URL: https://g.cruqtins.top/
Submission: On March 17 via api from US — Scanned from US

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3033::6815:16a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is g.cruqtins.top.
TLS certificate: Issued by GTS CA 1P5 on March 14th 2024. Valid for: 3 months.
This is the only time g.cruqtins.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:21e... 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
1 108.138.128.46 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a04:4e42:200... 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 162.19.138.117 16276 (OVH)
1 52.0.10.132 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
38 16
Apex Domain
Subdomains
Transfer
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
83 KB
11 cruqtins.top
g.cruqtins.top
274 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 961
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 916
id5-sync.com — Cisco Umbrella Rank: 480
27 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 224
165 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
31 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1306
6 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 694
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1999
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
901 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2600
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3116
3 KB
1 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5712
9 KB
38 13
Domain Requested by
13 fundingchoicesmessages.google.com g.cruqtins.top
securepubads.g.doubleclick.net
11 g.cruqtins.top g.cruqtins.top
2 securepubads.g.doubleclick.net g.cruqtins.top
securepubads.g.doubleclick.net
1 pagead2.googlesyndication.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
38 15

This site contains no links.

Subject Issuer Validity Valid
cruqtins.top
GTS CA 1P5
2024-03-14 -
2024-06-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018
2024-01-09 -
2024-07-04
6 months crt.sh
cdn.prod.uidapi.com
R3
2024-01-24 -
2024-04-23
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2024-02-20 -
2024-05-20
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2024-01-22 -
2024-04-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-17 -
2024-05-17
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
*.id5-sync.com
R3
2024-03-01 -
2024-05-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://g.cruqtins.top/
Frame ID: 0665CFAFAD6F62A24D45AD4965D9288A
Requests: 39 HTTP requests in this frame

Screenshot

Page Title

cruqtins.top games

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

38
Requests

100 %
HTTPS

60 %
IPv6

13
Domains

15
Subdomains

16
IPs

2
Countries

657 kB
Transfer

1952 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
g.cruqtins.top/
20 KB
9 KB
Document
General
Full URL
https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db514d2992d8a747e946034ab319aa3999873a96d5133a3d4eed94ab678cc4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
MISS
cf-ray
865d221b9d59222d-MIA
content-encoding
br
content-type
text/html
date
Sun, 17 Mar 2024 12:54:43 GMT
expires
Mon, 18 Mar 2024 12:54:43 GMT
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bs%2ByaA8W8xRwtfCDc3ZuUaGig%2BznN9tIWkEGs2iErj4Ts15IlIbIJO2MZCFdxhtzT%2BkemA%2ByM5tpxz4%2F3p5Rzi97fcKVRdMfCQySVZ9BM3poAKeU4cK%2FL6GXGBklfCLBVb5jFgJg3uWx79pNNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/
88 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f9ec8832534ca47daeb2af0b882a4785ad25c3a5803ea3f830480ea103f0e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28946
x-xss-protection
0
server
cafe
etag
561 / 19799 / m202403130101 / config-hash: 15864570305302719697
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 12:54:44 GMT
pub-1107961416814374
fundingchoicesmessages.google.com/i/
23 KB
9 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/pub-1107961416814374?ers=1
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e217ca929041462aea2d6e57bf7161d02ce546e0b07ff5eef86a9a55d806377f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dAO5SesBcyOr0WK9Aotr0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-dAO5SesBcyOr0WK9Aotr0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiJtjyoXb69kEfizfHgIAKLIsyw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
chunk-common.fbcb2f58.css
g.cruqtins.top/css/
29 KB
6 KB
Stylesheet
General
Full URL
https://g.cruqtins.top/css/chunk-common.fbcb2f58.css
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
608abd7d8d62256969e2794e05565f3f6fadf8a5b58019d2969112a6be56a328

