bluemoonshine.fun Open in urlscan Pro
162.241.252.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bluemoonshine.fun/0.401625634166354
Effective URL:
https://bluemoonshine.fun/Home.php
Submission: On December 11 via api (December 11th 2024, 5:58:35 am UTC) from US — Scanned from US

Summary HTTP 39 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 6 domains to perform 39 HTTP transactions. The main IP is 162.241.252.221, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is bluemoonshine.fun.
TLS certificate: Issued by R11 on November 14th 2024. Valid for: 3 months.

This is the only time bluemoonshine.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	162.241.252.221 162.241.252.221	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
6	173.194.66.154 173.194.66.154	15169 (GOOGLE) (GOOGLE)
1	142.251.163.190 142.251.163.190	15169 (GOOGLE) (GOOGLE)
3	64.233.180.156 64.233.180.156	15169 (GOOGLE) (GOOGLE)
11	142.251.179.113 142.251.179.113	15169 (GOOGLE) (GOOGLE)
1	209.85.144.155 209.85.144.155	15169 (GOOGLE) (GOOGLE)
2	172.253.122.132 172.253.122.132	15169 (GOOGLE) (GOOGLE)
1	142.251.163.105 142.251.163.105	15169 (GOOGLE) (GOOGLE)
39	9

14 162.241.252.221 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5744.bluehost.com

bluemoonshine.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 173.194.66.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.190 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f190.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.180.156 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.179.113 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f113.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.155 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f155.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	bluemoonshine.fun 1 redirects bluemoonshine.fun	2 MB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	74 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	256 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
39	6

	Domain	Requested by
14	bluemoonshine.fun	1 redirects bluemoonshine.fun
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	bluemoonshine.fun pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.youtube.com	bluemoonshine.fun
39	8

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
autodiscover.vadcpa.com R11	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://bluemoonshine.fun/Home.php
Frame ID: 6CEB7553F643AC8A83C404A1BCCC6B1A
Requests: 33 HTTP requests in this frame

Frame: https://www.youtube.com/embed/w-C2XtjnSik?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=1&autoplay=1
Frame ID: DFBA0C118BA7DB15059B83B7AF3A1579
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/zrt_lookup_fy2021.html
Frame ID: 359B55AFB1A4F2D1C4A7B6A3CCDAFF23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8877699904480109&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733896710&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbluemoonshine.fun%2FHome.php&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733896710335&bpp=5&bdt=241&idt=311&shv=r20241209&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2572428635710&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089337%2C95347445%2C95345967&oid=2&pvsid=1918896639046454&tmod=593599708&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=352
Frame ID: E9094477170FECAB90AB1A630981CACA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/zrt_lookup_fy2021.html
Frame ID: BF292B238DBA31E081B21E6EC8243FCA
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 4766EA6C8DD3EF8D23ABDB0B2A6894F9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA371DCAB76C512919907859AAF03B50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Val G. Rousseau, PhD - Physicist and Teacher

Page URL History Show full URLs

https://bluemoonshine.fun/0.401625634166354 HTTP 302
https://bluemoonshine.fun/Home.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

39
Requests

97 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

9
IPs

1
Countries

2779 kB
Transfer

3459 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/in/Val-Rousseau-PhD

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrIPhPwCUMA14X-3Pulqqvg?sub_confirmation=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bluemoonshine.fun/0.401625634166354 HTTP 302
https://bluemoonshine.fun/Home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Home.php Show response
bluemoonshine.fun/
Redirect Chain

https://bluemoonshine.fun/0.401625634166354
https://bluemoonshine.fun/Home.php

9 KB
3 KB

128ms
127ms

Document
text/html

162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 6c91a48ef72b66d9e2e70d2e7e55fae18b9f716bfa1c7d08369503f895d77af6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 3345
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 05:58:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma: no-cache
server: Apache
vary: Accept-Encoding

Redirect headers

content-encoding: gzip
content-length: 21
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 05:58:29 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
location: Home.php
server: Apache
vary: Accept-Encoding

GET
H2 200 Stylesheet.css
bluemoonshine.fun/ 10 KB
2 KB 110ms
109ms Stylesheet
text/css 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bluemoonshine.fun/Stylesheet.css
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: b2c2527fbe67ec3fcdd6df535d5fdda55863198c8be1f7d1f60ce90f96078249

