Submitted URL: http://lbs.crosswordle.cc/
Effective URL: https://lbs.crosswordle.cc/
Submission: On August 16 via manual from IN — Scanned from IT

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 49 HTTP transactions. The main IP is 172.67.145.137, located in United States and belongs to CLOUDFLARENET, US. The main domain is lbs.crosswordle.cc.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.
This is the only time lbs.crosswordle.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 172.67.145.137 13335 (CLOUDFLAR...)
6 172.217.23.98 15169 (GOOGLE)
1 3.160.150.46 16509 (AMAZON-02)
2 104.20.95.138 13335 (CLOUDFLAR...)
1 172.217.18.4 15169 (GOOGLE)
1 65.9.66.81 16509 (AMAZON-02)
1 3.65.249.218 16509 (AMAZON-02)
1 13.32.121.68 16509 (AMAZON-02)
9 143.204.98.46 16509 (AMAZON-02)
5 142.250.185.130 15169 (GOOGLE)
13 216.58.206.46 15169 (GOOGLE)
49 12
Apex Domain
Subdomains
Transfer
14 google.com
www.google.com — Cisco Umbrella Rank: 10
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
84 KB
13 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5787
buttons-config.sharethis.com — Cisco Umbrella Rank: 6537
l.sharethis.com — Cisco Umbrella Rank: 6409
count-server.sharethis.com — Cisco Umbrella Rank: 11503
platform-cdn.sharethis.com — Cisco Umbrella Rank: 12361
57 KB
8 crosswordle.cc
lbs.crosswordle.cc
150 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
282 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 26457
c.statcounter.com — Cisco Umbrella Rank: 15477
13 KB
0 adtrafficquality.google Failed
ep1.adtrafficquality.google Failed
49 7
Domain Requested by
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 platform-cdn.sharethis.com lbs.crosswordle.cc
8 lbs.crosswordle.cc lbs.crosswordle.cc
6 pagead2.googlesyndication.com lbs.crosswordle.cc
pagead2.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 count-server.sharethis.com platform-api.sharethis.com
1 c.statcounter.com www.statcounter.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.google.com lbs.crosswordle.cc
1 www.statcounter.com lbs.crosswordle.cc
1 platform-api.sharethis.com lbs.crosswordle.cc
0 ep1.adtrafficquality.google Failed pagead2.googlesyndication.com
49 13

This site contains links to these domains. Also see Links.

Domain
v11.y2mate.bz
Subject Issuer Validity Valid
crosswordle.cc
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-19 -
2025-05-17
a year crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-05 -
2025-01-03
a year crt.sh
www.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 7 frames:

Primary Page: https://lbs.crosswordle.cc/
Frame ID: 18813A1C4063A1D329E37B86899C85E7
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?q=Restaurants+Near+Me&key=AIzaSyCBDr8QFM4u7DEHVsXGKtcHeHdcHjaK0J4
Frame ID: A916E4C1033757093467487827959E12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Frame ID: 3CEED823DCE3C205C63832197D18E9A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1543954567491874&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723847374&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C212x540_r&format=0x0&url=https%3A%2F%2Flbs.crosswordle.cc%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=27_15~30_19&aiixl=29_5~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723847373196&bpp=3&bdt=780&idt=935&shv=r20240814&mjsv=m202408130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6957356010107&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334828%2C95337870%2C95338229%2C31086141%2C95340285%2C95338262&oid=2&pvsid=815731562336118&tmod=506362727&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=957
Frame ID: C443BF3762C432D05F067B617662C1E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Frame ID: E5AC30041E28A23EA41F9DE75FE1C64F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Frame ID: 840D0B319DC8B073FF541B7C8724A929
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Frame ID: E356E74FA3ADBF7BDE4DEFF191B22CAD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Restaurants Near Me - Find Places Nearby

Page URL History Show full URLs

  1. http://lbs.crosswordle.cc/ HTTP 307
    https://lbs.crosswordle.cc/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

13
Subdomains

12
IPs

3
Countries

587 kB
Transfer

2161 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lbs.crosswordle.cc/ HTTP 307
    https://lbs.crosswordle.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lbs.crosswordle.cc/
Redirect Chain
  • http://lbs.crosswordle.cc/
  • https://lbs.crosswordle.cc/
125 KB
17 KB
Document
General
Full URL
https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
ddce498693d1d7f8b72fc2e5516168e2c9813a48c0aacad32eabcfc2c6d65fe4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b44dd1b6feabae7-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 16 Aug 2024 22:29:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGIeqGSuPaw0BVogE7ux5LRCOqIkpjs8kfiSJPxPdFlIFjpddX5O2DYl0hSzbTdsTb5Bez1eNfblcYL7jnVOZugrDTiOC8CDtjW5uRhv%2BcJ9P88cNHacm%2Fwopo9OelPFA6pWrkA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.1.33

