urlscan.io logo urlscan.io
SecurityTrails logo

u2953-btio.quins.us Open in urlscan Pro
2606:4700:3035::6815:2f59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://btcut.io/AtXNcKqem
Effective URL: https://u2953-btio.quins.us/
Submission: On December 13 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3035::6815:2f59, located in United States and belongs to CLOUDFLARENET, US. The main domain is u2953-btio.quins.us.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.
This is the only time u2953-btio.quins.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
6 172.67.146.19 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.217.18.3 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.67.221.61 13335 (CLOUDFLAR...)
3 172.217.16.194 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.74 15169 (GOOGLE)
2 142.250.184.238 15169 (GOOGLE)
31 12
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
btcut.io
6    172.67.146.19 (United States)

ASN13335 (CLOUDFLARENET, US)
quins.us
wp.quins.us
u2953-btio.quins.us
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
fonts.gstatic.com
4    2606:4700:3035::6815:2f59 (United States)

ASN13335 (CLOUDFLARENET, US)
u2953-btio.quins.us
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.221.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cryptednews.space
3    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
10 quins.us
quins.us
u2953-btio.quins.us
wp.quins.us
178 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
129 KB
4 gstatic.com
fonts.gstatic.com
92 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
208 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
7 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 cryptednews.space
cryptednews.space — Cisco Umbrella Rank: 818940
49 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 btcut.io
btcut.io
2 KB
31 9
Domain Requested by
5 u2953-btio.quins.us quins.us
u2953-btio.quins.us
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
u2953-btio.quins.us
3 securepubads.g.doubleclick.net u2953-btio.quins.us
securepubads.g.doubleclick.net
3 wp.quins.us u2953-btio.quins.us
wp.quins.us
3 fonts.googleapis.com quins.us
u2953-btio.quins.us
2 quins.us quins.us
1 region1.google-analytics.com www.googletagmanager.com
1 cryptednews.space u2953-btio.quins.us
1 www.googletagmanager.com u2953-btio.quins.us
1 btcut.io 1 redirects
31 11

This site contains links to these domains. Also see Links.

Domain
cryptednews.space
Subject Issuer Validity Valid
quins.us
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cryptednews.space
WE1		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://u2953-btio.quins.us/
Frame ID: 0E4ACD9EA7359389E0F62A6CDEC6DA64
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CryptedNews

Page URL History Show full URLs

  1. https://btcut.io/AtXNcKqem HTTP 302
    https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2... Page URL
  2. https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2... Page URL
  3. https://u2953-btio.quins.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

31
Requests

87 %
HTTPS

42 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

772 kB
Transfer

2886 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://btcut.io/AtXNcKqem HTTP 302
    https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D Page URL
  2. https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D&continue=true Page URL
  3. https://u2953-btio.quins.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://btcut.io/AtXNcKqem HTTP 302
  • https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ref.php
quins.us/
Redirect Chain
  • https://btcut.io/AtXNcKqem
  • https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c360a33db1b0e7ed860ed890500ba49aae618a58114ee336224d7ca4fc2e623

