urlscan.io logo urlscan.io
SecurityTrails logo

bluemoonshine.fun Open in urlscan Pro
162.241.252.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bluemoonshine.fun/0.23037964864772875
Effective URL: https://bluemoonshine.fun/Home.php
Submission: On January 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 6 domains to perform 40 HTTP transactions. The main IP is 162.241.252.221, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is bluemoonshine.fun.
TLS certificate: Issued by R11 on November 14th 2024. Valid for: 3 months.
This is the only time bluemoonshine.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    162.241.252.221 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5744.bluehost.com
bluemoonshine.fun
4    209.85.201.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f156.1e100.net
pagead2.googlesyndication.com
6    209.85.144.154 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f154.1e100.net
googleads.g.doubleclick.net
1    2607:f8b0:4004:c1b::88 (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2607:f8b0:400d:c1d::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
8    172.253.115.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f100.1e100.net
fundingchoicesmessages.google.com
1    173.194.207.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f157.1e100.net
ep1.adtrafficquality.google
2    2607:f8b0:400d:c0b::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    173.194.66.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f147.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
14 bluemoonshine.fun
bluemoonshine.fun
2 MB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
74 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
256 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
40 6
Domain Requested by
14 bluemoonshine.fun 1 redirects bluemoonshine.fun
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com bluemoonshine.fun
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.youtube.com bluemoonshine.fun
40 8

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.youtube.com
Subject Issuer Validity Valid
autodiscover.vadcpa.com
R11		 2024-11-14 -
2025-02-12		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://bluemoonshine.fun/Home.php
Frame ID: 6A66D2A1C0FB54BA65DF85285E46C03C
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 26D4E1C3CBFC9A439E11B944817D7E96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8877699904480109&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735707471&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fbluemoonshine.fun%2FHome.php&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735707471656&bpp=5&bdt=298&idt=174&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6638818805395&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088669%2C31089323%2C31089329%2C31089338%2C95345966&oid=2&pvsid=2175578837489138&tmod=349022757&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=202
Frame ID: 91C24FE1D08484CC333026BB64845A13
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0ZmigAlugDQ?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=1&autoplay=1
Frame ID: 8BF1CCE1AF81E1ADE1491E06F07C115B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 01D25A8D5071B1A27F48E9464E2912F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 0D308F564350A6F8F841442C43AF52CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: F04122C946A4D6EB464E85BEAD30D036
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 57BF628DFD2ED1A0B98E50E746123F7D
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: FDBD47316F5A47FA660AE6E272FE1351
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12FC18A086D36C31D758B733868030E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Val G. Rousseau, PhD - Physicist and Teacher

Page URL History Show full URLs

  1. https://bluemoonshine.fun/0.23037964864772875 HTTP 302
    https://bluemoonshine.fun/Home.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

40
Requests

98 %
HTTPS

33 %
IPv6

6
Domains

8
Subdomains

10
IPs

1
Countries

2779 kB
Transfer

3458 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bluemoonshine.fun/0.23037964864772875 HTTP 302
    https://bluemoonshine.fun/Home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Home.php
bluemoonshine.fun/
Redirect Chain
  • https://bluemoonshine.fun/0.23037964864772875
  • https://bluemoonshine.fun/Home.php
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
1b04f4cf40736109acd2553bc210b969b00942c331e6977905de65601657e9a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
3391
content-type
text/html; charset=UTF-8
date
Wed, 01 Jan 2025 04:57:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma
no-cache
server
Apache
vary
Accept-Encoding

Redirect headers

content-encoding
gzip
content-length
21
content-type
text/html; charset=UTF-8
date
Wed, 01 Jan 2025 04:57:50 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
location
Home.php
server
Apache
vary
Accept-Encoding
Stylesheet.css
bluemoonshine.fun/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bluemoonshine.fun/Stylesheet.css
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
b2c2527fbe67ec3fcdd6df535d5fdda55863198c8be1f7d1f60ce90f96078249