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f01a12-7439"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YpbMglwNWXeZalHJRJ5FzSP24gQHTaRiWwkINjvFSj%2FlDrTd0Uk2bLNbgqcK8xSpLAqLINXIrH9tJX0CZtZyPFPQ8dORQ2tM7iy3c087JE2s%2Bnd1oSz%2BxjawoJx5c48I9C4Sxn6aMW%2Fv5NFAgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
865d221cee6f222d-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 12:54:44 GMT
chunk-vendors.df919975.css
g.cruqtins.top/css/
69 KB
32 KB
Stylesheet
General
Full URL
https://g.cruqtins.top/css/chunk-vendors.df919975.css
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8e4695f7fa97f1bfeb3580f3deb14056a2d65dabd7e07e110332390ceeed4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f01a12-11327"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSem6KklunN7mWyonXX6SKMyJ0q0tFD8DFi4us7%2BRmz8m0VEiW3%2BLv1ZVCHv3GXZlIP3s0A8Ox%2F01p%2F1NdBLg%2BiicYQZzPj2wPycKMTW6itf38MDGqYm%2BJpFpoWxdorFNl9Dr5QYSDNLuxj5rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
865d221cee73222d-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 12:54:44 GMT
index.797cad03.css
g.cruqtins.top/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://g.cruqtins.top/css/index.797cad03.css
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a448ac47fc5284051fc9ecb896d5875ee6b96a70cb322fcd5839baa7ace85b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f01a12-23a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oV5um%2BCUT8wkGfBWoodc1kY8rV%2FINwoEnXxSe%2BRH2W839FpM5a90sDhoyuH57kHxGtREHO7t8lsSuJC7yqdR08nC6nooJ8ieRzxGvy1rdEa8jxfjBdErKEQfcSFEdvREkIMwFvTVN6a3ATePNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
865d221cee76222d-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 12:54:44 GMT
chunk-common.7e2f5dd6.js
g.cruqtins.top/js/
229 KB
60 KB
Script
General
Full URL
https://g.cruqtins.top/js/chunk-common.7e2f5dd6.js
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c82e7bd0a8261884eacae8961e700798e6369b3f47abd8f850348aa9a7e2caa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f01a12-39534"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUKVAAb2OgUwGjTpGtmycEZ3VmcZHHJE0WQknX56FU1%2B4Zsw9ezQywJlfnpTD4B5IBoNlsNkBRwjNiZSDK483nQ%2BGXbXPBLLks8P8QJvZxHz1jsh9jjZc%2FSXmlS8bDFkoTLa%2FgVIuA8Wre5z5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
865d221cee77222d-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 12:54:44 GMT
chunk-vendors.6879b757.js
g.cruqtins.top/js/
472 KB
151 KB
Script
General
Full URL
https://g.cruqtins.top/js/chunk-vendors.6879b757.js
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91437e662ff234f0efe52473fba1e37cb3097cce13bdc186ca8c4185d42ee55f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f01a12-76010"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=di7GCgbvxrzwRmhNOqHovDsMdk1b4C2b%2B%2B4vbSw1Gpx3Zsn1IvZP5OllkpRBi0brLvwoIjeuo1AY9n0lHgT7CsmHJB7qG1RPOkwFldJcGThXM9yW66Gkurekqy8myXkFDmbepK1ricuIU%2FY8bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
865d221cee79222d-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 12:54:44 GMT
index.794ba7a4.js
g.cruqtins.top/js/
32 KB
11 KB
Script
General
Full URL
https://g.cruqtins.top/js/index.794ba7a4.js
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8115d9475feca9cf9a278e0f7991e2d6dfb7ce92185bfa265e4de4d53d92b928