Redirect headers

Location
https://lbs.crosswordle.cc/
Non-Authoritative-Reason
HttpsUpgrades
base.css
lbs.crosswordle.cc/static/css/
237 KB
37 KB
Stylesheet
General
Full URL
https://lbs.crosswordle.cc/static/css/base.css
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e229a7b9a01c6e5c18e6ab013e5c112408daeacc6000ffba5b0cb38a0c6105

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7061
alt-svc
h3=":443"; ma=86400
content-length
37526
last-modified
Tue, 19 Sep 2023 06:02:46 GMT
server
cloudflare
etag
"3b358-605b001fced80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyPbt2Rc833ErZSE9MrQwg2FSTMq8U4nWklEtCiJLtEUBdM2MJ%2B1npkHBSGvWC23uVFLIAvjLACgDaPwWvIz7mXIv8lriTKfTclSCT1UG6yxvEn15cm99AqBuSuORTI2gxvhBh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b44dd1ddb92bae7-MXP
css.css
lbs.crosswordle.cc/static/css/
43 KB
6 KB
Stylesheet
General
Full URL
https://lbs.crosswordle.cc/static/css/css.css
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400dbf87c219c27e2744e897f7858b78c875699ddc6a595215335d467509182c

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7061
alt-svc
h3=":443"; ma=86400
content-length
6278
last-modified
Tue, 19 Sep 2023 06:02:56 GMT
server
cloudflare
etag
"adbc-605b002958400-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AT6t5r04xIJz9INXarpXh9WXz7nK3YAO%2BRwHj2Sk4TY4WXjBgP3LpPxzeiYwgMz0F6aATJk%2BlhM97EYIsuvMZsLqDnxWLbCLwntUzAQ0bt1tQkpcZOLP7RoOSSfbKLj6yRJLP5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b44dd1ddb93bae7-MXP
style.css
lbs.crosswordle.cc/static/css/
86 KB
13 KB
Stylesheet
General
Full URL
https://lbs.crosswordle.cc/static/css/style.css
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4efb35a3bd5d8dc7b2f3d50977188062f22247931745483b0d3015b9f0406e

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7061
alt-svc
h3=":443"; ma=86400
content-length
12876
last-modified
Tue, 19 Sep 2023 06:03:02 GMT
server
cloudflare
etag
"1579b-605b002f11180-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lR91xM0lexWPMGCT8YLwuIEPZqVzBD509WL1c0RYW9bU5ojb5P5rff18J4hQhe%2BHq%2FA%2Bbuf4bhQ%2BuJXUE7kdvjTB8jE0Q4HxfgGa9ZsPM9bTk%2Bgk0dbKK%2FcgJsgEB161G47oq%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b44dd1ddb97bae7-MXP
jquery.min.js
lbs.crosswordle.cc/static/js/
94 KB
33 KB
Script
General
Full URL
https://lbs.crosswordle.cc/static/js/jquery.min.js
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7061
alt-svc
h3=":443"; ma=86400
content-length
33369
last-modified
Tue, 19 Sep 2023 06:03:12 GMT
server
cloudflare
etag
"1787d-605b00389a800-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuxRlXbM83TY6x6gOIgVmXsGFkqNKISmTSZiO6JFQzk9GzBWj0lclj%2BU9yskGu5Vw4YDZtJcWjxZKtxaRTkpORpsMIfeyVsyaOLAFY08fnIa7xz79wX2eKx%2B4GQ8sump9zuvu9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b44dd1ddb9bbae7-MXP
bootstrap.min.js
lbs.crosswordle.cc/static/js/
61 KB
15 KB
Script
General
Full URL
https://lbs.crosswordle.cc/static/js/bootstrap.min.js
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7061
alt-svc
h3=":443"; ma=86400
content-length
15286
last-modified
Tue, 19 Sep 2023 06:03:16 GMT
server
cloudflare
etag
"f3e8-605b003c6b100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1urCjP5ixS0ZoL%2F6TeMXPIEZL4o26HkH9s8%2FAhy1m9O0AC6DIIClKx4jp3MeiPSkNgd5I%2BsRQi0XiKQlgfMgR5HZa7vK13%2Bvbh%2BfIDMYZ6m%2BfuoAJ9ht8GAuaxZF%2FM1ch5hA6ZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b44dd1ddb9cbae7-MXP
bootstrap-icons.css
lbs.crosswordle.cc/static/css/
79 KB
11 KB
Stylesheet
General
Full URL
https://lbs.crosswordle.cc/static/css/bootstrap-icons.css
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06161f136066d2a9fa98170692a0b79b74e8139cb1355607cc732b1355ef5119