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f137a4bd8751c83-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 05:15:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccc7xCqrPT98ggfhu45lxescFIPDe9Pa3PIVVxLJ0PTfFPpG4y8qPDWEHJBM9SK2zo7m2fmIt2A7hHJbCXVMhBw0OKUgOOLo4%2Fr6nD9cGCTQXHTdTSiOuFtNAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15208&min_rtt=15076&rtt_var=2538&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4759&delivery_rate=694&cwnd=12000&unsent_bytes=0&cid=286f8f3628c75e2c&ts=305&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f137a4a0dd9d5a1-AMS
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 05:15:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQUABpOVOoxncnwbXb%2BDAeuXe%2FaS5smK%2BKcBlRpRV%2BO2GeSdmG2k%2F7odPxrA7QemBfS0qJdOuQJTidwt5VPZZ151o9Qx5mNUCGxmHILAix86xvsIHTnuT1qaYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15444&min_rtt=14682&rtt_var=3307&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4128&recv_bytes=4489&delivery_rate=676&cwnd=12000&unsent_bytes=0&cid=a2fcb0df785f1c66&ts=263&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
css2
fonts.googleapis.com/ 		846 B
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap
Requested by
Host: quins.us
URL: https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a007f84b241f4b5cd6376bd4ffd23964002ec13486aab9b433ae5361cda818b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 05:15:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 04:12:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
ref.php
quins.us/ 		275 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D&continue=true
Requested by
Host: quins.us
URL: https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8f137a4eaa421c83-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 05:15:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0ZoJwP7r7r9001FZ27CY2fAHSyMiONgoAmBpS6X7mN5XGD5ncFt4y4gjYiFV0H3f%2BiuhPn6Y%2F4m4iTlLckGymDQXByqojGU058yk2KDyd96B1gK7C48U41kkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15192&min_rtt=15075&rtt_var=1937&sent=16&recv=12&lost=0&retrans=0&sent_bytes=6501&recv_bytes=5456&delivery_rate=153490&cwnd=12000&unsent_bytes=0&cid=286f8f3628c75e2c&ts=849&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://quins.us
Referer
https://fonts.googleapis.com/

