKtipaHRFCPgXIYVxGqlzYAVhLmaIbk2AbOY6hjQmuMa9uMmvuBvcGMFR4WYJ9jFWomoQ5tST32HcH2ClpOff3PeSMJ0XseQG%2FZUHy%2FGz6sDiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abd518d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 nivo-slider.css
esd.wcup.one/wp-content/themes/skt-filmmaker/css/ 2 KB
1 KB 54ms
52ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/css/nivo-slider.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9613740faadc921aa1a8bb5dbec0588a9f19f3cfdb9b00c36042bdb9ff48889b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=2928
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bqals7OzjN9yqfw3VXMHyEjl3caWKejNCkjrhjn8pbHjochv%2FU4Bg7kP9WZH4KlMsafcJRoa6EPKCgfvX868X65lF5BaXiK9cbuGlJGLXS1s7hUCKfnpHwrsoEzaxX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abd818d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 style_base.css
esd.wcup.one/wp-content/themes/skt-filmmaker/css/ 7 KB
2 KB 95ms
93ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/css/style_base.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222da7a9e9de46339e320827507729629bda6db35b6dad0c10b6f8dbaeba326a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=8507
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZKi1XVbLmvGojqhzZiiw6h84%2Fb0HeUVCS7od6fiOM5IF9cVivrf6YRnFCSP4J1OOvXL7Cz1evmLGX5kwYGR5iaCVo0DVoYYo6iq3tIvA5PtMFcXKv6B79PO%2B%2B3RkPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abda18d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 skt-filmmaker-custom-style.css
esd.wcup.one/wp-content/themes/skt-filmmaker/css/ 0
513 B 96ms
94ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/css/skt-filmmaker-custom-style.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
cf-polished: origSize=1
alt-svc: h3=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sSqMquiWOQIusZbv6DKHkvfYB8l7f1MQC4kVUMLSigPVlQy2J59Cn9XzLrm04abvytp0jR0yVaMxLHlK1Nzy2ckndQ3n06Fqa%2FG2Wdjs09%2Bj9tEYB3IWUwsYaz4b2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894b0434abdc18d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 dashicons.min.css
esd.wcup.one/wp-includes/css/ 58 KB
35 KB 96ms
95ms Stylesheet
text/css 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-includes/css/dashicons.min.css?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Mar 2021 02:46:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9648
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVNbWEbCH%2B4egtIk%2BJni8N1Ganl%2FF8MNTq95dn43ec%2FBhnLQXrAYJDGxvg0tOAZClgpTcZv6WIRBaSFEi7M3YnMaDiQGCfpetLHX0FdjbDbEsgUd5vYsAC6AU2BFhXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abe018d4-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 jquery.min.js Show response
esd.wcup.one/wp-includes/js/jquery/ 86 KB
31 KB 97ms
95ms Script
text/javascript 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Feb 2024 08:59:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2434
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CEGt5og06QoQsqiyhRwPj6CJ%2B%2Bw8XIGxv2Qy8lX0FZjXFCesQDFIRIpeDC3fi14h8evPCnK5jV%2BOmKJJOQ%2B5tXAEe4gAYaf%2F4bCzfmU0iy7luiKOS1MEYe8Uzk6WXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abe218d4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
esd.wcup.one/wp-includes/js/jquery/ 13 KB
5 KB 181ms
179ms Script
text/javascript 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Feb 2024 08:59:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2434
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sa3IPr%2FR9lGwy43fKs0FHvEHqskeRlN34XXZtj%2B%2F4SJsWxZvnyj9rdeNXgzON3lpuxWafcj6eNnfmeC9Vdh9X4c70wGqX4zdFXsbJpLkT7a2lXM0gMowzcBiYF8SeTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abe518d4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.nivo.slider.js Show response
esd.wcup.one/wp-content/themes/skt-filmmaker/js/ 15 KB
4 KB 205ms
203ms Script
text/javascript 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/js/jquery.nivo.slider.js?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668a283dc1b40a13c09764571bbd566afad9d3c6ab5b588ca7e1b0c960a2eab3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2434
cf-polished: origSize=28936
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6MYjcMRzB2lZMNt6oj8SIDmfwytE311ILXht%2B%2FvppUmSoXuxP3HeJrY%2BaEHs4UqmRf%2FcOMKJKuho%2FPyxXGnHrtUeLoHW4SHU2wiQt%2BdXLVEM8ryRUj5Hod0HnA%2F65c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abe618d4-FRA