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7061
alt-svc
h3=":443"; ma=86400
content-length
11420
last-modified
Tue, 19 Sep 2023 06:03:24 GMT
server
cloudflare
etag
"13a97-605b00440c300-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDesvxRNcbUsayDuXiqA6Wvz3khBWzz0Ui8misGTl8M6yvsHyhJ67xTdbxfwDh3lEp%2F1H1%2BGs4Je8YUDAIg%2FMjF8BXfFyApNhzJsrpkP%2F3%2BvfwbyXwv9xTrwh29zv%2FC%2F5ZvGeHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b44dd1ddb9abae7-MXP
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1543954567491874
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
97a0f6e1e7301c9a6c1a33254da0f0c4c4542efb0cff1bf08f35874ec46f9e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
Origin
https://lbs.crosswordle.cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52496
x-xss-protection
0
server
cafe
etag
4862592219345953247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 16 Aug 2024 22:29:33 GMT
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-46.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:24:13 GMT
content-encoding
gzip
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P7
age
319
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
3E0XkSvOCnkS8sW1UKxVoddD3p86h2cT2yVzRUN5j6DHPXZ78Oyd5Q==
counter.js
www.statcounter.com/counter/
35 KB
13 KB
Script
General
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 10:38:52 GMT
server
cloudflare
age
29227
etag
W/"66bc893c-8c17"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8b44dd204ebc0e83-MXP
expires
Sat, 17 Aug 2024 02:22:25 GMT
place
www.google.com/maps/embed/v1/ Frame A916
0
0
Document
General
Full URL
https://www.google.com/maps/embed/v1/place?q=Restaurants+Near+Me&key=AIzaSyCBDr8QFM4u7DEHVsXGKtcHeHdcHjaK0J4
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-AR2Bjt_kEs02F059xa4ZVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1493
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-AR2Bjt_kEs02F059xa4ZVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 16 Aug 2024 22:29:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
623e78b2c61dea0013794b96.js
buttons-config.sharethis.com/js/
666 B
1 KB
Script
General
Full URL
https://buttons-config.sharethis.com/js/623e78b2c61dea0013794b96.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ab34e8bc59acf71fc8ec545bf5adf47bcf256df89ad24e5394e5867c70a5b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:34 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 27 Mar 2022 11:41:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
"c71017ac99afbbf7a2e84ccc3c158c85"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
666
x-amz-cf-id
wF7Tla8nytlZxJqbbyCXj4XzIKopUTHVMqq8C81URtAXkMhFkatTRg==
pview
l.sharethis.com/
0
405 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=lbs.crosswordle.cc&location=%2F&product=sop&url=https%3A%2F%2Flbs.crosswordle.cc%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Restaurants%20Near%20Me%20-%20Find%20Places%20Nearby&cms=unknown&publisher=623e78b2c61dea0013794b96&sop=true&version=st_sop.js&lang=en&description=Use%20the%20google%20map%20to%20find%20Restaurants%20Near%20Me.%20Contact%20a%20location%20near%20you%20for%20products%20or%20services.%0A&ua=&ua_mobile=false&ua_full_version_list=&uuid=c3b160cb-f379-4dd9-936a-679bf15ceff4
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.249.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-249-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 22:29:33 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://lbs.crosswordle.cc
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
t.php
c.statcounter.com/
192 B
598 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=12924194&u1=1BD2669788E64F7D6FEA1192319A8453&java=1&security=713d47bd&sc_snum=1&sess=99b877&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//lbs.crosswordle.cc/&t=Restaurants%20Near%20Me%20-%20Find%20Places%20Nearby&invisible=1&sc_rum_e_s=1793&sc_rum_e_e=1811&sc_rum_f_s=0&sc_rum_f_e=1792&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://lbs.crosswordle.cc
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8b44dd20ff960e83-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/
86 KB
30 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1543954567491874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
ae51847f14c9af2e2fe6832b1ad5bca08b543c454e7ac10ccce40ee85ed1df5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30724
x-xss-protection
0
server
cafe
etag
8473844490152665034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Aug 2024 22:29:33 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/
423 KB
142 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1543954567491874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
468b7f59e3dfd1157514fa23e77d4d702849d9e8aa61acfcbdb3b6168895f1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145369
x-xss-protection
0
server
cafe
etag
14081607156050605697
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Aug 2024 22:29:33 GMT
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1543954567491874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