Response headers

age
245180
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:09:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:09:21 GMT
last-modified
Wed, 04 Dec 2024 06:53:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
Primary Request /
u2953-btio.quins.us/ 		54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u2953-btio.quins.us/
Requested by
Host: quins.us
URL: https://quins.us/ref.php?conf=Iam3Lz2pPhrT889SZpYMhx11XSupYT2tOxid2qfIXJ4YvptG7Jlnhm3Dw2vGM%2FkzG0cTHdOIklvnPum99jOfIH%2FjAlGMXxBC7CrhxNd2%2B2Df7JpvQXyFB8hli7wZydvOp%2F1CUNPiHtpUAUKrTvKoKMT0Z4yA0bx%2B%2Fo7c5uhOzwioRliB72rPBgu0JLAFlbREAE7txHkL7Sq8vI7xhTVT0%2Bl%2Btw%2FmaZVoM5MaX%2F4%2F6YbPmJeoVg3Eyx%2BMfmtQ5IzZas7VDCOJ4DkqkNdyoW9tfP%2FYKJ0o5oC%2Fr6zGfLZgp%2BY%3D&continue=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4ac5b55c974113d90d29a6131b42964fa40499c16b794fc5f8c1b1de82dc00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f137a51a83dd0cd-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 05:15:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://u2953-btio.quins.us/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7c38%2FKHf4%2BQbU8tqoJK247%2FvfFE5nU7HmZgZvl5n24pd6IEWLur08QB9zqzqX6FpegFOwXKFeNAbzC5QH%2FtVPPNiT7YJ8MdH0tH5u41mvU8hDOZUwZtwS0F%2Bc5%2Fq8RWudKQg1m2Cl48vYR%2F29Fn4Y9PK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=14913&min_rtt=14863&rtt_var=1806&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2281&delivery_rate=260878&cwnd=254&unsent_bytes=0&cid=a79adfd540942dea&ts=601&x=0"
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
style.min.css
u2953-btio.quins.us/wp-includes/css/dist/block-library/ 		112 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u2953-btio.quins.us/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"1c012-6733d239-1c4ed9de;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejOCndCeaHEaMV9a8dnxYzJnxqnNxxRwSG%2BZR6aiMQ3iYI0sxXk97Sc41hNdX3tehbLw%2F9A4UVAw3lLAD0%2FDVkgnWOje0PGMZ6hlkyViAUtYVVOI%2FDVqjL0iyWwNBoZztD6qm%2BNRWVm0d8ISMeCf8U1D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 20 Dec 2024 05:15:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=16533&min_rtt=14649&rtt_var=3490&sent=74&recv=44&lost=0&retrans=0&sent_bytes=57355&recv_bytes=2662&delivery_rate=916950&cwnd=257&unsent_bytes=0&cid=a79adfd540942dea&ts=1000&x=0"
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
text/css
last-modified
Tue, 12 Nov 2024 22:10:01 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f137a557ab5d0cd-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
css
fonts.googleapis.com/ 		4 KB
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7CLato%3A100%26subset%3Dcyrillic%2Ccyrillic
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d25825c89e9e42bf60463aacb87c38307e0279e6f6517de818bac6021080f15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 05:15:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 04:55:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
wp.quins.us/wp-content/themes/ad-mania/ 		275 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wp.quins.us/wp-content/themes/ad-mania/style.css?ver=6.7.1
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45ba6e591fdca93355b8a145c736f8eece478edfec3fd6d3e7c56de3a601005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"44d72-672fca51-503c51cd;br"
age
4129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhDum9dt%2BpzN9XGk2hle9MVWtYXgQak1nfKbqSw3KVArS6oakad6ejiK%2BNsBj%2F%2B%2FU6Vi4nSVDba0U84m%2BDf1K7W1Bma3jNRjwH7gWX8OSpQzy6E%2F0NyaEVDdEDPjaw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 07 Dec 2024 14:39:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15187&min_rtt=15075&rtt_var=1462&sent=18&recv=14&lost=0&retrans=0&sent_bytes=7593&recv_bytes=5829&delivery_rate=2526&cwnd=12000&unsent_bytes=0&cid=286f8f3628c75e2c&ts=1577&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
text/css
last-modified
Sat, 09 Nov 2024 20:47:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f137a558e711c83-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
jquery.min.js
u2953-btio.quins.us/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u2953-btio.quins.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"15601-672fca53-580f1eef;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIFLzHLibu%2BLGYkby0gQd%2BC0H%2BIPhhUpQyHWNKvqYX%2FxN0MwBIMROxYalkvWOLWzuf5WFGgo%2BDD7YEXpSy8eU%2BSI2EEwE1Tzo6PazV%2FRk7syNty%2BjSVs6GZpi%2Bu7gX3feTVPxxyxByQ1pMsqD3ymJrFC"}],"group":"cf-nel","max_age":604800}
cf-ray
8f137a557ab6d0cd-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=16533&min_rtt=14649&rtt_var=3490&sent=42&recv=44&lost=0&retrans=0&sent_bytes=24122&recv_bytes=2662&delivery_rate=916950&cwnd=257&unsent_bytes=0&cid=a79adfd540942dea&ts=999&x=0"
date
Fri, 13 Dec 2024 05:15:42 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:15 GMT
vary
Accept-Encoding
server
cloudflare
jquery-migrate.min.js
u2953-btio.quins.us/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u2953-btio.quins.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"3509-672fca53-580a021b;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKocOtmbkrYCLL5UiX1gdFTpE%2BL5KQpnILSvwWxyXxenZmrTZ0BlYiuTC%2FkmNF%2F0pUNVek9iAr9%2Fz5WEwD%2FFsxkSYOD%2Fd%2B3u3906E%2FE9Mih9pmmhOk7zuDVxf%2FUP2cq3DX1mqBoFrnKATfSzbKxNNN0J"}],"group":"cf-nel","max_age":604800}
cf-ray
8f137a557ab9d0cd-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19340&min_rtt=14863&rtt_var=8295&sent=34&recv=37&lost=0&retrans=0&sent_bytes=18276&recv_bytes=2662&delivery_rate=916950&cwnd=257&unsent_bytes=0&cid=a79adfd540942dea&ts=903&x=0"
date
Fri, 13 Dec 2024 05:15:42 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:15 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2C0YTSFLGP
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26d5a66e013c59695df24c043004d608661e461f306bcca08681bd7d4830bdda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 13 Dec 2024 05:15:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109809
x-xss-protection
0
server
Google Tag Manager
1f5f2c78-ea2d-4360-977f-5cbdc14d9503
https://u2953-btio.quins.us/ 		0
0
cnews_logo.png
cryptednews.space/wp-content/uploads/2024/03/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptednews.space/wp-content/uploads/2024/03/cnews_logo.png
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663866fae5f47c90bef35eceda5d1899430ea5dda7a49a51df1dda608104b674