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
2484
date
Wed, 01 Jan 2025 04:57:51 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:23:36 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8877699904480109
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f156.1e100.net
Software
cafe /
Resource Hash
afd57c55eb08f3dd0193faca4f2246f7e665e5764ac74905f8ea4cd97fca4bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bluemoonshine.fun
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
br
etag
3286060906496141875
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 04:57:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 01 Jan 2025 04:57:51 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53498
x-xss-protection
0
server
cafe
Toggle.png
bluemoonshine.fun/Images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Toggle.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
948cf95f4ac2885bdf84a0a69c55487bdd28d9977b5b6552235d64456c7e20d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
14862
date
Wed, 01 Jan 2025 04:57:51 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:05:52 GMT
content-type
image/png
server
Apache
Timer.gif
bluemoonshine.fun/Images/ 		456 KB
457 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Timer.gif
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
5ded6d648a4d190a65aa0e6dfd040cdb559f1296a2e948b172251c5acff6d988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
467166
date
Wed, 01 Jan 2025 04:57:51 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:05:51 GMT
content-type
image/gif
server
Apache
Signature.png
bluemoonshine.fun/Images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Signature.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
935b423de6da04d5e693d9cceea5e872fc3788d3cdb13db325704c1a478d2804

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
28694
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:05:43 GMT
content-type
image/png
server
Apache
Home.png
bluemoonshine.fun/Images/Icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Icons/Home.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
8dfccee0586d538762c9ea7a5204afd8a33d9b11aa4270fc19d48cd25b63f46a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
6692
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:08:32 GMT
content-type
image/png
server
Apache
ProfilePicture.png
bluemoonshine.fun/Images/Home/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Home/ProfilePicture.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
5623a60072dea10d1a551a84b8146ffc785b7057c891202eb60e7a06a88b2a07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
210159
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:08:05 GMT
content-type
image/png
server
Apache
Subscribe.png
bluemoonshine.fun/Images/Icons/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Icons/Subscribe.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
8aaab753be8299075e663ca34f3be315b6695c786d29234a74be09ff65f9dbc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
18253
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:09:01 GMT
content-type
image/png
server
Apache
FooterLogo.png
bluemoonshine.fun/Images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/FooterLogo.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
fe54db5ef1a87eb2d7737ba0423ab5766136c2ffe0ac17ba4d23f5f539675574

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
72983
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:05:42 GMT
content-type
image/png
server
Apache
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		435 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8877699904480109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f156.1e100.net
Software
cafe /
Resource Hash
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
br
etag
4174761130244020438
age
59409
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 12:27:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 31 Dec 2024 12:27:42 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147831
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 26D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
33637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 19:37:14 GMT
etag
17661348622971093804
expires
Tue, 14 Jan 2025 19:37:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 91C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8877699904480109&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735707471&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fbluemoonshine.fun%2FHome.php&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735707471656&bpp=5&bdt=298&idt=174&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6638818805395&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088669%2C31089323%2C31089329%2C31089338%2C95345966&oid=2&pvsid=2175578837489138&tmod=349022757&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
130745
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jan 2025 04:57:53 GMT
expires
Wed, 01 Jan 2025 04:57:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Background.png
bluemoonshine.fun/Images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Background.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
321d78350abfc4d423ff0384b97d4b55d6ec0c48ea3c355931f5600627dedda2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Stylesheet.css

Response headers

accept-ranges
bytes
content-length
1464601
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:05:41 GMT
content-type
image/png
server
Apache
Gradient.png
bluemoonshine.fun/Images/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/Gradient.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
49c776beb8c38805d72639d1153d4a7a3eb7fc6b320d18e6830084cbd4a332a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Stylesheet.css

Response headers

accept-ranges
bytes
content-length
123455
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:05:43 GMT
content-type
image/png
server
Apache
0ZmigAlugDQ
www.youtube.com/embed/ Frame 8BF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/0ZmigAlugDQ?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=1&autoplay=1
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::88 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jan 2025 04:57:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
FooterGradient.png
bluemoonshine.fun/Images/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bluemoonshine.fun/Images/FooterGradient.png
Requested by
Host: bluemoonshine.fun
URL: https://bluemoonshine.fun/Stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
06e98474df5eb8ca8bc5f3021828a85adcbe97a368f26991b0050992848ccf5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Stylesheet.css