get_counts
count-server.sharethis.com/v2.0/
632 B
998 B
Script
General
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Flbs.crosswordle.cc%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-68.fra60.r.cloudfront.net
Software
/
Resource Hash
ab517865e3dc2bad0cac6504ede7b2b8b8835f1796c43a31d42aeab95f12385b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 12:35:30 GMT
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
35644
etag
f86dce36d75287a10b078d38d6310a92
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
content-length
632
apigw-requestid
cmge7gvUIAMEJWg=
x-amz-cf-id
wPGmda9qvR2OOsFMHPrsKSaOAx4REluNDYBTLEbRDBR29NEWWOmjbA==
facebook.svg
platform-cdn.sharethis.com/img/
301 B
742 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 22:17:55 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1901500
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
301
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"c6e9be45643e197ce1db1d7e24a99adc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
KUYHuUdYr8tFAEtM_xXL_2taArAEM-1Gy18BwYFD8I89PvwAOvIDhw==
twitter.svg
platform-cdn.sharethis.com/img/
368 B
776 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:28:07 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
88
x-amz-server-side-encryption
AES256
etag
"2deb3d5121d475d195577a70b0a91a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
368
x-amz-cf-id
med_fSnyut_0wU3U5vgYb0mKNKcaz3O19QH7l76WiOAKkj2a4ZltJg==
sharethis.svg
platform-cdn.sharethis.com/img/
514 B
938 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:07:57 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1545698
etag
"deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
514
x-amz-cf-id
B_Burv9g2LbSh3kdHLy8F85u5MQpRP234vpyUyqzw8C0P4MvG_gT6g==
linkedin.svg
platform-cdn.sharethis.com/img/
456 B
898 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 01:56:19 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1715596
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
456
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"fa43b4ede18498b114fc7185993f6da7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
HL0On2U8NXrOOt04g5fbOPnXNquakj2YtqcNuegT6rOxcUHHdOl_Rg==
pinterest.svg
platform-cdn.sharethis.com/img/
771 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 10:50:04 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1251571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
771
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"2b10a062e719c64b686e2e8fcdc216dc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
LanptXbW4qMKmPuURgoHE159i4-RdgFKUQ2GtCZXuxVt7TBTjENhdA==
reddit.svg
platform-cdn.sharethis.com/img/
910 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/reddit.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 02:33:50 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2231745
etag
"78d796ca648d8a5e665b48ed0217c56a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
910
x-amz-cf-id
_2huDye8tSK6augq1WfBhYW6uYz3TKxgflGQ-iFDjW9C-DlFkqgVeA==
messenger.svg
platform-cdn.sharethis.com/img/
372 B
797 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 05:01:16 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2136499
etag
"a5aa43fa302867d3e888ac2f69b7b288"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-amz-cf-id
akZzDI58_WBevSM2ixHRfeRDxEDMly1mNnh_w0eF363YOI6MFIyS0Q==
arrow_left.svg
platform-cdn.sharethis.com/img/
565 B
1006 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 18:42:14 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
13641
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
565
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"b55d8d2b9321e381a3c38a4bddb74037"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
LyrVphnDBZ6Flo5IyOPNUYmmcGSlmjf7AWk4kJmVdEaWx7T8UxscAA==
arrow_right.svg
platform-cdn.sharethis.com/img/
565 B
1005 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by
Host: lbs.crosswordle.cc
URL: https://lbs.crosswordle.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-46.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 15:44:50 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
24285
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
565
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"9928d025bd5792b718ee0a185f62e67c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
EZO7iprTeOM-zCrRzLPAsT5WuPXHugp_nerd6Oip1H63KPzSjjs51A==
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/ Frame 3CEE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
11532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4141
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 19:17:22 GMT
etag
3784890935487277381
expires
Fri, 30 Aug 2024 19:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C443
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1543954567491874&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723847374&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C212x540_r&format=0x0&url=https%3A%2F%2Flbs.crosswordle.cc%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=27_15~30_19&aiixl=29_5~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723847373196&bpp=3&bdt=780&idt=935&shv=r20240814&mjsv=m202408130101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6957356010107&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334828%2C95337870%2C95338229%2C31086141%2C95340285%2C95338262&oid=2&pvsid=815731562336118&tmod=506362727&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=957
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
82255
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 22:29:35 GMT
expires
Fri, 16 Aug 2024 22:29:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/
171 KB
58 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
dc5cd119238224c6d236d75ab7eb1b0f67782cb92a225328f19d0e1fbdd7fa4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58992