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f01a12-7fdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIeOwic0DDJ5dHwiNkxnsue%2FUfMSgIEAuKy%2FnkjigPBF5mvYjmUMdW3PCQL3h%2BC5%2Fx8ojBtuyBQBHvqITDDIth0oLyKgVfXG%2B8o%2F8t2sxx%2Fd%2FXQxlyve7%2FRCD0komdeUQHJzyMUDjDRq%2F5PrCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
865d221cee7a222d-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 12:54:44 GMT
color.js
g.cruqtins.top/
3 KB
1 KB
Script
General
Full URL
https://g.cruqtins.top/color.js
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5312d5ca7844477c4e06fcbe5bb1c1bfce4f5bcfb1960e0666efa8ce2401ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Mar 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65f01a12-b5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G1Yr8JK8SH1Bj97r%2F%2BQIxC%2BMeDTRMhvXeEYoNIqRLNYGnzoN68xerpe6PRvLfNZdtWGh3FqAr3u5b%2F1Wx8mU%2FLqnqnzbPZbomyArL5DDQCJN7bkP3zI6AwZH9BhiqlJsm2JrCK8WlOr9eD3lgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
865d221d0e91222d-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 12:54:44 GMT
pub-1107961416814374
fundingchoicesmessages.google.com/b/
10 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/b/pub-1107961416814374
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c626d4b1128a054a41e0ed10ba92e25289fa29f03189634c18b2d584c021516a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-i3056K0sSRp7Z0jmdRmd_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-i3056K0sSRp7Z0jmdRmd_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiJtjyoXb69kEGtYvDAQAIwosOQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVFcfV58EAv1O9Mv4DPbgCWivV6Iz126vlYHwZX4l-K-D3BrD0SwtQMS9Ifah5OenNTJZLBOqaU5wNstCUnD_0_SQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFcfV58EAv1O9Mv4DPbgCWivV6Iz126vlYHwZX4l-K-D3BrD0SwtQMS9Ifah5OenNTJZLBOqaU5wNstCUnD_0_SQ==
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zSd6VwN4uEzD3nEwhoKfzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-zSd6VwN4uEzD3nEwhoKfzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1iDgFiIh2PKhdvr2QR27Dp5iBEAxpUMjA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://g.cruqtins.top
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/
433 KB
136 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d76947c8cf14073f1ddd3d2243a869413b89c0e0fa1aaa9382c5526391ffc63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 19:43:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
61861
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139511
x-xss-protection
0
server
cafe
etag
4094789103652271715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 16 Mar 2025 19:43:43 GMT
games_v2.bin
g.cruqtins.top/conf/
70 B
781 B
XHR
General
Full URL
https://g.cruqtins.top/conf/games_v2.bin
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/js/chunk-vendors.6879b757.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c190025938b937a9d3da03b9179c0312b2dac5483fab1711a48d51d51b1b77

Request headers

Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
token
null

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
x-oss-request-id
65F6E81439279135378D5593
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
jgwjxSI6c4wtYtHLJecF/w==
alt-svc
h3=":443"; ma=86400
content-length
70
x-oss-object-type
Normal
last-modified
Wed, 29 Nov 2023 07:25:25 GMT
server
cloudflare
etag
"8E0C23C5223A738C2D62D1CB25E705FF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVNM7pwcQ3Y2h%2BbkabILWUZgwVq6n8J%2Bcc6QnnH0rLrRa3WnXl041cn5KWUY384OKH3DcUTFGfeZdYOX6Ki0WxEadcDwsE4rRd35h7C7k2jkj3UcYa84RUSwVFuyw7P9Wtk1adW8WT%2BFXNg5sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=3600
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
865d222109f067ea-MIA
x-oss-hash-crc64ecma
15912237831453317298
x-oss-server-time
2
expires
Sun, 17 Mar 2024 13:54:44 GMT
g.cruqtins.top.bin
g.cruqtins.top/conf/
400 B
761 B
XHR
General
Full URL
https://g.cruqtins.top/conf/g.cruqtins.top.bin
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/js/chunk-vendors.6879b757.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d30352c9888783fe86025cbc1482c09c13faf49e9393e4eced800e24f940836

Request headers

Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
token
null

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
x-oss-request-id
65F6E814F5B9DB37368191EA
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xICvV9psG1Dnjm76FKr9Tbg%2FAae9CE4GfdU3ZytLDuJDuHuG2%2BU8I84sZ9xZTnnzwrRqaxFJWUHtHDlMzIRHs9AXJjAsGbR8mfCnjkcDCV3xu%2FOaXpHInBxZK8PNgkAeGAQfHjbixe%2FW154eJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-oss-ec
0026-00000001
content-type
application/xml
cf-ray
865d222109f167ea-MIA
alt-svc
h3=":443"; ma=86400
x-oss-server-time
2
ads.g.cruqtins.top.bin
g.cruqtins.top/conf/
404 B
759 B
XHR
General
Full URL
https://g.cruqtins.top/conf/ads.g.cruqtins.top.bin
Requested by
Host: g.cruqtins.top
URL: https://g.cruqtins.top/js/chunk-vendors.6879b757.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:16a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba965a5203005b9afce62702bdee920a6fee0d5379710a822433c3c0b1653f69