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

cf-cache-status
HIT
etag
"c23b-66e7ec20-4c305482;;;"
age
18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vizFf08WXVZjuvJbYsDfvHWv3wXxaMtswAhQFtNda0QWIp85sijoV67O5d4iA1QbQ7F%2FkAjzvYck1%2B%2FnHBmuGpv0T0nhDSH%2FTiNeADOvdEJJZSo5V%2FHlPcP%2BtvGj%2BhKDaHhmhg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 05 Dec 2024 06:20:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14881&min_rtt=14765&rtt_var=5620&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4339&delivery_rate=183401&cwnd=12000&unsent_bytes=0&cid=d956b554b6ca351a&ts=34&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
image/png
last-modified
Mon, 16 Sep 2024 08:28:16 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f137a55d8450e86-AMS
accept-ranges
bytes
content-length
49723
x-turbo-charged-by
LiteSpeed
server
cloudflare
mincustom.js
wp.quins.us/wp-content/themes/ad-mania/js/ 		457 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wp.quins.us/wp-content/themes/ad-mania/js/mincustom.js
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a329ceb9efbcd662117b894ed5547a9a090aa97255f388c1365028e7dd998d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"724d0-672fca51-5801ea3e;br"
age
6827
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ysCiqVkWQ9SDC7Ki0PwpM6ljRoAkFp6i5HevQJBkLSnit%2BzIuGKw8dkXS2OY6y%2BnAvRIxX4nBcCEnNnZPVkGcQF5VcSPOr5%2BHRcTuiijduKv7ZSBrYa2dHf2QZGrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16369&min_rtt=15075&rtt_var=1087&sent=67&recv=38&lost=0&retrans=0&sent_bytes=64038&recv_bytes=7139&delivery_rate=1777472&cwnd=38400&unsent_bytes=0&cid=286f8f3628c75e2c&ts=1639&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:13 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f137a55ee9e1c83-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7CLato%3A100%26subset%3Dcyrillic%2Ccyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://u2953-btio.quins.us
Referer
https://fonts.googleapis.com/

Response headers

age
244927
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:13:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:13:35 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
fa-solid-900.woff2
wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/ 		0
0
ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTx8cK.woff2
fonts.gstatic.com/s/notoserif/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v23/ga6iaw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTa32J4wsL2JAlAhZqFCTx8cK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7CLato%3A100%26subset%3Dcyrillic%2Ccyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
ae7c05e58a045d762217b2a3933232700c3e6b83ec230ebd7dbe2805940a5d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://u2953-btio.quins.us
Referer
https://fonts.googleapis.com/