x-xss-protection
0
server
cafe
etag
9092019519488630217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Aug 2024 22:29:35 GMT
ca-pub-1543954567491874
fundingchoicesmessages.google.com/i/
202 KB
67 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1543954567491874?href=https%3A%2F%2Flbs.crosswordle.cc&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
49c0d21dbb49927c287691e5a51393e99993dfa7e2c93c379060e51583d0c180
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D_7fzBIukPN6pemGdqv5oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-D_7fzBIukPN6pemGdqv5oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw05BiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIh-P80v9b2QQaPm1rYlbSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwNNUzMIgvMAAAEoA-nA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWtiV4yVvM1XvKSMEVZMOQs3zCnUVs_MVuYGLsqOwqFV9C1olZsBrOKuUYHSYQnejgRHm6kiGkcenW5vECsN8-OZNway7kAwcvSTZc6dv2lSHV4vx1b9thUrbVs28-asnxj-pxelQ==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWtiV4yVvM1XvKSMEVZMOQs3zCnUVs_MVuYGLsqOwqFV9C1olZsBrOKuUYHSYQnejgRHm6kiGkcenW5vECsN8-OZNway7kAwcvSTZc6dv2lSHV4vx1b9thUrbVs28-asnxj-pxelQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzODQ3Mzc2LDQ3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2xicy5jcm9zc3dvcmRsZS5jYy8iLG51bGwsW1s4LCI1QUVQbVRodWxJNCJdLFs5LCJpdCJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODYxMzMsMzEwODQyNjhdLG51bGwsMTZdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
cf716396213ab8ef8594bcffed0f83b5aa122ebc8f7ff88a125f90691895d128
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fWtiOfEsVS6AV5U5oA7vAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fWtiOfEsVS6AV5U5oA7vAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw0JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIm-PC0v9b2QRurGmyUNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxsDA01TMwiC8wAADMWj4n"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/ Frame E5AC
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
11532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4141
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 19:17:22 GMT
etag
3784890935487277381
expires
Fri, 30 Aug 2024 19:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/ Frame 840D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
11532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4141
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 19:17:22 GMT
etag
3784890935487277381
expires
Fri, 30 Aug 2024 19:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/ Frame E356
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240814/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
11532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4141
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 19:17:22 GMT
etag
3784890935487277381
expires
Fri, 30 Aug 2024 19:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad.epl
fundingchoicesmessages.google.com/f/AGSKWxVmrOMRneQMuZLdulEA9ICKLcu7S_VTAiUI2JSvkxPb2wQ33bvNSnT1ghtBFDsD0bs7pw1u_KuZbEUgbnC54pEb-Ixux1CAxR6wgGcmtdr48g_bjA50qfn8CCEjkMtEMu4tXnk8F8aheR4Zim6YiGJpwKmr6...
54 B
508 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVmrOMRneQMuZLdulEA9ICKLcu7S_VTAiUI2JSvkxPb2wQ33bvNSnT1ghtBFDsD0bs7pw1u_KuZbEUgbnC54pEb-Ixux1CAxR6wgGcmtdr48g_bjA50qfn8CCEjkMtEMu4tXnk8F8aheR4Zim6YiGJpwKmr6gUrWmpzCcWHQEiCUtQ1s0cjyxF-KBBO/_/ads/layer./tradead_/ad.epl?/ad/extra_/awe2.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxSHQtqh3Nqdth8CsDLoQktT8f6rQ/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
a2f47a70781d6ad06e846aff821b9e5bcd9a18e8b2be8a81d9c271173aaff6a6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-q2nRxVU0fKfMIAKWgoNqxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-q2nRxVU0fKfMIAKWgoNqxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIh-PC0v9b2QRmTLrfw6ykkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBhaKpnYBBfYAAAC-Y-gw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
167 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxSHQtqh3Nqdth8CsDLoQktT8f6rQ/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 23:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
81871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Aug 2024 23:45:05 GMT
AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
fundingchoicesmessages.google.com/el/
0
371 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v2EP_FaJ5yT5Sjpo6Lce4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v2EP_FaJ5yT5Sjpo6Lce4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDguLv2_lU3gwZs1BxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhaGpnoF5fIEBAJQyLt8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lbs.crosswordle.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
fundingchoicesmessages.google.com/el/
0
1 KB
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9r82GpF_lQ5Zo9D1oDs80A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-9r82GpF_lQ5Zo9D1oDs80A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDguLv2_lU3gwObuA4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwtBUz8A8vsAAAG2nLl4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lbs.crosswordle.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
fundingchoicesmessages.google.com/el/
0
372 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ep1IvyJlHwGNhpjYPmMXZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-ep1IvyJlHwGNhpjYPmMXZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDguLv2_lU1gxp4jBxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhaGpnoF5fIEBAHYyLns"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lbs.crosswordle.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
fundingchoicesmessages.google.com/el/
0