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

content-encoding: gzip
accept-ranges: bytes
content-length: 2484
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:23:36 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 166ms
67ms Script
text/javascript 173.194.66.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8877699904480109

Requested by

Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f154.1e100.net

Software

cafe /

Resource Hash

83b71940f8f034a94ea091f430f997045495468fbc23a6d34f48a94b96084d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bluemoonshine.fun
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: br
etag: 479013518659204395
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 05:58:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 11 Dec 2024 05:58:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53632
x-xss-protection: 0
server: cafe

GET
H2 200 Toggle.png
bluemoonshine.fun/Images/ 15 KB
15 KB 270ms
269ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Toggle.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 948cf95f4ac2885bdf84a0a69c55487bdd28d9977b5b6552235d64456c7e20d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 14862
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:05:52 GMT
content-type: image/png
server: Apache

GET
H2 200 Timer.gif
bluemoonshine.fun/Images/ 456 KB
457 KB 268ms
267ms Image
image/gif 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Timer.gif
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 5ded6d648a4d190a65aa0e6dfd040cdb559f1296a2e948b172251c5acff6d988

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 467166
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:05:51 GMT
content-type: image/gif
server: Apache

GET
H2 200 Signature.png
bluemoonshine.fun/Images/ 28 KB
28 KB 245ms
243ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Signature.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 935b423de6da04d5e693d9cceea5e872fc3788d3cdb13db325704c1a478d2804

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 28694
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:05:43 GMT
content-type: image/png
server: Apache

GET
H2 200 Home.png
bluemoonshine.fun/Images/Icons/ 7 KB
7 KB 521ms
520ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Icons/Home.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 8dfccee0586d538762c9ea7a5204afd8a33d9b11aa4270fc19d48cd25b63f46a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 6692
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:08:32 GMT
content-type: image/png
server: Apache

GET
H2 200 ProfilePicture.png
bluemoonshine.fun/Images/Home/ 205 KB
205 KB 522ms
521ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Home/ProfilePicture.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 5623a60072dea10d1a551a84b8146ffc785b7057c891202eb60e7a06a88b2a07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 210159
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:08:05 GMT
content-type: image/png
server: Apache

GET
H2 200 Subscribe.png
bluemoonshine.fun/Images/Icons/ 18 KB
18 KB 522ms
520ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Icons/Subscribe.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 8aaab753be8299075e663ca34f3be315b6695c786d29234a74be09ff65f9dbc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 18253
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:09:01 GMT
content-type: image/png
server: Apache

GET
H2 200 FooterLogo.png
bluemoonshine.fun/Images/ 71 KB
71 KB 520ms
519ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/FooterLogo.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: fe54db5ef1a87eb2d7737ba0423ab5766136c2ffe0ac17ba4d23f5f539675574

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 72983
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:05:42 GMT
content-type: image/png
server: Apache

GET
H2 200 w-C2XtjnSik
www.youtube.com/embed/ Frame DFBA 0
0 573ms
173ms Document
text/html 142.251.163.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/w-C2XtjnSik?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=1&autoplay=1

Requested by

Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.190 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f190.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluemoonshine.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 05:58:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Background.png
bluemoonshine.fun/Images/ 1 MB
1 MB 467ms
466ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Background.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 321d78350abfc4d423ff0384b97d4b55d6ec0c48ea3c355931f5600627dedda2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Stylesheet.css

Response headers

accept-ranges: bytes
content-length: 1464601
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:05:41 GMT
content-type: image/png
server: Apache

GET
H2 200 Gradient.png
bluemoonshine.fun/Images/ 121 KB
121 KB 633ms
632ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/Gradient.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 49c776beb8c38805d72639d1153d4a7a3eb7fc6b320d18e6830084cbd4a332a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Stylesheet.css

Response headers

accept-ranges: bytes
content-length: 123455
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:05:43 GMT
content-type: image/png
server: Apache

GET
H2 200 FooterGradient.png
bluemoonshine.fun/Images/ 65 KB
65 KB 633ms
633ms Image
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bluemoonshine.fun/Images/FooterGradient.png
Requested by: Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: 06e98474df5eb8ca8bc5f3021828a85adcbe97a368f26991b0050992848ccf5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Stylesheet.css

Response headers

accept-ranges: bytes
content-length: 66872
date: Wed, 11 Dec 2024 05:58:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:05:41 GMT
content-type: image/png
server: Apache