Response headers

accept-ranges
bytes
content-length
66872
date
Wed, 01 Jan 2025 04:57:52 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:05:41 GMT
content-type
image/png
server
Apache
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f156.1e100.net
Software
cafe /
Resource Hash
8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
br
etag
1667813206267593936
age
44294
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 16:39:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 31 Dec 2024 16:39:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60482
x-xss-protection
0
server
cafe
ca-pub-8877699904480109
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8877699904480109?href=https%3A%2F%2Fbluemoonshine.fun%2FHome.php&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63e95e8a342319fbdd24817ff98f1bca1b05b27c5d29cbad5ecc80bad6f66fc4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vORr3Sl88J2PQS-g9_WCuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcFycdnk3m8CHCU_uMCppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAn3RGAw"
content-security-policy
script-src 'report-sample' 'nonce-vORr3Sl88J2PQS-g9_WCuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWnkO0quevbbj3mcx5FwRFSVx7BsmIrM9gmEOcuw8AhXi6-UBwzqy4CZYCQMNmfd3vpgr4sPIMmP3NkTtMSacHhhxzbxpWs8YTqWoO_3pQsTXYTesVET-0VPBTjsjrgwpgJwLSBMA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWnkO0quevbbj3mcx5FwRFSVx7BsmIrM9gmEOcuw8AhXi6-UBwzqy4CZYCQMNmfd3vpgr4sPIMmP3NkTtMSacHhhxzbxpWs8YTqWoO_3pQsTXYTesVET-0VPBTjsjrgwpgJwLSBMA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1NzA3NDczLDY1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ibHVlbW9vbnNoaW5lLmZ1bi9Ib21lLnBocCIsbnVsbCxbWzgsIklNejU3eWM1aFZ3Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f43c89db31b58de44e3511f7c028d7a8f9a30659dc23bcffe57f4b3fbb2b3e6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BxYS-cuc09IDlUrFgsOLLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcFycdnk3m8CD1isnmZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MjfQMDOMLDACVRUXH"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BxYS-cuc09IDlUrFgsOLLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 01D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
33637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 19:37:14 GMT
etag
17661348622971093804
expires
Tue, 14 Jan 2025 19:37:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 0D30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
33637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 19:37:14 GMT
etag
17661348622971093804
expires
Tue, 14 Jan 2025 19:37:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame F041 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
33637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 19:37:14 GMT
etag
17661348622971093804
expires
Tue, 14 Jan 2025 19:37:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 57BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.154 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
33637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Dec 2024 19:37:14 GMT
etag
17661348622971093804
expires
Tue, 14 Jan 2025 19:37:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWRPeDy44m7noSjfBoA1-aEfSLH05HZW6GMfndBy1YVIw5bGYxm8wrFODL1ma20Emko-px7LjLliJYXLEW1ppMSGVvTEe3l-NKO0TC-yKqM1IYIMixBt8_d-lzBInhfrS3w1IVV_Q==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRPeDy44m7noSjfBoA1-aEfSLH05HZW6GMfndBy1YVIw5bGYxm8wrFODL1ma20Emko-px7LjLliJYXLEW1ppMSGVvTEe3l-NKO0TC-yKqM1IYIMixBt8_d-lzBInhfrS3w1IVV_Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1NzA3NDczLDczMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYmx1ZW1vb25zaGluZS5mdW4vSG9tZS5waHAiLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7b074f982fe595ccad844b0024ce7ee9534edd13494782fe85dedfd86cb1380
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1bUfVCypRGDJ8qwhM4TeOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcFycdnk3m8CGhffeMSlpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAnCtF5g"
content-security-policy
script-src 'report-sample' 'nonce-1bUfVCypRGDJ8qwhM4TeOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
getads
fundingchoicesmessages.google.com/f/AGSKWxW4C2gmWMLk0lLI4UhMPTekkcx3qH-11brpfvny9EDvaWSdMDxjiINRBmUb3dNcexYZrlLxBB-ZrU59ZE7WWDWiZd-cG9oZKBz_vVRr7i_3lO1qSIw5i4gnMWLS_1TMg9CKqUSSjRbPY-s2K0QuTBqjZENKD... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW4C2gmWMLk0lLI4UhMPTekkcx3qH-11brpfvny9EDvaWSdMDxjiINRBmUb3dNcexYZrlLxBB-ZrU59ZE7WWDWiZd-cG9oZKBz_vVRr7i_3lO1qSIw5i4gnMWLS_1TMg9CKqUSSjRbPY-s2K0QuTBqjZENKDDPa2-Hen-TlQrfTCmLg8WQqWvR4JGdY/_/ad-loader./getads?/ads/delivery?/adlandr./AdZoneAdXp.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
005b94a4c9db03dbedc1b19aaf4a1a145ee0cbde3860bb5da7507ba3bdb3aa35
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rSBzw-ZV4fnIJj7bhjupOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04HYaO15VhcgTvp3nrUEiA0VLrE6A7Fj0SVWTyBW7bnEag7E99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrC1AzPD1CisHEAvxcFyadnk3m8CGT2feMSppJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAArBVGNA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rSBzw-ZV4fnIJj7bhjupOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f156.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