371 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lCt6kMAvyyw-WlaO0NR0Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lCt6kMAvyyw-WlaO0NR0Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDguLv2_lU3gxbt9ZxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhaGpnoF5fIEBAKRQLxE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lbs.crosswordle.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVlbcVb0qHyok4WPJLFADLaZEBz3ACGNjHkAh-Q_PWqya4VPlpPnNZ7kjOG3a3U4KzhwyVJRqOtKQVJmMEZoFaEOP17o-b4UfzrcMINWTT4-GQzUETfyKv-SJBbzmB7TOCelIXM4w==
fundingchoicesmessages.google.com/f/
8 KB
3 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVlbcVb0qHyok4WPJLFADLaZEBz3ACGNjHkAh-Q_PWqya4VPlpPnNZ7kjOG3a3U4KzhwyVJRqOtKQVJmMEZoFaEOP17o-b4UfzrcMINWTT4-GQzUETfyKv-SJBbzmB7TOCelIXM4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzODQ3Mzc2LDg5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGJzLmNyb3Nzd29yZGxlLmNjLyIsbnVsbCxbWzgsIjVBRVBtVGh1bEk0Il0sWzksIml0Il0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NjEzMywzMTA4NDI2OF0sbnVsbCwxNl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
959cd73e01147336c3a76390375a61ac1c6e797dc9cebd8df0f869f0a7ed9f0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-drWf9ldR0k8l94k42Ruz4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-drWf9ldR0k8l94k42Ruz4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYiT_p1nLQJid62LrP5AvCTiIuuhxIushgqXWB2B-P66S6zPgXjvx0usR4FYiIfjwtL_W9kETuy9v5dZSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTAwtBUz8AgvsAAABzFRBc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
fundingchoicesmessages.google.com/el/
0
369 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b-93RYFi95HCPe1ShN4LdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-b-93RYFi95HCPe1ShN4LdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDguLv2_lU2gY-qEs4xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwtBUz8A8vsAAAF_ALic"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lbs.crosswordle.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWXo1hQUZ2fmUJdML3PC29f7LjWkV8IBwXIG41KUx-Sap5BlOHgsShteu2y95Bz8kHjFQq2bDcqS4pzgXj077_ttT2A4aB4EvK5bUXeRn0Ge26ZbCEsYx-qVvgmIJHWlBdI6RY3lA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWXo1hQUZ2fmUJdML3PC29f7LjWkV8IBwXIG41KUx-Sap5BlOHgsShteu2y95Bz8kHjFQq2bDcqS4pzgXj077_ttT2A4aB4EvK5bUXeRn0Ge26ZbCEsYx-qVvgmIJHWlBdI6RY3lA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzODQ3Mzc2LDk3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbGJzLmNyb3Nzd29yZGxlLmNjLyIsbnVsbCxbWzgsIjVBRVBtVGh1bEk0Il0sWzksIml0Il0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NjEzMywzMTA4NDI2OF0sbnVsbCwxNl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
2f3adc1c686f900510cabbd874533bbea15da9aab870b8ecb83827578d440423
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZOcKkWBRc4vPuckw391KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ZOcKkWBRc4vPuckw391KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOHHrNtMFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYiT_p1nLQJid62LrP5AvCTiIuuhxIushgqXWB2B-P66S6zPgXjvx0usR4FYiJvj4tL_W9kEPrR_4lDSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwNNUzMIgvMAAAxzxDYQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV0oXTjOqFLep0Ea6aAQYB_nLG-zj5OzBROEOx_PYpE-iLFXx3Mk5SoKTuyAApIzZaBzIzuTg0PlWhEn6CkCtP2JZl3xTr6kijI8EwRVZ3bq0wjYJtvonloSjCnPqUsa6KXT9ZzFg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV0oXTjOqFLep0Ea6aAQYB_nLG-zj5OzBROEOx_PYpE-iLFXx3Mk5SoKTuyAApIzZaBzIzuTg0PlWhEn6CkCtP2JZl3xTr6kijI8EwRVZ3bq0wjYJtvonloSjCnPqUsa6KXT9ZzFg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzODQ3Mzc3LDczMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2xicy5jcm9zc3dvcmRsZS5jYy8iLG51bGwsW1s4LCI1QUVQbVRodWxJNCJdLFs5LCJpdCJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODYxMzMsMzEwODQyNjhdLG51bGwsMTZdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
764d0ac7a2ba0ed1e1f54cae00594a6441d71e58599711ad1f0905d7adc5c284
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h8DLBbo1hXdXkJIwMfIQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-h8DLBbo1hXdXkJIwMfIQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIm-Pi0v9b2QRmvJroqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFoqmdgEF9gAADMBj43"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVLxSgNsX5dLb1_UPVEpTvLD5uCgzFxgDY3IOlMFQsIxPSwmBzNhAJR7RHiF3caYWVY6R9-kzinL-oF4SpyNfo4gSwzcqMiDEj1nX3hrrxravCmFDYZQTU2MT8h-pvi9Cy69Y1UGg==
fundingchoicesmessages.google.com/el/
0
371 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVLxSgNsX5dLb1_UPVEpTvLD5uCgzFxgDY3IOlMFQsIxPSwmBzNhAJR7RHiF3caYWVY6R9-kzinL-oF4SpyNfo4gSwzcqMiDEj1nX3hrrxravCmFDYZQTU2MT8h-pvi9Cy69Y1UGg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tye_FfPlf9ew00FB-O88iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-Tye_FfPlf9ew00FB-O88iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDguLv2_lU1gwsfzBxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhaGpnoF5fIEBAITnLrA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lbs.crosswordle.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
fundingchoicesmessages.google.com/el/
0
372 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWwDhVTm_5bA-7G2jjqsRW__g4bri48OrXyoRJ_kaJQ5Tsuim0CGH68rv-4P6iod7J4qbdqpfnQPzS8NAqC0V3dDjr4nZyrYItN-UebEU7M0WBOPX5zNX7weXuSeoLc9PWkI-TbAQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.it.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwN9iR5fCRTYrMyL8LSlaHg2A18kQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6GRfvAg5FtGUQtBVGTQrZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-6GRfvAg5FtGUQtBVGTQrZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDguLv2_lU1gwaINBxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhaGpnoF5fIEBAHHiLmM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://lbs.crosswordle.cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
ep1.adtrafficquality.google/getconfig/
0
0