Response headers

age
96477
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 02:27:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 02:27:45 GMT
last-modified
Tue, 24 Oct 2023 00:59:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14612
x-xss-protection
0
server
sffe
wp-emoji-release.min.js
u2953-btio.quins.us/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u2953-btio.quins.us/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"4926-672fca53-300b390b;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDJyv9mnkHjNS%2F5R7STgpBci2BKx2XVyx6ZlXwBYd5lsFjM0Ls7K8nbXFpWBNpsX5o5eMUsWTA3RhcttTRtT%2FicJkQOedYostrfH5n%2FRKusyPMKQ54o9%2BcpiDLfUw4GyT8Af%2Be1U"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16130&min_rtt=15104&rtt_var=3075&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4219&recv_bytes=4431&delivery_rate=683&cwnd=12000&unsent_bytes=0&cid=20a5d5b476f0c9fb&ts=711&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:15:43 GMT
content-type
text/javascript
last-modified
Sat, 09 Nov 2024 20:47:15 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f137a581a9a9f8e-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
5b59fcae0fb2879cd5e7023fc32b8e1c96c1ea743665a001f53f2bcc81a34ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
br
etag
263 / 20070 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 05:15:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33540
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2C0YTSFLGP&gtm=45je4cc0v9198525174za200&_p=1734066942703&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1149085817.1734066943&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734066942&sct=1&seg=0&dl=https%3A%2F%2Fu2953-btio.quins.us%2F&dt=CryptedNews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1257
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2C0YTSFLGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://u2953-btio.quins.us
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:42 GMT
content-type
text/plain
server
Golfe2
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
br
etag
5395541545685299795
age
71964
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 09:16:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 09:16:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
22116
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 23:07:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 23:07:06 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
22195652661
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22195652661?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32966d538b5b616374bb60f0cdc742a501db1bd19cacb7ab67b2222e9d38536f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mLJXfDVOB8CxfHE_ZkEMUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:43 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC3Fz_G99v4tN4EPDmxwljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MjQwM9A6P4AiMAYNlFyg"
content-security-policy
script-src 'report-sample' 'nonce-mLJXfDVOB8CxfHE_ZkEMUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
fa-solid-900.woff
wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/ 		0
0
AGSKWxU3IwrqCG0xHUFDttKQ3_gP6Z_i7DJZW5rr-feYF7lfi-sJPVkPFSz74lwACwLokLzyzdt6xcv7BIs9EhaPZ4jlrbN_u580zQVHBR3Fel2rfXj5_t26-pMsSvppPhDf62jlqR_vHA==
fundingchoicesmessages.google.com/f/ 		426 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU3IwrqCG0xHUFDttKQ3_gP6Z_i7DJZW5rr-feYF7lfi-sJPVkPFSz74lwACwLokLzyzdt6xcv7BIs9EhaPZ4jlrbN_u580zQVHBR3Fel2rfXj5_t26-pMsSvppPhDf62jlqR_vHA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MDY2OTQzLDMzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91Mjk1My1idGlvLnF1aW5zLnVzLyIsbnVsbCxbWzgsImhBdjBZakFWMi1zIl0sWzksIm5sIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.hAv0YjAV2-s.es5.O/am=DAY/d=1/rs=AJlcJMz9ydEu0PiXapgatApgwk1LZQ3h9A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e599c0f49cd09d77028a627d8ba41116ae887b905da94d025047b9718c04ac86
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-OMgMZ8mDXMfATlPnDwVvng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:43 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1pBiOHnrNtNFIJb4-pJJA4id0mewBgFx681zrFOB2GjteVYnIE76d561CIgNFS6xOoJw0SVWTyBW7bnEagrE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrE1AzPD1CisHEAvxcPxvfb-LTWDCsUU7GJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MDfQMjOILjADmj0rL"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-OMgMZ8mDXMfATlPnDwVvng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.hAv0YjAV2-s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz44TFfsvfvXq0zUczsfxpyDsi7MA/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 05:15:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 05:15:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: u2953-btio.quins.us
URL: https://u2953-btio.quins.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://u2953-btio.quins.us
Referer
https://u2953-btio.quins.us/