Request headers

Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
token
null

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-encoding
br
x-oss-request-id
65F6E81490F7603837EF886F
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AHIZ3b1cuM8Xd2aPTkLsg693BtR7%2FMzKoHUvK10QUD77AK2wp5ITgM5zwzWixS12lVmB61aeQdocTcNQXsgzXucSojD8kqdFGZr%2FV3YCOESEUCDmLAWj0ry0eIjiCwEDgqbkQyjXn98qEhnTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-oss-ec
0026-00000001
content-type
application/xml
cf-ray
865d222119fa67ea-MIA
alt-svc
h3=":443"; ma=86400
x-oss-server-time
1
truncated
/
23 KB
23 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b61fe558de138dc00513ebede4e8b0fd3bd60bd16ff20da95872835f1e359b8

Request headers

Referer
Origin
https://g.cruqtins.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
21880406607
fundingchoicesmessages.google.com/i/
183 KB
60 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/21880406607?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
365c06e4ce327e31195ba9f884d18ac649f53c66aff6b2a2af5a2e9e9b069e23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iIBYExiZJGFmdUscpwb-hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-iIBYExiZJGFmdUscpwb-hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiIdjyoXb69kEZrSvncAMAFTFLIQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWoVYg2lhsWsm70ezZkNWOreQI4z0uV6SD6x0bYkIsdsWPSRpyupcq9G-sCxKfVIHaeF4PgJYQY7z50uJfyBM0z46tkPy2AQVKq56PpEVl7rDFzJyhoT-ZD6oIqVB9IRgGc3A6Umg==
fundingchoicesmessages.google.com/f/
3 KB
1 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWoVYg2lhsWsm70ezZkNWOreQI4z0uV6SD6x0bYkIsdsWPSRpyupcq9G-sCxKfVIHaeF4PgJYQY7z50uJfyBM0z46tkPy2AQVKq56PpEVl7rDFzJyhoT-ZD6oIqVB9IRgGc3A6Umg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjgwMDg1LDI5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2cuY3J1cXRpbnMudG9wLyIsbnVsbCxbWzgsIklJVXREU1FSUWtNIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d38f61c4d714680eb6587bf1e0a82609d3d071b9f008d53073fe171498e8dfa6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HbOPaEqDG80CLPwqz3EPLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HbOPaEqDG80CLPwqz3EPLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiJtj6oXb69kETlxdpwUAKLMsmA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp.js
cdn.id5-sync.com/api/1.0/
91 KB
27 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9993ba811178896cb23f4c7962c653da1b3abe26a94e25de15301bacf6465e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Feb 2024 12:45:12 GMT
server
cloudflare
x-amz-request-id
61XPPX2ENPN84YP8
age
3282
etag
W/"b8dad816086f13a6f0bcca7a55148e1e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
865d222428bb8dac-MIA
x-amz-id-2
DoM1Is1tRe2sasPv+DHdeECfVoDOwoKXKqUaKFm+r6HekcsVEnleTS1vQ0LTNw8GSqJIPES2R0g=
connectId-gpt.js
connectid.analytics.yahoo.com/
9 KB
9 KB
Script
General
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:8a00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:14:52 GMT
via
1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
EWR50-C1
age
2394
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
wEuY8R2tipZy8pC8BII_Qk2KOT3b4F-F9D8SUoklL9SSR2iCin3_xA==
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:dc00:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sun, 17 Mar 2024 09:33:36 GMT