GET
H3 200 custom.js Show response
esd.wcup.one/wp-content/themes/skt-filmmaker/js/ 1 KB
1 KB 220ms
219ms Script
text/javascript 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/js/custom.js?ver=6.4.4
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb63b3d7ba153ec2dfbb71b0e3321ceda769472ae2534bcad16fbe6af16e704

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2434
cf-polished: origSize=1985
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rNiRPHCNSRNJdXWHtIvFPnuDlklCxo4gXa8NAT8xXLAeXYDSyUpYwaRflIvs0Uyyx%2BdUO7d7ZTaJtjO85yYJKYhe%2FvFWjtRraM%2Bm42DlAE9JkLOc2tJsPEhSTcziCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abe818d4-FRA

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
51 KB 171ms
85ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4462420908761227

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1753861ff15b55bef60a3f2e552d174cbcc796d3b62e0f501047077cc5e64cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52536
x-xss-protection: 0
server: cafe
etag: 2499417758199784416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 16 Jun 2024 13:06:19 GMT

GET
H3 200 euro-20241.png
esd.wcup.one/wp-content/uploads/2024/06/ 438 KB
439 KB 221ms
220ms Image
image/png 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esd.wcup.one/wp-content/uploads/2024/06/euro-20241.png
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03dbe9f48ea0a8f2a0beb091387e461634f7b342b392f50f407043a92a4099ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
alt-svc: h3=":443"; ma=86400
content-length: 448614
last-modified: Fri, 14 Jun 2024 07:17:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQvPU9HLI9W2Ty4vRoU9QIsg2%2F7FE3U1B6shReeTE2uuXCwFVg4E75iYIPI8eLHmm6m4MYkd7sCU%2BCm8AbgnJZ1kS7cpMevpf2uKr4OOMcbQ7g0%2B2fIOw0861sjQI%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894b0434abe918d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
51 KB 176ms
90ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7eeda5b240ece81b8eedb5de7b6ab8b395a2da56d410680ac4ee1b93302dce90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52535
x-xss-protection: 0
server: cafe
etag: 3320004559613923114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 16 Jun 2024 13:06:19 GMT

GET
H3 200 navigation.js Show response
esd.wcup.one/wp-content/themes/skt-filmmaker/js/ 4 KB
1 KB 311ms
310ms Script
text/javascript 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/themes/skt-filmmaker/js/navigation.js?ver=01062020
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fa2898d366075f07e959cfe8619344a29605a13431b8938b6c3d4d7cac1fdd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2434
cf-polished: origSize=5215
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Apr 2022 10:15:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=urcmNAw4UsmUXSxKR1h2CluSfeoBL%2FnieSCPtneJyBLGKDuMjEA5fpn5VgTrjv0S%2BwdH%2F4bmaK0ISuHvi2NRVGMQwS4e7k4xLiZmxriGMzO2%2BVsxGQuDZH4fRTtE7Hk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894b0434abea18d4-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u04...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u...

43 B
528 B

77ms
77ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9058672137078934

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://esd.wcup.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jun 2024 13:06:19 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 16 Jun 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 Jun 2024 13:06:19 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9058672137078934
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 16 Jun 2023 21:00:00 GMT

GET
H3 200 euro-20241.png
esd.wcup.one/wp-content/uploads/2024/06/ 438 KB
0 0ms
0ms Image
image/png 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esd.wcup.one/wp-content/uploads/2024/06/euro-20241.png
Requested by: Host: esd.wcup.one
URL: https://esd.wcup.one/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03dbe9f48ea0a8f2a0beb091387e461634f7b342b392f50f407043a92a4099ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9648
alt-svc: h3=":443"; ma=86400
content-length: 448614
last-modified: Fri, 14 Jun 2024 07:17:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQvPU9HLI9W2Ty4vRoU9QIsg2%2F7FE3U1B6shReeTE2uuXCwFVg4E75iYIPI8eLHmm6m4MYkd7sCU%2BCm8AbgnJZ1kS7cpMevpf2uKr4OOMcbQ7g0%2B2fIOw0861sjQI%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894b0434abe918d4-FRA
expires: Sun, 23 Jun 2024 10:25:30 GMT

GET
H/1.1

200
OK

hit;sport-on
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;sport-on?t26.1;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u04...
https://counter.yadro.ru/hit;sport-on?q;t26.1;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u...