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 434 KB
144 KB 55ms
54ms Script
text/javascript 173.194.66.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8877699904480109

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f154.1e100.net

Software

cafe /

Resource Hash

a7caa8b02e080b62bab75ae53181045399f5fdc5e4ebcf824b34c22bbd17cf25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: br
etag: 11344910565997262481
age: 3635
x-content-type-options: nosniff
expires: Wed, 25 Dec 2024 04:57:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 11 Dec 2024 04:57:55 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147561
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/ Frame 359B 0
0 318ms
135ms Document
text/html 64.233.180.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluemoonshine.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 34424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 20:24:46 GMT
etag: 17661348622971093804
expires: Tue, 24 Dec 2024 20:24:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
66ms Image
image/gif 173.194.66.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=Footer&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 11 Dec 2024 05:58:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 65ms
64ms Image
image/gif 173.194.66.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=SmallHeader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 11 Dec 2024 05:58:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame E909 0
0 956ms
792ms Document
text/html 64.233.180.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8877699904480109&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733896710&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbluemoonshine.fun%2FHome.php&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733896710335&bpp=5&bdt=241&idt=311&shv=r20241209&mjsv=m202412040102&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2572428635710&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089324%2C31089337%2C95347445%2C95345967&oid=2&pvsid=1918896639046454&tmod=593599708&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=352

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluemoonshine.fun/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 60669
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 05:58:31 GMT
expires: Wed, 11 Dec 2024 05:58:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 177 KB
59 KB 52ms
51ms Script
text/javascript 173.194.66.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f154.1e100.net

Software

cafe /

Resource Hash

229cf352675733310370228fe56ec6daa939ff27db0fb2d549c2115408874956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: br
etag: 4781336244493941692
age: 51964
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 15:32:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 10 Dec 2024 15:32:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 60482
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-8877699904480109 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 249ms
118ms Script
application/javascript 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8877699904480109?href=https%3A%2F%2Fbluemoonshine.fun%2FHome.php&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

39a3e0d3d66ab015df9a53e473cb2ed45e217675df7032a2eca69e8b7746da9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BX0VIEGxKYN0-NxfJnBGNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:31 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcLRfebKLTeDAtQV7mZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MLPUMjOMLjACXbEXN"
content-security-policy: script-src 'report-sample' 'nonce-BX0VIEGxKYN0-NxfJnBGNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVAVz-fjS7MYl3pZ4HL1wL0yXtEuqxPR4IZ2IqdPnPvaEl3O1qVNa_N2TQKZ1Jc58C2rxa6515-BiHAOkBnOc6Yah-zsP3ebT5KYXNVAf2yQ-OnrN3L4hGcEoHPCT2dmIH78rKO0w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 83ms
82ms Script
application/javascript 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAVz-fjS7MYl3pZ4HL1wL0yXtEuqxPR4IZ2IqdPnPvaEl3O1qVNa_N2TQKZ1Jc58C2rxa6515-BiHAOkBnOc6Yah-zsP3ebT5KYXNVAf2yQ-OnrN3L4hGcEoHPCT2dmIH78rKO0w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzODk2NzEyLDE0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ibHVlbW9vbnNoaW5lLmZ1bi9Ib21lLnBocCIsbnVsbCxbWzgsIi1BdVBLN3lmbnA0Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxbG4-3lAJR0Vrvsg_u5SRKk6cebQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

0af5ec98c3d3d7529be61b32606480f0feb95cc8a05c5aeac6b0ae2f84bcf8de

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0grIn9Jb4sAKVIE7vMTobA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc3RcebKLTeDByb2xShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGRgaWegbG8QVGAFclRZk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0grIn9Jb4sAKVIE7vMTobA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/ Frame BF29 0
0 0ms
0ms Document
text/html 64.233.180.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241209/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluemoonshine.fun/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 34424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 20:24:46 GMT
etag: 17661348622971093804
expires: Tue, 24 Dec 2024 20:24:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxXGs-L_kF_4psraP2l4ZoR90H9zAU-IOEBO3A7uzWIrMCIUm37JWteVdWDF-jhGQN2miqm1F-wzc2qDC6u3jafbaMuJ4zh5F0eHxLdoSHrxhjFpLGVs-x187hCSVhVH-qYA9RUQFQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 96ms
96ms Script
application/javascript 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXGs-L_kF_4psraP2l4ZoR90H9zAU-IOEBO3A7uzWIrMCIUm37JWteVdWDF-jhGQN2miqm1F-wzc2qDC6u3jafbaMuJ4zh5F0eHxLdoSHrxhjFpLGVs-x187hCSVhVH-qYA9RUQFQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzODk2NzEyLDI2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYmx1ZW1vb25zaGluZS5mdW4vSG9tZS5waHAiLG51bGwsW1s4LCItQXVQSzd5Zm5wNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

