{"report_id":"01ff4ac2-9800-4fab-b35d-b5336f72ab25","version":6,"status":"done","tags":[],"date":"2026-02-04T16:59:10Z","url":{"schema":"http","addr":"moonsbrds.com","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"172.67.179.210","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"moonsbrds.com/","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"title":"MoonBirds | AirDrop","dom":{"size":61291,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"c87c66c3ca45c2bb3820878408153c3f","sha1":"28c006284ad5f154e65aff14611b6248eec7f3b3","sha256":"f1a7ded8937cf565988c14358a013d23b58e86a64855919ea7e498b098807246","sha512":"1a754ccb3afa0c835a1e060be48464f9f6f57d0644597ed78e862e6c8f4c39715da3ccea6acc50bc7612305cf346aad10f89ac9a057a4685602e0e98d96bada0","ssdeep":"768:hnmdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN61:EBVJVQnGh","tlshash":"cf534fa0b8a1983b345391df3bc64e5f7ab9a413cc26b604b6fd05c14f96efa9c63414","dom_hash":"domhashe1a4ed65cb9e972d545042fb1a56fd16","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"moonsbrds.com","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"172.67.179.210","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-11T16:59:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"moonsbrds.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-27","domain_rank":0,"first_seen":"2026-02-04T16:59:11.901314Z","last_seen":"2026-02-04T16:59:11.901314Z","alert_count":22,"request_count":22,"received_data":1877668,"sent_data":10585,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"moonsbrds.com/dash.production.min.js","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c02beaa55874ad61df1aef1ed66ad3d5","sha1":"bb13c864b3e84549d7ba99c82e685d04e647de4d","sha256":"9afdef2c85ceb3cf214004dcb5629bd7480f0d3156556d9afa3b690bec094128","sha512":"06d9adb4c74fb034463a8b58036ba76f0589aeb0aad240988a7272eafd44ca3bcde762bae2355ec8e7b8f96dbed9a53709fa5ed3fd4db0bcc8a71b5966f26b32","ssdeep":"3072:2bSzPNT42ywPVHO31W5P9jID1ydTbqT+YThMWDeO2IZ6ictBIDyMlhY:2qlXPVuFWZ96ydTrihx6O2IZ6dPGyMli","tlshash":"7b942d5615ed716682cc71f130245e7b88b0cd788f41cab2fa7895b2fddc42289f6ea1","size":412186,"data":"","first_seen":"2026-01-31T01:33:14.416325Z","last_seen":"2026-03-28T02:29:54.861815Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d305b9757915d69672d76d41c015f1aa","sha1":"afec2b9679e574b2a08e2af128a19ad3380600e5","sha256":"700a677a7c84741c878971c4fe98f344b1c20d5db40921c9a4b9f9b27f1820e0","sha512":"64ac2fe218c219fe9124558d583c0817f67c6929ce1a85c789be00bcc298d6475691f59f45780b94980b471d635cf83839b3207c39c0c7f3453a4c43ac26ca9d","ssdeep":"3072:2/Wq9cTfFg+ThtXbLVrpJEsdpdITDydTlGlE6Dr+a7SAIgZkUkRBIz+Mf1U:24NTbPVrEepiydTTErXWAIgZk3jS+Mfq","tlshash":"1d840b5615ed706682cc71f130255e7b88b0cd78cf41cab2ba78a572fddc42289f6ea1","size":405368,"data":"","first_seen":"2026-01-30T03:18:40.243064Z","last_seen":"2026-03-28T02:29:54.862398Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fconfig.min.js%3Ft%3D29503738%26u%3D0JApVJJTqa7xG4_6GDY5MjU2NDM2MjhjZmYzYzM0MDI3YTIxYZLcAlVzfS2uh978rQ","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-12T12:15:57.003216Z","times_seen":2567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"moonsbrds.com/index_files/skfhx.css","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/skfhx.css HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wVFbT7EdEYNd9wUPj4f%2Bz8PhnzwnlU8o9a8UOo3cC6ch3jMYXDng%2B4mGMMT%2Bq179a2PN2x1%2Fez7JH5BgmHzNkSasjQhBbkNHIurH\"}]}\r\netag: W/\"6979ea11-493e\"\r\ncontent-encoding: br\r\ncf-ray: 9c8bb70afce55696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18750,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"82aef9a3e1c80478f5323ae7a8ae7668","sha1":"7eb9f4a4d04cba5dca28002dada802abf4c42974","sha256":"5d3197ca298eb840cb43e77bf3fbb6c75bfa01280d4975ba225004c5da5c3934","sha512":"de21db733b730f86bd48a3d43aad885bd42e8166878800363d83bc4673165514a20753ac166c3ee70bb8667eacb69e9f6da7cc1a0c1eedc962318d9899b8fc19","ssdeep":"192:uS6ipGfMckARAjQl+7BNL8k/83Vt5uwrfaTcboz8Dd3AY5UtkJdeENMCKUC0hHv2:adDFuBJ9/GTjvd6bUHyV","tlshash":"018206d2276950247d3bf5582ba79b4db3a8e042990aca7d7bd4206c5fc93ec11e3b4c","first_seen":"2026-01-27T11:12:46.136264Z","last_seen":"2026-02-14T07:55:45.650736Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1121,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/fa-solid-900.woff2","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/fa-solid-900.woff2 HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/9dlxd.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QvWmQTwgO6sbot6T%2FTDcz1kxZO9aTO5ELZ7pDycrkhg2%2F0B3eRPB1wrwgcejtTPFhslyS73AsMrFT7d3z7OvgN0yetZ2DiDwHAyH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb70e08a75696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1159,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/partners.svg","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/partners.svg HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/skfhx.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aqh2%2FvWj9SfaLUjxZOqx0vStx98ZJJhj3XJW0OCrOtWTdBS4fukYICV739rg3g4tjP51REoAxhPt5sGaT%2FR%2FesA%2FZ7W%2BhpyXkevI\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb7139e765696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32743,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"8f39c1c70c884df10ef9c444ee8b602c","sha1":"e0b2af7eddc74417dd7a97344b818509225a1250","sha256":"22d43262dbe30523f32c2ef64f5b0aa4fcf5d9d4242ae71dc0132e0252661e7f","sha512":"94eb5b6d785ca2d5a34d33094db8ea9fc828cef41c22ed453b29415d095fb9782803971fe7e0e1313d948326711150f3a6d33be5ff126fce9b5f0c59d79e3bd2","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68S:CBVJv","tlshash":"22e2fe85fd22ca7f391391ef67ca9d8e616430035812fb58b9fc50918f426b75db3928","first_seen":"2026-02-04T16:59:16.153942Z","last_seen":"2026-02-04T16:59:16.153942Z","times_seen":1,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/fa-solid-900.ttf","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:51.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/fa-solid-900.ttf HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/9dlxd.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:52 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PDQzXNNHOwM%2Bh%2FSF2W3ZheugaKtG6V%2FPyfl8ETU0i4Py3po2hs%2Bhjdvqh8LtGxQYhMVB5ul2cg77SU%2Fai7BM%2BS%2F8FjVu3ZhrXN6t\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb71578805696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1127,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com//secureproxy?s=%2Fjmpd%2F","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:54.