119 B
605 B

78ms
78ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;sport-on?q;t26.1;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9871714205793629

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

6e8683af9a1562be54a15204a33238e1d04f7dea2760248a36cca6c88c619165

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://esd.wcup.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jun 2024 13:06:19 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 119
Expires: Fri, 16 Jun 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 Jun 2024 13:06:19 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;sport-on?q;t26.1;r;s1600*1200*24;uhttps%3A//esd.wcup.one/;hSport%20OnLine%20%u2014%20%u0422%u043E%u043F%u043E%u0432%u044B%u0439%20%u0441%u043F%u043E%u0440%u0442%21%20%u0438%20%u043D%u0438%u0447%u0435%u0433%u043E%20%u043B%u0438%u0448%u043D%u0435%u0433%u043E%u2026;0.9871714205793629
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 16 Jun 2023 21:00:00 GMT

GET
H2 200 I
melban7.top/ Frame 0400 0
0 191ms
54ms Document
text/html 45.150.234.43
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://melban7.top/I?tag=s_3162201m_34097c_&site=3162201&ad=34097

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.150.234.43 Frankfurt am Main, Germany, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://esd.wcup.one/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private
content-encoding: br
content-length: 353
content-type: text/html; charset=utf-8
date: Sun, 16 Jun 2024 13:06:19 GMT
server: nginx
server-timing: wf-uht;dur=0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-aspnetmvc-version: 5.0

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 146ms
49ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CAssistant%3A200%2C300%2C400%2C600%2C700%2C800%7CAnton%3A400%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COswald%3A200%2C300%2C400%2C500%2C600%2C700%7CSix+Caps%3A400&ver=6.4.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 20:40:46 GMT
x-content-type-options: nosniff
age: 231933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 20:40:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 137ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 23:39:34 GMT
x-content-type-options: nosniff
age: 221205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 23:39:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 218ms
122ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 10:22:28 GMT
x-content-type-options: nosniff
age: 269031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 10:22:28 GMT

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v19/ 21 KB
21 KB 189ms
92ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v19/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e8cbda3d0dbdebf90ffd27f3990859a78f3e7561a8ff2b1f12df25306854a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 12:06:16 GMT
x-content-type-options: nosniff
age: 262803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21700
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 12:06:16 GMT

GET
H2 200 TK3iWkUHHAIjg752HT8Ghe4.woff2
fonts.gstatic.com/s/oswald/v53/ 15 KB
15 KB 208ms
112ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752HT8Ghe4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

074fcb4b6391b4c53916ac1de53f563d30688b3016bf638b00e84609727aff4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 20:00:56 GMT
x-content-type-options: nosniff
age: 234323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15664
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:31:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 20:00:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ 426 KB
144 KB 107ms
107ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4462420908761227&plah=esd.wcup.one&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4462420908761227

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2af42e8d63410a393a305c1c0b4add98501e02f302f092ee8814ca242424035a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147282
x-xss-protection: 0
server: cafe
etag: 18253034906452373608
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 13:06:19 GMT