3ad8adfb7a96832bcc53d44684e293fddb063d756ead7aa1518dc4649f1722b2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DbhNtewxcTapIgmRX3Cktg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:32 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcHRcebKLTWDHqtapjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkYGlnoGxvEFRgCCTEVV"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DbhNtewxcTapIgmRX3Cktg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 116ms
60ms XHR
application/json 209.85.144.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241209&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.155 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f155.1e100.net

Software

cafe /

Resource Hash

9d4003207a68f485d81b1b0d5505a4b2fb4d9ffb37374158f1d5f219edf970d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13186
date: Wed, 11 Dec 2024 05:58:32 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 Chemistry.png
bluemoonshine.fun/Images/Icons/ 6 KB
6 KB 140ms
140ms Other
image/png 162.241.252.221
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bluemoonshine.fun/Images/Icons/Chemistry.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5744.bluehost.com
Software: Apache /
Resource Hash: bd9d77c35ae1758be80b673ef585cd417cd5d4959860aeb46bfc807795fa9b3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/Home.php

Response headers

accept-ranges: bytes
content-length: 6186
date: Wed, 11 Dec 2024 05:58:32 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 14 Jul 2023 03:08:31 GMT
content-type: image/png
server: Apache

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 216ms
79ms Script
text/javascript 172.253.122.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f132.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 05:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 ad_ebound. Show response
fundingchoicesmessages.google.com/f/AGSKWxWLwk-ymbGo4bUuqdRyZ6xOGYciKyoVxDJ0NnhKQf14jRpEkwwZAM9PDzmLYL6Dh_Zp_q8U1yVyxIA2sNAqQTne85FzCpOHMY_YtDKCJr9ZK5u0imaJzrx5vbmdwpm-nPiLm9fUf8baFGaNX7cEvy9s-g6n8... 54 B
109 B 76ms
75ms Script
application/javascript 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWLwk-ymbGo4bUuqdRyZ6xOGYciKyoVxDJ0NnhKQf14jRpEkwwZAM9PDzmLYL6Dh_Zp_q8U1yVyxIA2sNAqQTne85FzCpOHMY_YtDKCJr9ZK5u0imaJzrx5vbmdwpm-nPiLm9fUf8baFGaNX7cEvy9s-g6n8y2ugiw03EM-hNK05vLkcu44pdrMgnCR/_/advertisementrotation./ad728w._Banner_Ads__336x850./ad_ebound.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzeRb445gm-dUAhZZ8tAKsP7FSUzA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