Response headers

age
244886
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:14:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:14:17 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxVTztFq7TqyQDFY99eCsGPcPvqNraQmhxp1arTMRMNWi5nT9VsdDXnqifOfGETcCyWqYsUoqdviCtfJPrVYfEWzVoOSdz01cFG97coS8GIaQTWWTjv-Wnel_0buXd24Z61_SGAxPw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVTztFq7TqyQDFY99eCsGPcPvqNraQmhxp1arTMRMNWi5nT9VsdDXnqifOfGETcCyWqYsUoqdviCtfJPrVYfEWzVoOSdz01cFG97coS8GIaQTWWTjv-Wnel_0buXd24Z61_SGAxPw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.hAv0YjAV2-s.es5.O/am=DAY/d=1/rs=AJlcJMz9ydEu0PiXapgatApgwk1LZQ3h9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z3rFVvCUafTPHh_BgBQiew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u2953-btio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:43 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjf-v7XWwCNy587GRScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoaGegbm8QUGACiYK3k"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z3rFVvCUafTPHh_BgBQiew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u2953-btio.quins.us
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVTztFq7TqyQDFY99eCsGPcPvqNraQmhxp1arTMRMNWi5nT9VsdDXnqifOfGETcCyWqYsUoqdviCtfJPrVYfEWzVoOSdz01cFG97coS8GIaQTWWTjv-Wnel_0buXd24Z61_SGAxPw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVTztFq7TqyQDFY99eCsGPcPvqNraQmhxp1arTMRMNWi5nT9VsdDXnqifOfGETcCyWqYsUoqdviCtfJPrVYfEWzVoOSdz01cFG97coS8GIaQTWWTjv-Wnel_0buXd24Z61_SGAxPw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.hAv0YjAV2-s.es5.O/am=DAY/d=1/rs=AJlcJMz9ydEu0PiXapgatApgwk1LZQ3h9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-spwLwvFQ9NqfvYBsjk_RZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://u2953-btio.quins.us/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 05:15:43 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjf-v7XWwCMz7-7mRScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoaGegbm8QUGAChcK3I"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-spwLwvFQ9NqfvYBsjk_RZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://u2953-btio.quins.us
content-length
0
x-xss-protection
0
server
ESF
fa-solid-900.ttf
wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/ 		0
0
cropped-android-chrome-192x192-1-32x32.png
wp.quins.us/wp-content/uploads/2024/03/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wp.quins.us/wp-content/uploads/2024/03/cropped-android-chrome-192x192-1-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a298400cc6236a4a7439ff3511e3b4d6d9fa158d640b268b317e14bce2610fb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://u2953-btio.quins.us/

Response headers

cf-cache-status
HIT
etag
"430-672fca52-70b14cf9;;;"
age
5356
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ag3ytehsHAN%2BEHsVbZyhLwqXCz5zdXXDPeD1ooL3qIYiJyNEGtEfndXb%2BW3O5sNxc2g3BHYysJMGGlGYzv%2FwTMmjTpXt0bWyVoTmweht1srZyoHy14DK0%2BfYc2dyNA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 07 Dec 2024 13:15:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15600&min_rtt=15075&rtt_var=300&sent=109&recv=59&lost=0&retrans=0&sent_bytes=111312&recv_bytes=8475&delivery_rate=757393&cwnd=62400&unsent_bytes=0&cid=286f8f3628c75e2c&ts=3490&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:15:44 GMT
content-type
image/png
last-modified
Sat, 09 Nov 2024 20:47:14 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f137a617d071c83-AMS
accept-ranges
bytes
content-length
1072
x-turbo-charged-by
LiteSpeed
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
u2953-btio.quins.us
URL
blob:https://u2953-btio.quins.us/1f5f2c78-ea2d-4360-977f-5cbdc14d9503
Domain
wp.quins.us
URL
https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2
Domain
wp.quins.us
URL
https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff
Domain
wp.quins.us
URL
https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.ttf

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _wpemojiSettings function| jQuery function| gtag object| dataLayer object| admaniastchk object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| googletag object| ggeac object| google_js_reporting_queue object| twemoji object| wp object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OGViNGFmYmI2NWI5ZmNkNGxvYWRlcl9qcw== string| OGViNGFmYmI2NWI5ZmNkNGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