GET
H2 200 ca-pub-4462420908761227 Show response
fundingchoicesmessages.google.com/i/ 193 KB
65 KB 188ms
77ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4462420908761227?href=https%3A%2F%2Fesd.wcup.one&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4462420908761227&plah=esd.wcup.one&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e98a7fdef1f500a99766816f735c42131d2b29daba990a8470690a88c85caf9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JQQSJDWNuJMy_b5Vh0Z1pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JQQSJDWNuJMy_b5Vh0Z1pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw0JBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYiT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yCvFwnD62ezObwI5L5_qYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAwN9QzM4wsMABOrOXg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXFfeJPpbLG5mKvcI_KmAInWN2-SDFG3KLPNhMzM4WLD0AUskwPv9V6fZ6KZmmAPHkJPmIzSn5IdpfWOda2SFufGVlfqFI8pwTvmToNBmIuKGNnHunFV1lVw3vKguIQjjheLi5HPw== Show response
fundingchoicesmessages.google.com/f/ 403 KB
62 KB 134ms
133ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXFfeJPpbLG5mKvcI_KmAInWN2-SDFG3KLPNhMzM4WLD0AUskwPv9V6fZ6KZmmAPHkJPmIzSn5IdpfWOda2SFufGVlfqFI8pwTvmToNBmIuKGNnHunFV1lVw3vKguIQjjheLi5HPw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NTQzMTc5LDk2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lc2Qud2N1cC5vbmUvIixudWxsLFtbOCwia2J2S2VJY3FMeVUiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY5XSxudWxsLDEwXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kbvKeIcqLyU.es5.O/am=AAM/d=1/rs=AJlcJMx9FVmFhjifxoavBhFrcCpZiXNT7w/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e29425467d699851adaddb14e39540332ca359f9d98ae78ff1cd9e4a9a51588

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-laV_m1B59iL1_D-2HNqnQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-laV_m1B59iL1_D-2HNqnQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1pBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYiT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yCnFznDm2ezObwIIZJxWUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMDA31DMzjCwwAy8E4uw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 80ms
79ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kbvKeIcqLyU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyin1ER-pY1ny3qKgYwAFloRiga_w/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jun 2024 13:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 13:06:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jun 2024 13:06:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:26:48 GMT
x-content-type-options: nosniff
age: 301172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 01:26:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
10 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 20:00:08 GMT
x-content-type-options: nosniff
age: 234372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 20:00:08 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 03:20:55 GMT
x-content-type-options: nosniff
age: 294325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 03:20:55 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: esd.wcup.one
URL: https://esd.wcup.one/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 04:49:38 GMT
x-content-type-options: nosniff
age: 289002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 04:49:38 GMT

POST
H3 204 AGSKWxXggMaEF4HjDkJ7Ce00ZA7X7VdRhGMQbsGRzSWS80AEf79WueVU_Xm_IAgKaeeYTynRbTH3A01gmNilTaeURNeUfHMms8REcinUPk74tdh2h1O-ZqIxFWUmn1STjtKLeQ90XFdfKQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 130ms
51ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXggMaEF4HjDkJ7Ce00ZA7X7VdRhGMQbsGRzSWS80AEf79WueVU_Xm_IAgKaeeYTynRbTH3A01gmNilTaeURNeUfHMms8REcinUPk74tdh2h1O-ZqIxFWUmn1STjtKLeQ90XFdfKQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z5BdzPzRFh5wsO7W-B13GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 16 Jun 2024 13:06:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-z5BdzPzRFh5wsO7W-B13GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBicEqfwRoCxEsiLrIeSbzIKsTDcebY7s1sAjuuXW5hVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmaGhnoG5vEFBgA7qyae"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://esd.wcup.one
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXggMaEF4HjDkJ7Ce00ZA7X7VdRhGMQbsGRzSWS80AEf79WueVU_Xm_IAgKaeeYTynRbTH3A01gmNilTaeURNeUfHMms8REcinUPk74tdh2h1O-ZqIxFWUmn1STjtKLeQ90XFdfKQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5IUt5OsRSgw3eBxlTvnoHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 16 Jun 2024 13:06:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-5IUt5OsRSgw3eBxlTvnoHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0gDi9BmsIUC8JOIi65HEi6xCPBxnju3ezCbwo7G9hVHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRiYGRrqGZjHFxgAACCVJj4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://esd.wcup.one
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 43ms
43ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://esd.wcup.one
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:16:13 GMT
x-content-type-options: nosniff
age: 240607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 18:16:13 GMT