4d7d790815e54846f5e4f272f3fbde5f546b51c6280bdda5c40c30b4d2cb1ffe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Og3jY6QpWfAY3yM464BnOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxc3ReebKLTWDDzC42JY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDIwNLPQPj-AIjACxcRKw"
content-security-policy: script-src 'report-sample' 'nonce-Og3jY6QpWfAY3yM464BnOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 51ms
51ms Script
text/javascript 173.194.66.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f154.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: br
etag: 13036835877489095579
age: 33663
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 20:37:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 10 Dec 2024 20:37:29 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxVHoz97DKV4PvT_yLxGWltH9cuWSsR9GCdglkppYWHnPwMHOR-9ZV35EDdvMDBA43byyQxScIPB8CoQjf_MKfQJQGpFDEersdbnSdRdn36FxW_SgFb-5H4MQ_YUh8Ht20WTrc0smw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 127ms
71ms XHR
text/html 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHoz97DKV4PvT_yLxGWltH9cuWSsR9GCdglkppYWHnPwMHOR-9ZV35EDdvMDBA43byyQxScIPB8CoQjf_MKfQJQGpFDEersdbnSdRdn36FxW_SgFb-5H4MQ_YUh8Ht20WTrc0smw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JhJH-s9IwZMYokTj_1swjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bluemoonshine.fun/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiJuj88qTXWwCMzb2yiu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MjAws9A_P4AgMAuA4qLg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JhJH-s9IwZMYokTj_1swjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bluemoonshine.fun
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHoz97DKV4PvT_yLxGWltH9cuWSsR9GCdglkppYWHnPwMHOR-9ZV35EDdvMDBA43byyQxScIPB8CoQjf_MKfQJQGpFDEersdbnSdRdn36FxW_SgFb-5H4MQ_YUh8Ht20WTrc0smw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HXrVWSHdPxnb_O1n_ijCuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bluemoonshine.fun/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoExB_qL7P-AGKGr1dYOYBYiJuj88qTXWwCMzbsklNyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGBhZ6BubxBQYAvhQqSw"
content-security-policy: script-src 'report-sample' 'nonce-HXrVWSHdPxnb_O1n_ijCuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bluemoonshine.fun
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHoz97DKV4PvT_yLxGWltH9cuWSsR9GCdglkppYWHnPwMHOR-9ZV35EDdvMDBA43byyQxScIPB8CoQjf_MKfQJQGpFDEersdbnSdRdn36FxW_SgFb-5H4MQ_YUh8Ht20WTrc0smw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bSjtgP-hzv6HobovoJXrbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bluemoonshine.fun/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoExB_qL7P-AGKGr1dYOYBYiJuj88qTXWwCO3ae0lRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGBhZ6BubxBQYA0XIqjw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bSjtgP-hzv6HobovoJXrbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bluemoonshine.fun
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHoz97DKV4PvT_yLxGWltH9cuWSsR9GCdglkppYWHnPwMHOR-9ZV35EDdvMDBA43byyQxScIPB8CoQjf_MKfQJQGpFDEersdbnSdRdn36FxW_SgFb-5H4MQ_YUh8Ht20WTrc0smw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I9he9usGxqnGQl9FClEQEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bluemoonshine.fun/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiJuj88qTXWwCDxa91FRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGBhZ6BubxBQYA4AkqwQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I9he9usGxqnGQl9FClEQEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bluemoonshine.fun
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVJHZlfDuUeb4WwjDExaXjvXtL1u3aWQXl-lFKEIwYKxVvCEa3JOXajBueJxmj75qb4kg6OowIA2sMLnizw-IyTGS454wD8qb4Mq8fHBeQoGroMEr7pHv95gPaRsGLlfVghjPmqtg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 80ms
80ms Script
application/javascript 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVJHZlfDuUeb4WwjDExaXjvXtL1u3aWQXl-lFKEIwYKxVvCEa3JOXajBueJxmj75qb4kg6OowIA2sMLnizw-IyTGS454wD8qb4Mq8fHBeQoGroMEr7pHv95gPaRsGLlfVghjPmqtg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzODk2NzEzLDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2JsdWVtb29uc2hpbmUuZnVuL0hvbWUucGhwIixudWxsLFtbOCwiLUF1UEs3eWZucDQiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