Via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P6
Age
12474
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
KSyWoUj5GCEhStDdqEAJNdn6c0Q4gxe5EsCZEgSMTDtQsUra06AJhQ==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 07:34:31 GMT
content-encoding
gzip
via
1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:39:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
19215
etag
W/"21f8671135afbd2e874c42d3dc478afa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
0G1xt1eyDkWgFTPeiNucaA1Xmnd8NVXWNot9GsVHehkExoU_TkVP1g==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
via
1.1 google, 1.1 google
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
etag
cd19e0900da0cdbc6697310fd9330fb6
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
e194a0e3a5f842335ecb5fbf3d646689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
901 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 17 Mar 2024 12:54:45 GMT
x-content-type-options
nosniff
content-encoding
br
age
2142
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-mia-kmia1760051-MIA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 17:15:46 GMT
content-encoding
gzip
age
1625939
x-guploader-uploadid
ABPtcPr4_hdlxaBHomr9Tk2zM5l7yHmignf3y3W7bRrZ5g3JCQAk_qRPnERYKE8ZQ0kYeaTQ8NQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 26 Feb 2025 17:15:46 GMT
publishertag.ids.js
static.criteo.net/js/ld/
41 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 27 Feb 2024 07:13:11 GMT
server
nginx
etag
W/"65dd8b87-a5db"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Mar 2024 12:54:45 GMT
ob.js
cdn-ima.33across.com/
17 KB
6 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 19:54:16 GMT
server
cloudflare
age
403843
etag
W/"65ce6be8-42fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
865d22244b48daa3-MIA
expires
Wed, 20 Mar 2024 12:54:45 GMT
AGSKWxWKLTTYBHLUDet0GMzIjd-4mwI3VlDR4a3yqp4V6h6jRda1o28GJDKJBg2OYKuhCkTDhFZRdch_XdRL3dallzzU7iwgbBXFcctUc4VZVeZmPPZDTCx8_aPdpGFfGhnLowSfAl8g8g==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWKLTTYBHLUDet0GMzIjd-4mwI3VlDR4a3yqp4V6h6jRda1o28GJDKJBg2OYKuhCkTDhFZRdch_XdRL3dallzzU7iwgbBXFcctUc4VZVeZmPPZDTCx8_aPdpGFfGhnLowSfAl8g8g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjgwMDg1LDEzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZy5jcnVxdGlucy50b3AvIixudWxsLFtbOCwiSUlVdERTUVJRa00iXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07c3b27340f1cae0f8bcd0b3c5d56201f7090125b1455b7cc14e4589ffbc3b76
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JVHvXL9y8RwdSqVD-5a7zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JVHvXL9y8RwdSqVD-5a7zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1pBiWMy_i-m80x2m60Bcy_CMqRWIDTSeM1kA8bsvL5kEvr5kkgBiLSDmWzedVQWIDddPZ40E4pjn01lTgNgpfQZrCBD71M9gjQPikwvOs14EYiFujqkXbq9nE2hY-ScWAMUXLhs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/
0
230 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://g.cruqtins.top
date
Sun, 17 Mar 2024 12:54:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/
156 B
533 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.10.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-10-132.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ba75ea5cebd8df34f20ed2dad22cb0cb053bc6590684c9e62069b72e7756dde5