br
etag
13036835877489095579
age
43972
x-content-type-options
nosniff
expires
Tue, 14 Jan 2025 16:45:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 31 Dec 2024 16:45:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QJjVHpiTxXMNcRGU-1yMwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bluemoonshine.fun/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj0rTLu9kEPnw-1Mak5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMACEvK1s"
content-security-policy
script-src 'report-sample' 'nonce-QJjVHpiTxXMNcRGU-1yMwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://bluemoonshine.fun
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yrMvb8zAIvwrmac2405V4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bluemoonshine.fun/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj0rTLu9kELtw60Mak5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAA6zKx0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yrMvb8zAIvwrmac2405V4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://bluemoonshine.fun
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H0XA6YmvLWqIDV9C2WqJvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bluemoonshine.fun/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj0rTLu9kETvy8PZFJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAAbvCtQ"
content-security-policy
script-src 'report-sample' 'nonce-H0XA6YmvLWqIDV9C2WqJvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://bluemoonshine.fun
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FX_Nbq25OItpWIg6bNaAJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bluemoonshine.fun/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj0rTLu9kEOpY9msik5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAPJ-KsM"
content-security-policy
script-src 'report-sample' 'nonce-FX_Nbq25OItpWIg6bNaAJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://bluemoonshine.fun
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXvRCSOzxcWh5pIvXIsvAgBAip5sZVjYF6JmRxNGyKyibjgXJrqWMHhTwS6DsY3A59o3EPG9fZh6sikJTwHFRtDBrRH8pghxnFb4QkuizurRUGj4uZXdM-988IGhJwjrmRtZvUSlw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXvRCSOzxcWh5pIvXIsvAgBAip5sZVjYF6JmRxNGyKyibjgXJrqWMHhTwS6DsY3A59o3EPG9fZh6sikJTwHFRtDBrRH8pghxnFb4QkuizurRUGj4uZXdM-988IGhJwjrmRtZvUSlw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1NzA3NDc0LDUzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ibHVlbW9vbnNoaW5lLmZ1bi9Ib21lLnBocCIsbnVsbCxbWzgsIklNejU3eWM1aFZ3Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
2caa58578b0333e7d3625eab78dbfd635fcf5f0b502f17e2c8d383e6d4f48958
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PWjUfURFXHvK0lNhMH5Jzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtHikmLw0pBiWMy_i0ni60smLSB2Sp_BGgLErTfPsU4HYqO151ldgDjp33nWEiA2VLjE6gzEjkWXWD2BWLXnEqs5EN9fd4n1ORB_qL_M-gOIZ5y_zLoAiIskrrC2ADHD1yusHEAsxMNxadrl3WwCP97OnsGkpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoZGikZ2AYX2AAAJibR20"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PWjUfURFXHvK0lNhMH5Jzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUkd_WvVaItCIue3pPVBOSkG_hx3F4ciVJE4A8IzRtXHm1boKXW7hHcP2QraPJFFe2jaORc8qmS9SwmiYKNbn2lkz5yHHE9Dg7Uib5rt_d1zDODDzEjlyQsZMJLSC54esTN41BO7A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUkd_WvVaItCIue3pPVBOSkG_hx3F4ciVJE4A8IzRtXHm1boKXW7hHcP2QraPJFFe2jaORc8qmS9SwmiYKNbn2lkz5yHHE9Dg7Uib5rt_d1zDODDzEjlyQsZMJLSC54esTN41BO7A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wbxy-H_aNo_8DHl8VAhsXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bluemoonshine.fun/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj0rTLu9kEJvxbuJdJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAAI_CsQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wbxy-H_aNo_8DHl8VAhsXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://bluemoonshine.fun
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUo6qiD-H_6Y3ckbjcsRACe0rJZj6sS7WW2ED6g4BExZKE0NtSYFA3vYQRdsQGHkNoksraPDFdhk0d5oVRHu3RwOdmYBeZO1VkDZM6EtyGny5kuAbznoQFs3BrsLxIw_RCKo2IAEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DRYqCSRB3PhZ0OVFozUVIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://bluemoonshine.fun/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfj0rTLu9kEJiyasJ9JySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAADqHCql"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DRYqCSRB3PhZ0OVFozUVIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://bluemoonshine.fun
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f157.1e100.net
Software
cafe /
Resource Hash
32e2e4c05eba54e0513be935c219df34c64a246f96d30095d2facc63f2314c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13268
date
Wed, 01 Jan 2025 04:57:54 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
Chemistry.png
bluemoonshine.fun/Images/Icons/ 		6 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bluemoonshine.fun/Images/Icons/Chemistry.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.252.221 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5744.bluehost.com
Software
Apache /
Resource Hash
bd9d77c35ae1758be80b673ef585cd417cd5d4959860aeb46bfc807795fa9b3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/Home.php