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"POST //secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://moonsbrds.com/\r\ncontent-type: application/json\r\nContent-Length: 2185\r\nOrigin: https://moonsbrds.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2185,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"4vn4Ao6AuYNNkXX1rPvZBCYGQdJktUAKT8E46otw8Gc6WuA8HWVwiMxKEzpocjuw3VTvicwbAg5TH3NPyX2G4imYCxnT7swr6pnN5rMkgu4gaWQVt43Caf4e4iXJeqCKhj1TfZLWxdFPdCkxy2hZ8amtFA2VoLV2vaibdwMDLELVc4gz5qVhA5GV35bT5waAEgnVmpKPDHAk29Hgj7QdjUZ4BcSLWxkH6tUjZijG9se2EiSgh9ykMSuosR2PM1zzqGSsVimAzVUCVnFUXcJhq3zgeCsNMjqXDeu45mMmpvvbxbDYA9MEozgwSpggApXgJ3TN32yHYPbt2g9oYjH8EUnC7kaB8xdGqtZdJZtzHmWxS383FPMoaVMrgGaJ1D5QTtKXaMh7zCdgRr9Nd2dx6Nm4bkjZGLSESN18vxzZPjjSNRcH34R9XC3GBmufi1MFBBvMPFBiJTL8KXitNRK69JPCqHqcgC7CJDHSujVvYoV1zwyc3EUMdQWfGUGNPqA6EyV1umG2nySWC8624sZeADKKvZUwWG5hVr29pzhgoYbUa4FermSvhXA1gSQ4cAMhPFuCDo5sv77fTid4kRmSeqfSei6WGa3Xn4s7EdJzKCPs3ySM5FTqqYNsLevU7VjXX1s2GtNqC3xiWtJW2J29h262S6Y3YDFTtE7rsNGWTPkRnPUpXTGRyDzSKiRxAw9XJ54D5bxowLrXJyiSdLCSdbVjgLgitsy4kzy6TGG15JcP8uxjRThyHNx4vsC6zGn7h9X61rtbRZWX93U7kLpwjk97Rqf7f9fZUfPgF1NFu1JZoKuAL1eoH8qgWvFSiWBG2Hu2UuMzFXMWDrMdHbKv7mE3g1o667vjnpiWPuuF1PiWsbyGZXx69FFkU7nmjGRVSGR8aUssJUi89XGC13eVq7bnQYF1kyCAhHVk6YsuwtXYHa8aWKUc8YrD6eThvuLUrbk6FFZXADeTbVMYhS1qndFEmqScNSQkMC52m4XEPLGaciiNekcT9FxxBzbf2G46GozZ1TgH4sAh4zxD1Dhkxasm3zzbVdaupQQTUrZVfgcM7CAivDoHCKaskoHSjLEBPc84eK2KrmpSA7QSr49r214tg6CctzFN3UvfnKzPZmyXt8M1FfvyfgMLUZuFLPtTwUCxwUyaSfBGmss9XxZsoXCY6B14SVm2zeXiF5sVNvzFgMWkvXg5aJnNxuMERJFtgEeQ3Qwz6cMBub18P1PqadKwqcGkKmPfZuvmEkay3jVuPbAosWaVsoRJ5qnFsekrGsHtuLGQv3MQgnF3KurQjJb6ELcv6sBXfwz6jYu5d1o1kaQhykPNXaw8RT1de4Jc2XhWjTM8hxTBx8HqLdWDeH6mkNMorhFRY8AgumHU4vuZXMtt1Y4jh9tDWsXqQcN3ULGbhaDmnpokBtT787JRssHh2BzBi1rhhvnMZyV4VFQN1rv8PW7ZdpDbWmi2AWtq4srSSc4tKRA5CFwrkZCVjmkZauHix3V57JXmiUuFkxqNvM7SeQYh5LnebUBuJnbxJCbfFCjmHLcN92u6xJJFK9pUpw61SfBrxQzyGEk1Fc9JJaShUCBbUjfCp4j3U7aGuoPt2HJcmcjHAprH9p1Zp5Aer6NB7hw55wPLdz5cNF3QXvRUZ4NydkfdJMXcRFU2cAMpiXmHoQvD98uoBjh4DdBebsjvpk69J7QUEhTVLaoXG286SaWaWLsLPmvvUXUpv8Jt6QmmWBpHCGY5E8HNMMoDp5juZBKxnG5TP8YjCVWsmxbkKTaxdRPsKQMePKw6uAuuezWTnmqF2MXJW3gBEYmRnQgGEG4Tq7yKBbQdUALrEpF6Qg2TyRsX7ikTABfb7NS2LdNCYhzNGav4m3NaWsuzNDuVJFEs5PqijNmaQPGsTsBmRjazVeA7drfxXf4qhVLyFBbhRD4AuhQWV3ce7jwe1MKsnKfNjMc7s7oGvZU9e6XoYjCf5d8JtCgPdDbkvgNhoWHiLuUkVaJGNPhuy5KZqjNpiFowZ7EMRr3hFrH1kBHQuQzLXEEi3h9jwSox6QqKaF1M1UUvyGStzmzd1wfyEsknCoZuhkk25T66Y4AFvSk7ocnUQeSban5XuVNK5QDz8YqQ72Gkx18V\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"db-am4j3LygeS9exCbOhevUmOvVxCo\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1770224394157\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 02/04/2026 16:58:54\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 