Request headers

Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Mar 2024 12:54:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://g.cruqtins.top
cache-control
no-cache
x-server
10.40.59.109
access-control-allow-credentials
true
content-length
156
expires
0
ads-vast-
fundingchoicesmessages.google.com/f/AGSKWxXz5mtEDF7CydqtYoEOAlCn-YgCENMhIoShMDztvcU8LAckMlyC5gczdIAujAi2tYxzNpukTKxFouos2LpTLm_okouSkbFZXYhnBjk0LryedGyU7J6JNKadYCdPXDR0LuyzsBkHwmme-uKDAdGv_keOmiwG_...
54 B
110 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXz5mtEDF7CydqtYoEOAlCn-YgCENMhIoShMDztvcU8LAckMlyC5gczdIAujAi2tYxzNpukTKxFouos2LpTLm_okouSkbFZXYhnBjk0LryedGyU7J6JNKadYCdPXDR0LuyzsBkHwmme-uKDAdGv_keOmiwG_tzXZ37h2-i2ZgJZ_oY98Zw6VHzjMOxc/_-advertisement./kskads./ad1x1home..ads.css/ads-vast-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxGFhSBGkuR9VJeBYRtSsPNSN2hkg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5895720e1051b5e68abba2c6e35712c728b32652a8e94dac3a621954c5435702
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KxoQAIjUXpXgYdNx4kJ6rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-KxoQAIjUXpXgYdNx4kJ6rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiIdj6oXb69kEbkzdtocZAFNrLQA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/
85 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxGFhSBGkuR9VJeBYRtSsPNSN2hkg/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73695484289ebf62f8ebf454f6c93207229586c0bdeb6723b06a724011b4019f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 11:56:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31027
x-xss-protection
0
server
cafe
etag
4920355141596313764
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 12:56:26 GMT
AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fu8JGfO7Jvw9GTCCNdNG6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:54:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fu8JGfO7Jvw9GTCCNdNG6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBiqGV4xtQKxE7pM1iDgFiIh2Pqhdvr2QQ61p_fywwAx4wMZA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://g.cruqtins.top
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CMJrwXxlaDYPAlN6Zgbr2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:54:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-CMJrwXxlaDYPAlN6Zgbr2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1iDgFiIm2Pahdvr2QR2HGjkBAC4dwuO"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://g.cruqtins.top
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M2OQ1ufUgXCl8D3okaVKrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:54:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M2OQ1ufUgXCl8D3okaVKrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1iDgFiIm2Pahdvr2QQuHOotBgC5oQwg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://g.cruqtins.top
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWBNkQ4JiipLWOy2Ul58j1AN3q0H2G-U8ItBj2UI1PCYa6zUrDyRjc_lGhNe6CI1P0IePFfZs08zqUuyiPRba5hqysiVE1niu2CsJAQjC9-_CBXHJF3JFU_Ydj2hJZecJ1mlfKjYg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IuorGTUCR-U2iy7sPJca1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:54:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IuorGTUCR-U2iy7sPJca1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1iDgFiIm2Pahdvr2QRWrP9TBAC6SgxY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://g.cruqtins.top
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVfYoOdonogNSxYseDtQ3aYKZj7lwq-Ei83r7PRXK1JhtJNVldhIhRCl3LSgtLWBFEeJBniEwLOZ7LLm6rpULv3vAx0QT5CIx3Wd8We5fOxdV-tUyuJLwMhcBnrDwx2DzD01Ylbqg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVfYoOdonogNSxYseDtQ3aYKZj7lwq-Ei83r7PRXK1JhtJNVldhIhRCl3LSgtLWBFEeJBniEwLOZ7LLm6rpULv3vAx0QT5CIx3Wd8We5fOxdV-tUyuJLwMhcBnrDwx2DzD01Ylbqg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNjgwMDg2LDE5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nLmNydXF0aW5zLnRvcC8iLG51bGwsW1s4LCJJSVV0RFNRUlFrTSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ac3d76d79aceed8d32964777950ace68e78187ef848dbe502fb50194395c30d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i2NDMcWzb8hUXHp-G7lJmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g.cruqtins.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 12:54:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-i2NDMcWzb8hUXHp-G7lJmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgPjkgvOsF4FYiJtj2oXb69kEblxbUQUAI-8s5w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXGVwYslbf3nk13M9VRxey9J5FL14IynyDEosz4uRSRwpp_DTv7qTeJKtze3cPUXRYf8h57VNSLfC6bpNzWXEQN5pAgC1E40Dknwd5XbhvP2tOVnMFxS7tYPFNIwU5gY8Zcgtuo8Q==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXGVwYslbf3nk13M9VRxey9J5FL14IynyDEosz4uRSRwpp_DTv7qTeJKtze3cPUXRYf8h57VNSLfC6bpNzWXEQN5pAgC1E40Dknwd5XbhvP2tOVnMFxS7tYPFNIwU5gY8Zcgtuo8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IIUtDSQRQkM.es5.O/am=wA/d=1/rs=AJlcJMysDthpbhkkXFmssKzk6EEEEvca5g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z6G_oY5kwqILVasmoJXtrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://g.cruqtins.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Mar 2024 12:54:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-z6G_oY5kwqILVasmoJXtrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1iDgFiIh2Pahdvr2QQeXF6_jBEAyMcMpA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://g.cruqtins.top
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| __h82AlnkH6D91__ function| __p4qa8r1lb17__ string| cHViLTExMDc5NjE0MTY4MTQzNzQ= function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| webpackJsonp object| regeneratorRuntime function| _ function| resetRootFZ undefined| google_measure_js_timing function| AddStyle object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NDAzYWI1ODdiZTljZjExYWxvYWRlcl9qcw== string| NDAzYWI1ODdiZTljZjExYWNhY2hlZF9qcw== object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| pbjs object| __id5_finalization_registry object| ox_esp object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_t object| sync16589_ga object| sync16589_u object| sync16589_pa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_v function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_ha function| sync16589_ia function| sync16589_A function| sync16589_ja function| sync16589_B function| sync16589_C function| sync16589_w function| sync16589_D function| sync16589_ka function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_la function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_ma function| sync16589_na function| sync16589_oa function| sync16589_N function| sync16589_O function| sync16589_qa function| sync16589_P function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_Q function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_za function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| criteo_pubtag object| criteo_identitytag_151 object| Criteo object| Criteo_identitytag_151 object| __uid2SecureSignalProvider object| __uid2 boolean| 2a9062dc-3d71-40d8-b350-4157837f552b number| __google_lidar_ function| __google_lidar_radf_