8 Cookies

Domain/Path Name / Value
btcut.io/ Name: AppSession
Value: 55kqernom5cni3tlcib3g7kgjc
btcut.io/ Name: refAtXNcKqem
Value: NjhmYjViYTg4YzgzZTdkNzA2MzA4YTg0NDY4OTg5ZDJlODI5YzM0ZDAzMmYzMWUzN2U3N2JkZjg0NmVmMDU0NjJCJamPXEilYvvZzR%2BHynl1KNeIhOX0CYfbjcGIr2fi
btcut.io/ Name: csrfToken
Value: 014fa42986bb9ca6bb465e44189689f29a8381825738df30208f438809f1005ddd65fd5a2863674905e362c418ab0088966c6ca289238e9cbc0f4eae5ffab96b
btcut.io/ Name: app_visitor
Value: Q2FrZQ%3D%3D.OTRhZmM5YTMxY2VkMGIwOTg2NTE0ZGQ4M2M3YmI1ZjVkMDYwNzM4Yjg1Njc1MjlkMmY3MDE2ZmRhZDc0MmQ0MWmx%2BSzDt%2FBPhze9yHXoT4xaTg3xk1L0JcvlZK3k%2BIQ81LYmL%2B5R2sFylPJK5nZY6I0ZPiNQuua0xvapdaZZkiCMMYNTyrv%2BrLft3S4t4WFx
quins.us/ Name: SWPSessionID
Value: f21efadef930d09dab741f62d13d3950584fafe818793a8ef7bacb7582cce17b
u2953-btio.quins.us/ Name: PHPSESSID
Value: hiu4pmlkq01nmmd0drjkvdvbnp
.quins.us/ Name: _ga_2C0YTSFLGP
Value: GS1.1.1734066942.1.0.1734066942.0.0.0
.quins.us/ Name: _ga
Value: GA1.1.1149085817.1734066943

6 Console Messages

Source Level URL
Text
javascript error URL: https://u2953-btio.quins.us/
Message:
Access to font at 'https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2' from origin 'https://u2953-btio.quins.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://u2953-btio.quins.us/
Message:
Access to font at 'https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff' from origin 'https://u2953-btio.quins.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://u2953-btio.quins.us/
Message:
Access to font at 'https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.ttf' from origin 'https://u2953-btio.quins.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://wp.quins.us/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btcut.io
cryptednews.space
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
quins.us
region1.google-analytics.com
securepubads.g.doubleclick.net
u2953-btio.quins.us
wp.quins.us
www.googletagmanager.com
u2953-btio.quins.us
wp.quins.us
142.250.184.238
142.250.186.74
172.217.16.194
172.217.18.3
172.67.146.19
172.67.221.61
188.114.97.3
2001:4860:4802:32::36
2606:4700:3035::6815:2f59
2a00:1450:4001:811::2008
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
10a329ceb9efbcd662117b894ed5547a9a090aa97255f388c1365028e7dd998d
1d4ac5b55c974113d90d29a6131b42964fa40499c16b794fc5f8c1b1de82dc00
26d5a66e013c59695df24c043004d608661e461f306bcca08681bd7d4830bdda
2d25825c89e9e42bf60463aacb87c38307e0279e6f6517de818bac6021080f15
32966d538b5b616374bb60f0cdc742a501db1bd19cacb7ab67b2222e9d38536f
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4a007f84b241f4b5cd6376bd4ffd23964002ec13486aab9b433ae5361cda818b
4c360a33db1b0e7ed860ed890500ba49aae618a58114ee336224d7ca4fc2e623
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b59fcae0fb2879cd5e7023fc32b8e1c96c1ea743665a001f53f2bcc81a34ae1
663866fae5f47c90bef35eceda5d1899430ea5dda7a49a51df1dda608104b674
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a298400cc6236a4a7439ff3511e3b4d6d9fa158d640b268b317e14bce2610fb5
ae7c05e58a045d762217b2a3933232700c3e6b83ec230ebd7dbe2805940a5d81
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e599c0f49cd09d77028a627d8ba41116ae887b905da94d025047b9718c04ac86
f45ba6e591fdca93355b8a145c736f8eece478edfec3fd6d3e7c56de3a601005