6a00bbc85df93bc216056a694106a3c0\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4xBuzhoVPR7XdUkAe%2Bzz1IKtFef%2BmelYgUZQtuHbRRmUyiVoIUCG1xF60IQQ0vusdwkYAkFhQg5EaiLf%2BPaztv02ssSr%2FzNcvJyt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb7282b005696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":219,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6aef617f26b6f193519c69fa731270c3","sha1":"6a6e23dcbca0792f5ec426ce85ebd498ebd5c42a","sha256":"22cdc318f0613cd03c5a22405d702f054c50bcd3bbd42b05fae202e6453b5781","sha512":"f9e220fa869ba30d666b214f769954b82e043b45a95e060bd87303a1e1bec37e29b83baa4930ab4e73f2e1f90b0a1cfe5c5e44cb665e81895208d8a9aebff753","ssdeep":"","tlshash":"f2d02324cc50468dfc0313bac495650d491ffd1d6cd8dc904649d19f471fe0e2081cc5","first_seen":"2026-02-04T16:59:16.154872Z","last_seen":"2026-02-04T16:59:16.154872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/dash.production.min.js","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /dash.production.min.js HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:49 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7SV5Sk3NTs6wotMrO%2FOQ98PJbLdPqYMxr9Hgvlt%2B81wcOuZVXNweDX0euNrH0iqx7i42ckHi6GukYTD1U%2BTNOsHPnRg9xG67CeMk\"}]}\r\netag: W/\"6979ea11-64a1a\"\r\ncontent-encoding: br\r\ncf-ray: 9c8bb70afcdd5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":412186,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65159)","md5":"c02beaa55874ad61df1aef1ed66ad3d5","sha1":"bb13c864b3e84549d7ba99c82e685d04e647de4d","sha256":"9afdef2c85ceb3cf214004dcb5629bd7480f0d3156556d9afa3b690bec094128","sha512":"06d9adb4c74fb034463a8b58036ba76f0589aeb0aad240988a7272eafd44ca3bcde762bae2355ec8e7b8f96dbed9a53709fa5ed3fd4db0bcc8a71b5966f26b32","ssdeep":"3072:2bSzPNT42ywPVHO31W5P9jID1ydTbqT+YThMWDeO2IZ6ictBIDyMlhY:2qlXPVuFWZ96ydTrihx6O2IZ6dPGyMli","tlshash":"7b942d5615ed716682cc71f130245e7b88b0cd788f41cab2fa7895b2fddc42289f6ea1","first_seen":"2026-01-31T01:33:14.416325Z","last_seen":"2026-03-28T02:29:54.861815Z","times_seen":10,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/9dlxd.css","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/9dlxd.css HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cjs2bOahihEXZX%2BJLWFi8SeTk0gpft5RBpG8BdfJetNRU6EDd7ZN5%2BAf0drhdYP4x2sZd%2B7yCpQMIrsR7lxvKMlLNXl7XO6iXey8\"}]}\r\netag: W/\"6979ea11-18c3a\"\r\ncontent-encoding: br\r\ncf-ray: 9c8bb70afce25696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":101434,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (41066)","md5":"77edadcee2aadfb1c573c6849e6b6f4b","sha1":"1781c815f6fd6dfc75312cfb2e99709fcffccc3c","sha256":"dd61f2d3bf2b0a2b6f31242ec61888313fa8dced5eed31e9c67e243bbbf08ff9","sha512":"6af29a86d492ab85e8945bee153b9340698ea27738f8aea5e739c970ec579813452f119599e4a86c96be3ba31ee810b02aa55010915eabb752975cdcd2a140cb","ssdeep":"1536:PMCMPMCMjMCM4MCMwMCM3sVMX70vebPMKXSFPTytGuCprfZC8:q70vedCFbytGuCpfZC8","tlshash":"cfa3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2026-01-27T11:12:46.140606Z","last_seen":"2026-02-14T07:55:45.654268Z","times_seen":16,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tboMvYqEdIrj36svbk9IH2UwPN6gah9%2FNY2sGO5NcLQgOujIpCG%2FcsdFpgl6J%2FjEzeeC%2FiCxD5kWZM8Z6Zkq4VIiZ9pb1l7GJuRY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb713ae8d5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2 HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5AO4TFxi%2Fe74305adAAmq48otLcWt4ytUdh1a2aqzTeYoEWb00U%2FhYHOewaYOR43RQ2VKdWhF7hIyv4Cxqbwe1V%2B71E%2FpNXohwGe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb713be9e5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1131,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fconfig.min.js%3Ft%3D29503738%26u%3D0JApVJJTqa7xG4_6GDY5MjU2NDM2MjhjZmYzYzM0MDI3YTIxYZLcAlVzfS2uh978rQ","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:52.