3fcfbdc294055c250665c1fc342dc93bd8fc66ba6c541aa953a9f735a7f7a96d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WGT66MfirWrlbXOiIjUzrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bluemoonshine.fun/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1JBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxALcXN0Xnmyi02gYVOPnpJGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJoZGBpZ6BcXyBEQBz8UnI"
content-security-policy: script-src 'report-sample' 'nonce-WGT66MfirWrlbXOiIjUzrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVCoEFrjacfCLt7xtvMz5owkh7UvS9_dSsuYtDxc1pZaCDLD9hT1eNI8lGS38qdqNnMbmKCTvj0B0qiGJ15JB0W4_mDriPTwF02AOFHlkuV7eX95y9xqiW-0dF_XPH_9hyeQclgwQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
69ms XHR
text/html 142.251.179.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVCoEFrjacfCLt7xtvMz5owkh7UvS9_dSsuYtDxc1pZaCDLD9hT1eNI8lGS38qdqNnMbmKCTvj0B0qiGJ15JB0W4_mDriPTwF02AOFHlkuV7eX95y9xqiW-0dF_XPH_9hyeQclgwQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_ifZIshKa3DWcMVkfItdyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bluemoonshine.fun/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiJuj88qTXWwCL3YfC1JyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGBhZ6BubxBQYA7nkq8A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_ifZIshKa3DWcMVkfItdyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bluemoonshine.fun
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHoz97DKV4PvT_yLxGWltH9cuWSsR9GCdglkppYWHnPwMHOR-9ZV35EDdvMDBA43byyQxScIPB8CoQjf_MKfQJQGpFDEersdbnSdRdn36FxW_SgFb-5H4MQ_YUh8Ht20WTrc0smw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.113 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f113.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nLSulMWL6thfJhzxUhnNHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bluemoonshine.fun/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 05:58:33 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiJuj88qTXWwCJ3b3Byu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MjAws9A_P4AgMA1ggqmg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nLSulMWL6thfJhzxUhnNHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bluemoonshine.fun
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 4766 0
0 242ms
54ms Document
text/html 172.253.122.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluemoonshine.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 05:12:48 GMT
expires: Wed, 11 Dec 2024 06:02:48 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame AA37 0
0 68ms
67ms Document
text/html 142.251.163.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xR8ud01wCE5Vg7QvSP1ZbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bluemoonshine.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xR8ud01wCE5Vg7QvSP1ZbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 05:58:33 GMT
expires: Wed, 11 Dec 2024 05:58:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241209&jk=1918896639046454&bg=!IyClIG_NAAbFeMsx5Xg7ADQBe5WfOFxlF_-p9MzSiPUS89x7fcRVMmRpkEGjpO1eE20uQKDpmzEF_PmbVWCSZSjqmidDAgAAAEVSAAAACGgBB34ANrqRguXxEqdqu8nyJ3mP58X8Y_orzZcC3_nXgvfJtFf3c_8vaSDacGOOQfk2Sqo4N6tJZox06pkCpdweFNNkb2VffANOBl3ljjd1BUu1gG4lbknS5tm_l94OVObrWS1prbkuKJbz3ch-kN7K8EqENrdOIk9YB48P9JVTF_hLoOAI-gsWw818g1SX9Eth7fhk2A9Y8hqPyA4N0BFHL7l9swhZwYEqUyKXFNEvAo2y9Buw34TZJT5E4dy_SYnXCj4_K6aLfBSbeFCjVxWeqtBHtEyPB5SDjUsDCh6PNNxbkajFZPD8ojDyTQCwQJfOaEZ5HPD4lmPkJSJ2f8rEsxreSgsgd__wn5f8SNkGyTrwy56JdbZj3s13tdpiryh8jEfPH34V8p_nbyxpdUlYok4TsT4wOMNERawB-1cctvSseFpmhirWaCu3WELMJ1VvIO2A3wjEWE6ge9ZbKmijKoiOu1Qx4ordDgPrmswBhYJ2rK0vXdJzO9Upx1ircjKbmo_EIsIGm0ntLn0FJXej1_n6ZQjEaPcdfIxy0b0ymxlNodgTzO862vVPJn3ShxkyAgbp9j9P6mnWSuzLKBXRBETi6bRxbuAbpheQ1Qs7oY7MxIj0wFOgCjlVfTc-1LG8Rj6xyFm-oOr0QVQRJWeRyic_Kw0fizOzNgcSAeJnE1uzoaAj-l-ivxx094A9U3Xtu9JbUionJQCm9VHpXOmKeZdxsAqjqz7py4UJ3r9-GbO6Bg_Ad0b_BWZB8M2rlb9O9bgrldRLxtitwja4CAowDuVURTTXhWI6z0G_yc1lbXRU93jUTa0_GK9YB5i2VJJM4k8WJL3VyflhfGz-Dg9RiUhanfiIhp8KwgehyWA8h12_UWvQK9x7mmc0HWXhXMRmUpG8vFjdWYAFb9KyL7s0rVoi3CvKUN2w82eYuYJ8K50oHN_CJcxky2UVFES_Gphdj6hSXv5Z58r7oNQYrhSi80is