Response headers

accept-ranges
bytes
content-length
6186
date
Wed, 01 Jan 2025 04:57:54 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 14 Jul 2023 03:08:31 GMT
content-type
image/png
server
Apache
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bluemoonshine.fun/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 04:57:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 04:57:54 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame FDBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jan 2025 04:08:12 GMT
expires
Wed, 01 Jan 2025 04:58:12 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 12FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nJDjF2-J1YWDbEfjdKcyqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bluemoonshine.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nJDjF2-J1YWDbEfjdKcyqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jan 2025 04:57:54 GMT
expires
Wed, 01 Jan 2025 04:57:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=2175578837489138&bg=!ISKlIm3NAAbtGp3CzRo7ADQBe5WfOPGzwoij-xjREQtC6yIUQ3mRbLyO804kUrxdqdKbQrQBQzyC5hr_BwxQlyCeOi1mAgAAAFJSAAAAAmgBB34ANhKijaH7RIBpUdHoHxhDw1S1U62CQJGYp2UcTwsmdSgvISIDyWGEt6QDfMnCNWdbNHha_BXTeJkClt01j5KREskcyZkW4JyBDnPgZ726jfFUA7YkX2VWBILEc7TmYiBRm8amKfNwe96ancF82IOKwxn4UXUuq9kpv40bKUmhTtS1wtUUP5Pl5OLRZN-QWsgrpC08h8Q-UZaaoVc1ToMGGtd3XxHGaEsT7uPkLKVCs0GaF70-182pt2q8qjFONc-gdLRaN85Kj428a3vDKvqMoaF7h3JLuAENefMkx5rEQivxGIbLo9SabecrdxMY3EKl_Swr-EOSUbph8DPPWxl7MZWrEOBHpJbm1LzO-r7WQUwQllmtae5c0LJDHtAEEXeS7Mf0vavyWP1VFFzg_NwxwFkmqFnwG62k0J7GWvZLofi969kOwG2Vv-3ivVc0auUiMg8EHdxDMWJraSU3AQVVXiWMsiAGKwMdHfKk5gKJFtuXkh9n2yXK1dXQbkgV839v85NlZMIQ8aozFlLY9Gbhl6TybG9FC_AgZjLluz1e5Ejdgo5SVyGDNaIr0LndX-GbXOzYXhbsx67MxQ_fVAf_SkkTSvKEq5A20FYsmmM8jFCO4YZRTEDS-3ULCi3u7CyZTWch4tn30a67wTFwfA5rrFhohxSPQi02TRVy0YVOKvNEEGxHLG4YPvkItqcjJs_TSFR9hfK3eB5ZPY2cG_YjnGy8L2cvZNe8XNu1DiFU_UQcTiENa79AS8GW8Q0f2HO2WO6ufSmHa8Pom0CPK7aVhQu8O7qaQ3x-r-TB9x4NjL1p6L1A3ji_VIO5xjUckiGzTCk9vfaBikskJfSPVG4xo_65yeDGvTxRv_OfcQAr0po9qHofRSW-vmOtILLaUK0eNcNgWhESgQna8lIXKkg_0g91HJxwkSnEytB57SWQgluJrdWTqIZlHz4Ir94Ptp-7