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fconfig.min.js%3Ft%3D29503738%26u%3D0JApVJJTqa7xG4_6GDY5MjU2NDM2MjhjZmYzYzM0MDI3YTIxYZLcAlVzfS2uh978rQ HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:53 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\nvary: Accept-Encoding\r\ncache-control: no-store, must-revalidate, no-cache\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=config.min.js\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 02/04/2026 16:58:53\r\ncdn-edgestorageid: 883\r\ncdn-requestid: 8e9d2413003561c82052fd37d3a9d5f7\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=junV7pD1F6gPwkaNtKcHFiyKZ6cPbW%2F6NFQT%2Bs%2F2LY8Da3Ii8ap0uNmptOUAnpyyqFx2n50PS9VP8flxy4VeRJ42u9cavvxMMGtw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb71cdfe05696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-12T12:15:57.003216Z","times_seen":2567,"resource_available":true,"data":null}},"time_used":1442,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1302,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/css2.css","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/css2.css HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b2ItRWyjJlazWQjqrxY7NZnUo5Q8y1pQ026zjJFR86iIwIXXXBMS5S8WhdG4n7RzpTTn%2Fif2R3Kmgdiw5cEDOBnwQQWKM8kgfNdE\"}]}\r\netag: W/\"6979ea11-1833\"\r\ncontent-encoding: br\r\ncf-ray: 9c8bb70afcde5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"091a432ce5732c51a183d557901b2425","sha1":"59f1739cbdc6040616f9e4eb170b9bbd3e133d3a","sha256":"2932a0893c6528b13291ff909d3a5b368013a206e3b519e9471c8e104a4ddd20","sha512":"96bd8044dff1a0abcb0c02fe30fe5ae41128ad3e382c8a22cf844d8d38a88081c2ff4114c439d5a6becd2af49c9a4fd679e78a46c63b643fc3274ea403508f97","ssdeep":"192:fTPUZm3KuJxZTk/mm3thJ+UTpm/m3o8J3k:rxDOZjc","tlshash":"56d19d91042f500063971cd663ce3f365edd6148a049da783ffd1c9aaceadba53a174d","first_seen":"2026-01-27T11:12:46.13403Z","last_seen":"2026-02-14T07:55:45.651285Z","times_seen":16,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/css2-1.css","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /css2-1.css HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LzUDAj7KVllB%2Fez7gTL%2BHPDT5SWAM9fgQRjUz5YiUx7CnBpfm9%2Bd4k6lIyCWCBr9YDVvBTRFMABNF4Gs8Aup53UGCe%2BsBUVkkXhc\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb70afce85696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T11:33:38.501145Z","times_seen":16385373,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/secureproxy?e=ping_proxy","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://moonsbrds.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y4BEu7Q2acde45SQDgEJ7tHWEzxSaf4sJunkEE2GAEYs7NlfKECHSawAdzgXEY6RGBulxiLPB9ep%2BW9MZ%2Fzxdo%2BKHuPnatV5c4P9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb70de8885696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-06-13T11:20:57.137714Z","times_seen":8814,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/css2-1.css","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /css2-1.css HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sgy2lBnKVzry%2FsF43TLaaZHWCVITPwqLG2LIYV4utb%2Fs8WszeM%2BVJucUIWEyY2HhYjSsNwwWVsbOmqKG%2FvSN1QQsXkU6NghbVSrH\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb70de88e5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T11:33:38.501145Z","times_seen":16385373,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/favicon.ico","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xyZSmCLLwZy22VayksdwR%2FjosQkPFprFd7vipGAAl%2Fy4MXvQRONB0H4jVQtTxvZTfp%2BlaUtaMZ3ceRuESglfGWk1qyd7SM%2Bw2qRr\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c8bb7107b965696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":127,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2 HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O6Ahbg2Xj8dO%2FGqnwNFrc4GtGB0Z8LHqaYi4tMXHWJvU0O%2BjMMbYgMYaNr2MAqvti8T3NdKjM0crXOJuuzTzXBoI7Hbfe%2BX8MORz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb713ae905696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1141,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/bafkreifesrdorgmwpy2zfrnzvqb5guc7petxirvf2v2vaxqntytmrwyyw4.png","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:52.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/bafkreifesrdorgmwpy2zfrnzvqb5guc7petxirvf2v2vaxqntytmrwyyw4.png HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 5394\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\netag: \"6979ea11-1512\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NKMJd3VDAEJPzPIcUVtKijH3qxYcnBJj0s%2FA4vmuJwRtRhFcAozU1mgEU7TMAIhtQFuCFFrrjssfWEyxWWcA2PvXN%2BVhM1Myj04N\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb71cbfcd5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5394,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 401x402, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"eef71258de7a12a58e89d1c68ef2e51f","sha1":"9e85a5060491bb5b0fbf1a9aaef60dab9db26e95","sha256":"f072f55ffb215073c0978c77ed3be187fec4a05c6c0e60b8ff93af31038a2518","sha512":"1285a7ae2bf1b1a461930421a28bbde59f5870ce8eb56024d42af3b3cbd8200f2483c63a1c94162209b4fdf53f58dc7a4fbe83dcb9d3a69fb7366aa5005615d0","ssdeep":"96:bc9zQiAcqa5i9427nNZAtmWdFPFcjUI2uwOpT44H6jJ10khmd4nZAhwusX0+b:46b/f9xYtmWbFc/2IT49jztHb","tlshash":"b8b18d070997883a3c8b36afdd7006644304896f9e385bddf466c732862da53062ed9f","first_seen":"2026-01-27T11:12:46.141967Z","last_seen":"2026-02-14T07:55:45.650171Z","times_seen":18,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T16:58:48.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:49 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sh%2Fp4Gg6RdhsNIKH8NtEhy4WGwWHlSR%2FSfgSEHISuhmhNXqQ7cq%2BTVgONDFQv8Tk5PD7TciS%2F6wO7bF3WAWa%2FmiuRHhX11XkfUar7SI%3D\"}]}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c8bb7028b2076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1244,"timings":{"blocked":26,"dns":6,"connect":1,"send":0,"wait":1192,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/bafkreifesrdorgmwpy2zfrnzvqb5guc7petxirvf2v2vaxqntytmrwyyw4.png","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:49.