GET
H3 200 cropped-foot-32x32.png
esd.wcup.one/wp-content/uploads/2019/10/ 820 B
1 KB 52ms
52ms Other
image/png 172.67.132.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://esd.wcup.one/wp-content/uploads/2019/10/cropped-foot-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1332b9a89aab89753126ebf557e92f7f94973052763f4490a6211a11451eebc2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 13:06:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8162
alt-svc: h3=":443"; ma=86400
content-length: 820
last-modified: Fri, 18 Oct 2019 13:36:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4tfJl0EC3QPAa%2ByFxLEl2Wc5YVctzTZ6BA76oB%2B5MCO8NXy4BpqLImj%2FnRYS4TXwE1bGCy9SbRnUqSvJpOZGrjLE31%2F91cM1I0SZxFeDyMausgVf%2BED6Ew23NuHIRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894b043d593918d4-FRA
expires: Sun, 23 Jun 2024 10:50:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 193ms
192ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-4462420908761227&su=esd.wcup.one&eid=44759876%2C44759927%2C44759837%2C42531706%2C95329723%2C95334508%2C95334529%2C95334572%2C95334579%2C95335246%2C31078663%2C31078668%2C31078670&doc=complete&pg_h=4250&pg_w=1600&pg_hs=4250&c=1&aa_c=1&av_h=265&av_w=965&av_a=265250&all_s=1140&b=2450&all_b=2450&d=0.059&all_d=0.125&ard=0.012&all_ard=0.078&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://esd.wcup.one/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 13:06:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.yadro.ru/	1970-01-21 06:07:01	Name: FTID Value: 1cRkDB21JRep1cRkDB001LRJ
			.yadro.ru/	1970-01-21 06:07:01	Name: VID Value: 3G3rsx1hVZep1cRkDB001LSJ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
esd.wcup.one
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
melban7.top
pagead2.googlesyndication.com
142.250.185.130
142.250.185.78
172.217.18.3
172.67.132.145
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
45.150.234.43
88.212.201.198
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
03dbe9f48ea0a8f2a0beb091387e461634f7b342b392f50f407043a92a4099ad
074fcb4b6391b4c53916ac1de53f563d30688b3016bf638b00e84609727aff4f
1332b9a89aab89753126ebf557e92f7f94973052763f4490a6211a11451eebc2
1753861ff15b55bef60a3f2e552d174cbcc796d3b62e0f501047077cc5e64cf5
222da7a9e9de46339e320827507729629bda6db35b6dad0c10b6f8dbaeba326a
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
28cbf58b89da49f6bb89e13713daf017165726c616508558cbacddbdc2256a67
2af42e8d63410a393a305c1c0b4add98501e02f302f092ee8814ca242424035a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32fa2898d366075f07e959cfe8619344a29605a13431b8938b6c3d4d7cac1fdd
36a2b3aa6faf967d825316762ef387d94a4bb4963e23181be8cd434d6ea06cc2
39e8cbda3d0dbdebf90ffd27f3990859a78f3e7561a8ff2b1f12df25306854a7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb63b3d7ba153ec2dfbb71b0e3321ceda769472ae2534bcad16fbe6af16e704
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4add27298565bdbb6fec494ec961b19500c77b441d74099be2daed02301900a6
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5e98a7fdef1f500a99766816f735c42131d2b29daba990a8470690a88c85caf9
668a283dc1b40a13c09764571bbd566afad9d3c6ab5b588ca7e1b0c960a2eab3
6c28a88fd236382aea5fae3c4f7c3309a59c204aa892e76f323f998250b14cbf
6e29425467d699851adaddb14e39540332ca359f9d98ae78ff1cd9e4a9a51588
6e8683af9a1562be54a15204a33238e1d04f7dea2760248a36cca6c88c619165
6efc6fb6f6b9c9aed39489e2511229341c5182264f2b2eaa0d4543835379e678
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
7eeda5b240ece81b8eedb5de7b6ab8b395a2da56d410680ac4ee1b93302dce90
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
9613740faadc921aa1a8bb5dbec0588a9f19f3cfdb9b00c36042bdb9ff48889b
ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8fbc85c1f40aa4d315bc5ac028fc72487a3526bda1f05cca3790871b2a8f2ca

esd.wcup.one Open in urlscan Pro 172.67.132.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

95 %HTTPS

33 %IPv6

7 Domains

7 Subdomains

9 IPs

3 Countries

1263 kBTransfer

3101 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

esd.wcup.one Open in urlscan Pro
172.67.132.145 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

95 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

1263 kB
Transfer

3101 kB
Size

2
Cookies

42 HTTP transactions
0 data transactions