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| FullHeader object| Page function| ShowHeader function| HideHeader function| CheckCoords function| ToggleNavigationBar function| ShowFooter function| HideFooter object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZGVhMzUwMDcxMmMwMTljNWxvYWRlcl9qcw== string| ZGVhMzUwMDcxMmMwMTljNWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| google_empty_script_included boolean| dfd9720a-b17e-4177-833d-a4cc8a05a4bc object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
bluemoonshine.fun/ Name: PHPSESSID
Value: 36e1d7cbd66b62ce7c19be535f1486f7
.youtube.com/ Name: YSC
Value: Ar4Xo2Mlc3Q
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Qi6FOdfLl58
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgIQ%3D%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUmTVF-3dpTCvvYj1mI-f7APTbNyLIzQewkw3lNDCqMvnQ5NZmSk7ET-Ir99
.bluemoonshine.fun/ Name: __gads
Value: ID=277e56d8b3f27e67:T=1735707471:RT=1735707471:S=ALNI_MaUxWVrqhEcExYhdIq6P4G0uUTTyA
.bluemoonshine.fun/ Name: __gpi
Value: UID=00000db4d7177d96:T=1735707471:RT=1735707471:S=ALNI_MaN0JKelB0IEl_8DS8Jnu7FfbmZLA
.bluemoonshine.fun/ Name: __eoi
Value: ID=254354e347aa922b:T=1735707471:RT=1735707471:S=AA-AfjaB6k37q4NNQe5UKxabg6EQ
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMPS
Value: 576
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: Z3TLUdHM5W8AAAgPDgq48wAA
.casalemedia.com/ Name: CMPRO
Value: 5801
.bluemoonshine.fun/ Name: FCNEC
Value: %5B%5B%22AKsRol9QNiMIKM2HV9AVC3ZKmH58yEjoWrG4_fzdRcpFmGxYxTosT6fvHPjBPK7-bghUauEAtwKg1pFvKwly3NYdU4Z2MmVGzg4uBE39sN3d6wFcOREqmLniWMi6wGuFcrwczJCB22077kLOXuci_ZJT370r16oFTA%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluemoonshine.fun
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google.com
www.youtube.com
ep1.adtrafficquality.google
162.241.252.221
172.253.115.100
173.194.207.157
173.194.66.147
209.85.144.154
209.85.201.156
2607:f8b0:4004:c1b::88
2607:f8b0:400d:c0b::84
2607:f8b0:400d:c1d::71
005b94a4c9db03dbedc1b19aaf4a1a145ee0cbde3860bb5da7507ba3bdb3aa35
06e98474df5eb8ca8bc5f3021828a85adcbe97a368f26991b0050992848ccf5e
1b04f4cf40736109acd2553bc210b969b00942c331e6977905de65601657e9a3
2caa58578b0333e7d3625eab78dbfd635fcf5f0b502f17e2c8d383e6d4f48958
2f43c89db31b58de44e3511f7c028d7a8f9a30659dc23bcffe57f4b3fbb2b3e6
321d78350abfc4d423ff0384b97d4b55d6ec0c48ea3c355931f5600627dedda2
32e2e4c05eba54e0513be935c219df34c64a246f96d30095d2facc63f2314c5c
49c776beb8c38805d72639d1153d4a7a3eb7fc6b320d18e6830084cbd4a332a9
5623a60072dea10d1a551a84b8146ffc785b7057c891202eb60e7a06a88b2a07
5ded6d648a4d190a65aa0e6dfd040cdb559f1296a2e948b172251c5acff6d988
63e95e8a342319fbdd24817ff98f1bca1b05b27c5d29cbad5ecc80bad6f66fc4
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
8aaab753be8299075e663ca34f3be315b6695c786d29234a74be09ff65f9dbc3
8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de
8dfccee0586d538762c9ea7a5204afd8a33d9b11aa4270fc19d48cd25b63f46a
935b423de6da04d5e693d9cceea5e872fc3788d3cdb13db325704c1a478d2804
948cf95f4ac2885bdf84a0a69c55487bdd28d9977b5b6552235d64456c7e20d6
afd57c55eb08f3dd0193faca4f2246f7e665e5764ac74905f8ea4cd97fca4bfe
b2c2527fbe67ec3fcdd6df535d5fdda55863198c8be1f7d1f60ce90f96078249
bd9d77c35ae1758be80b673ef585cd417cd5d4959860aeb46bfc807795fa9b3a
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b074f982fe595ccad844b0024ce7ee9534edd13494782fe85dedfd86cb1380
fe54db5ef1a87eb2d7737ba0423ab5766136c2ffe0ac17ba4d23f5f539675574
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99