favicon.ico
lbs.crosswordle.cc/
125 KB
17 KB
Other
General
Full URL
https://lbs.crosswordle.cc/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.145.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
feb40ee23fe7e3b65d707ae0cba6936798cf6b99689d0998ae0dd38ba1040ef7

Request headers

Referer
https://lbs.crosswordle.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:29:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Aug 2024 19:45:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6520
x-powered-by
PHP/7.1.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMieU32rPl06e4rVFdm%2BdFEJ9gXNBDdzi5MJp8dlLeQoGW4Y67FV41COs016hbOtQW6FlsrDncM8U77PqB%2FlPd32LVQ2%2F9isG5OBXIqeGW5tQfQmr2k3%2BgCsvGZ%2FH4ao9QRE9ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8b44dd3e9f68bae7-MXP
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20240814&st=env

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| $ function| jQuery object| bootstrap object| jQuery111004998872671149044 function| download function| search function| clear_kw string| cc string| ip string| url number| sc_project number| sc_invisible string| sc_security object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| _statcounter object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTNmNzI5MmRmMWQ5OTQwYmxvYWRlcl9qcw== string| ZTNmNzI5MmRmMWQ5OTQwYmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag boolean| google_empty_script_included boolean| bec6475c-437e-4f50-9412-9ce1008291c7