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bluemoonshine.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2ecf324b2055e5c77c63cd0bfc1851e7
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: SKLCvaPA0-E
.youtube.com/	1970-01-21 05:57:28	Name: VISITOR_INFO1_LIVE Value: VCyO0IysJqc
.youtube.com/	1970-01-21 05:57:28	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgSA%3D%3D
.doubleclick.net/	1970-01-21 01:38:17	Name: test_cookie Value: CheckForPermission
.bluemoonshine.fun/	1970-01-21 10:59:52	Name: __gads Value: ID=f9065ae768e25666:T=1733896710:RT=1733896710:S=ALNI_MbLfdKq5gdX7us_NfFk_vbnHhpP6A
.bluemoonshine.fun/	1970-01-21 10:59:52	Name: __gpi Value: UID=00000fae670fa86f:T=1733896710:RT=1733896710:S=ALNI_MZtPui2IQUz2wXDuigjyHXySIF5cg
.bluemoonshine.fun/	1970-01-21 05:57:28	Name: __eoi Value: ID=aa0f083fd36d4417:T=1733896710:RT=1733896710:S=AA-AfjaHkFqMPkhCTN7xBnNkMWBA
.bluemoonshine.fun/	1970-01-21 10:23:52	Name: FCNEC Value: %5B%5B%22AKsRol_A_qrNs6U-fW0wigj6kNBqiHPnK4JOdmrQg3gQ9t45H7HhxLkmP2LuWHijYnlIlIpbrbdozhGIZfSw7J4RdQyfrWwmNDI8Il_Jk_RPAxrmVzxWFM9ZxDCtc3zinV4bxrMngwIP7rW6lBeDTzSSd3EQB-i1mQ%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluemoonshine.fun
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google.com
www.youtube.com
ep1.adtrafficquality.google
142.251.163.105
142.251.163.190
142.251.179.113
162.241.252.221
172.253.122.132
173.194.66.154
209.85.144.155
64.233.180.156
06e98474df5eb8ca8bc5f3021828a85adcbe97a368f26991b0050992848ccf5e
0af5ec98c3d3d7529be61b32606480f0feb95cc8a05c5aeac6b0ae2f84bcf8de
229cf352675733310370228fe56ec6daa939ff27db0fb2d549c2115408874956
321d78350abfc4d423ff0384b97d4b55d6ec0c48ea3c355931f5600627dedda2
39a3e0d3d66ab015df9a53e473cb2ed45e217675df7032a2eca69e8b7746da9d
3ad8adfb7a96832bcc53d44684e293fddb063d756ead7aa1518dc4649f1722b2
3fcfbdc294055c250665c1fc342dc93bd8fc66ba6c541aa953a9f735a7f7a96d
49c776beb8c38805d72639d1153d4a7a3eb7fc6b320d18e6830084cbd4a332a9
4d7d790815e54846f5e4f272f3fbde5f546b51c6280bdda5c40c30b4d2cb1ffe
5623a60072dea10d1a551a84b8146ffc785b7057c891202eb60e7a06a88b2a07
5ded6d648a4d190a65aa0e6dfd040cdb559f1296a2e948b172251c5acff6d988
6c91a48ef72b66d9e2e70d2e7e55fae18b9f716bfa1c7d08369503f895d77af6
83b71940f8f034a94ea091f430f997045495468fbc23a6d34f48a94b96084d9e
8aaab753be8299075e663ca34f3be315b6695c786d29234a74be09ff65f9dbc3
8dfccee0586d538762c9ea7a5204afd8a33d9b11aa4270fc19d48cd25b63f46a
935b423de6da04d5e693d9cceea5e872fc3788d3cdb13db325704c1a478d2804
948cf95f4ac2885bdf84a0a69c55487bdd28d9977b5b6552235d64456c7e20d6
9d4003207a68f485d81b1b0d5505a4b2fb4d9ffb37374158f1d5f219edf970d6
a7caa8b02e080b62bab75ae53181045399f5fdc5e4ebcf824b34c22bbd17cf25
b2c2527fbe67ec3fcdd6df535d5fdda55863198c8be1f7d1f60ce90f96078249
bd9d77c35ae1758be80b673ef585cd417cd5d4959860aeb46bfc807795fa9b3a
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe54db5ef1a87eb2d7737ba0423ab5766136c2ffe0ac17ba4d23f5f539675574
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

bluemoonshine.fun Open in urlscan Pro 162.241.252.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

9 IPs

1 Countries

2779 kBTransfer

3459 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bluemoonshine.fun Open in urlscan Pro
162.241.252.221 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

9
IPs

1
Countries

2779 kB
Transfer

3459 kB
Size

9
Cookies

39 HTTP transactions
0 data transactions