5 Cookies

Domain/Path Name / Value
.cruqtins.top/ Name: lotame_domain_check
Value: cruqtins.top
.crwdcntrl.net/ Name: _cc_id
Value: 1af0515513d0f844253c054eecf2a0a3
.cruqtins.top/ Name: _cc_id
Value: 1af0515513d0f844253c054eecf2a0a3
.cruqtins.top/ Name: panoramaId_expiry
Value: 1710766485463
.cruqtins.top/ Name: FCNEC
Value: %5B%5B%22AKsRol9r2hRfxnzAKugvLAmK6qsf1LLGZ1n3mFGFr0t7p3B7ygfrp8Ig2edXcda2OJOgZ9OjvOWIRluAYzgWssuIASsKLgG_DZqmwRe6nBfljk8ToPu5xhdsIP7K0xWl9kbtuXOL3-P-XFyf6-iHcx7vCAMn15i86w%3D%3D%22%5D%5D

3 Console Messages

Source Level URL
Text
network error URL: https://g.cruqtins.top/conf/g.cruqtins.top.bin
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://g.cruqtins.top/conf/ads.g.cruqtins.top.bin
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://g.cruqtins.top/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
connectid.analytics.yahoo.com
fundingchoicesmessages.google.com
g.cruqtins.top
id5-sync.com
invstatic101.creativecdn.com
oa.openxcdn.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
108.138.128.46
162.19.138.117
172.64.152.89
2600:9000:21ea:8a00:10:dd8:5e40:93a1
2600:9000:2511:dc00:a:e047:753:eb41
2606:4700:10::ac43:266a
2606:4700:3033::6815:16a9
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:821::2002
2620:100:a001::4
2a04:4e42:200::485
34.102.146.192
34.96.70.87
52.0.10.132
07c3b27340f1cae0f8bcd0b3c5d56201f7090125b1455b7cc14e4589ffbc3b76
12a448ac47fc5284051fc9ecb896d5875ee6b96a70cb322fcd5839baa7ace85b
25d8e4695f7fa97f1bfeb3580f3deb14056a2d65dabd7e07e110332390ceeed4
2b61fe558de138dc00513ebede4e8b0fd3bd60bd16ff20da95872835f1e359b8
365c06e4ce327e31195ba9f884d18ac649f53c66aff6b2a2af5a2e9e9b069e23
3c5312d5ca7844477c4e06fcbe5bb1c1bfce4f5bcfb1960e0666efa8ce2401ea
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5895720e1051b5e68abba2c6e35712c728b32652a8e94dac3a621954c5435702
5ac3d76d79aceed8d32964777950ace68e78187ef848dbe502fb50194395c30d
5d30352c9888783fe86025cbc1482c09c13faf49e9393e4eced800e24f940836
5db514d2992d8a747e946034ab319aa3999873a96d5133a3d4eed94ab678cc4c
608abd7d8d62256969e2794e05565f3f6fadf8a5b58019d2969112a6be56a328
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73695484289ebf62f8ebf454f6c93207229586c0bdeb6723b06a724011b4019f
7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39
8115d9475feca9cf9a278e0f7991e2d6dfb7ce92185bfa265e4de4d53d92b928
8c82e7bd0a8261884eacae8961e700798e6369b3f47abd8f850348aa9a7e2caa
8f9ec8832534ca47daeb2af0b882a4785ad25c3a5803ea3f830480ea103f0e77
91437e662ff234f0efe52473fba1e37cb3097cce13bdc186ca8c4185d42ee55f
a3c190025938b937a9d3da03b9179c0312b2dac5483fab1711a48d51d51b1b77
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
af9993ba811178896cb23f4c7962c653da1b3abe26a94e25de15301bacf6465e
ba75ea5cebd8df34f20ed2dad22cb0cb053bc6590684c9e62069b72e7756dde5
ba965a5203005b9afce62702bdee920a6fee0d5379710a822433c3c0b1653f69
c626d4b1128a054a41e0ed10ba92e25289fa29f03189634c18b2d584c021516a
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
d38f61c4d714680eb6587bf1e0a82609d3d071b9f008d53073fe171498e8dfa6
d76947c8cf14073f1ddd3d2243a869413b89c0e0fa1aaa9382c5526391ffc63a
e217ca929041462aea2d6e57bf7161d02ce546e0b07ff5eef86a9a55d806377f
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0