15 Cookies

Domain/Path Name / Value
.lbs.crosswordle.cc/ Name: sc_is_visitor_unique
Value: rx12924194.1723847373.1BD2669788E64F7D6FEA1192319A8453.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12924194.1723847373.0
.statcounter.com/ Name: is_visitor_unique
Value: 1723847373350537296
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkM72tLOf9PnS7VjxA1apzcooia0X_Ntvb97imQT2kMUQ425_LQEj47od2J3vA
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.crosswordle.cc/ Name: __gads
Value: ID=fa71216aaab900e0:T=1723847374:RT=1723847374:S=ALNI_MYVwECxtAuqXZuH_C2Zd8CbIRHD7w
.crosswordle.cc/ Name: __gpi
Value: UID=00000e958971e9a0:T=1723847374:RT=1723847374:S=ALNI_MYZ9ThccH56OrLf_Z4YhyEI-I0_0A
.crosswordle.cc/ Name: __eoi
Value: ID=0a6d79e616479852:T=1723847374:RT=1723847374:S=AA-Afjb0XKXwYza7BppqJWk6F_N-
.casalemedia.com/ Name: CMPS
Value: 4375
.doubleclick.net/ Name: APC
Value: AfxxVi79ImRCY-_qSIkx6D_--ayt2Ma2uX6UnlJHmGHjz64VG1crxA
.casalemedia.com/ Name: CMID
Value: Zr-S0FVbL2gAAGoNAzaMeQAA
.casalemedia.com/ Name: CMPRO
Value: 1833
.crosswordle.cc/ Name: FCNEC
Value: %5B%5B%22AKsRol_f2rRbnzBUtVMVK9OZAaChRHoWkxZdlm_NK02WLXrdw0tqvJLK1_rmFdzO_7bBot0512P_4PC36bBWS8MvKCFsqrYGfvnEeXzwfbSd2Bpyk27Dzkd8ft6TzUxWzzpLb65b1tzwvpjXpRzzchQUKQNCRdZQlA%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
c.statcounter.com
count-server.sharethis.com
ep1.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
l.sharethis.com
lbs.crosswordle.cc
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
www.google.com
www.statcounter.com
ep1.adtrafficquality.google
104.20.95.138
13.32.121.68
142.250.185.130
143.204.98.46
172.217.18.4
172.217.23.98
172.67.145.137
216.58.206.46
3.160.150.46
3.65.249.218
65.9.66.81
06161f136066d2a9fa98170692a0b79b74e8139cb1355607cc732b1355ef5119
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2f3adc1c686f900510cabbd874533bbea15da9aab870b8ecb83827578d440423
3e4efb35a3bd5d8dc7b2f3d50977188062f22247931745483b0d3015b9f0406e
400dbf87c219c27e2744e897f7858b78c875699ddc6a595215335d467509182c
468b7f59e3dfd1157514fa23e77d4d702849d9e8aa61acfcbdb3b6168895f1d1
49c0d21dbb49927c287691e5a51393e99993dfa7e2c93c379060e51583d0c180
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
68e229a7b9a01c6e5c18e6ab013e5c112408daeacc6000ffba5b0cb38a0c6105
764d0ac7a2ba0ed1e1f54cae00594a6441d71e58599711ad1f0905d7adc5c284
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
8ab34e8bc59acf71fc8ec545bf5adf47bcf256df89ad24e5394e5867c70a5b84
959cd73e01147336c3a76390375a61ac1c6e797dc9cebd8df0f869f0a7ed9f0f
97a0f6e1e7301c9a6c1a33254da0f0c4c4542efb0cff1bf08f35874ec46f9e6d
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a2f47a70781d6ad06e846aff821b9e5bcd9a18e8b2be8a81d9c271173aaff6a6
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368
ab517865e3dc2bad0cac6504ede7b2b8b8835f1796c43a31d42aeab95f12385b
ae51847f14c9af2e2fe6832b1ad5bca08b543c454e7ac10ccce40ee85ed1df5b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf716396213ab8ef8594bcffed0f83b5aa122ebc8f7ff88a125f90691895d128
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
dc5cd119238224c6d236d75ab7eb1b0f67782cb92a225328f19d0e1fbdd7fa4b
ddce498693d1d7f8b72fc2e5516168e2c9813a48c0aacad32eabcfc2c6d65fe4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
feb40ee23fe7e3b65d707ae0cba6936798cf6b99689d0998ae0dd38ba1040ef7