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/bafkreifesrdorgmwpy2zfrnzvqb5guc7petxirvf2v2vaxqntytmrwyyw4.png HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 5394\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\netag: \"6979ea11-1512\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZryyPLOtgH%2BID0zKXdOqecuvatO6pEItVYGSaxbtGPooMUNP5bveatHe%2BAz2vAXdlyaytUKYi%2B4kFu22WwGtTxXQP03bcrgJebL2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb70afced5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5394,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 401x402, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"eef71258de7a12a58e89d1c68ef2e51f","sha1":"9e85a5060491bb5b0fbf1a9aaef60dab9db26e95","sha256":"f072f55ffb215073c0978c77ed3be187fec4a05c6c0e60b8ff93af31038a2518","sha512":"1285a7ae2bf1b1a461930421a28bbde59f5870ce8eb56024d42af3b3cbd8200f2483c63a1c94162209b4fdf53f58dc7a4fbe83dcb9d3a69fb7366aa5005615d0","ssdeep":"96:bc9zQiAcqa5i9427nNZAtmWdFPFcjUI2uwOpT44H6jJ10khmd4nZAhwusX0+b:46b/f9xYtmWbFc/2IT49jztHb","tlshash":"b8b18d070997883a3c8b36afdd7006644304896f9e385bddf466c732862da53062ed9f","first_seen":"2026-01-27T11:12:46.141967Z","last_seen":"2026-02-14T07:55:45.650171Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MnV%2B%2BwvQSNH6%2BDO6iECTpMwXNOjGWCVYXwwX9JQB1uNX3qHCfYD1rPAdtti3AJfRh6L1tJckRyCenCeWacAxro03pBOuLrOBjH8Q\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb713ae915696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2 HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nzNwQQQGE6NIY0lI0kL2pXkv0BuVvHicoQ9lqRw8BlV2%2FXrDCEX7CuuaF8c2Zgt1omUYTT%2BUebbs4%2BkkjsxrjBibYSXFn8MCaayE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb713ae955696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1138,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"moonsbrds.com/index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2","fqdn":"moonsbrds.com","domain":"moonsbrds.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moonsbrds.com/","date":"2026-02-04T16:58:50.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moonsbrds.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 22:22:38 GMT","end":"Mon, 27 Apr 2026 23:20:09 GMT"},"fingerprint":{"sha1":"08:C0:EE:86:42:7D:45:E7:CB:E6:62:57:18:66:AF:47:AD:82:AC:CA","sha256":"87:B7:7C:E9:13:E9:A6:BE:61:0A:99:1C:29:89:B9:63:46:07:1C:C2:8A:8C:4A:0C:37:1E:87:63:A7:0B:5E:DB"}}},"request":{"raw":"GET /index_files/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1\r\nHost: moonsbrds.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moonsbrds.com/index_files/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Feb 2026 16:58:50 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 10:50:57 GMT\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i1nC6wsMzR6fbDb6Iw5p1v0f5L1RCEqIIL9XoTuSM6uKWUL4MttA0RJ5hQbaQnlXZWIfXQ%2FP0XcbSdyBd3yLEIkBx7EoiBl2P2A9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8bb7139e835696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61914,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"7793728becb2f723e4e299753ad3aa0c","sha1":"0acb82053acf7633f0922e654ff6b411d283b89b","sha256":"27241bdf8f4f5edfc571efcdae29d6632648a6d1903747535c5088b9541297af","sha512":"b9a6c252d8567b713d485d1f356ce7357b90529b17ff1f6854768bf7e8c7849e6189b858d9b7ca2c6970d8c104bc8ad62c0eb6406dbfebac89eb3a26cd2a42e9","ssdeep":"768:7mdfBORoDkF+gYra8gFvAQFPR/AN2t4qJHSTzaFqJZpKdrh+b9qRhZ69TROpN68Q:CBVJsQXGO","tlshash":"045340a0b8a1983b345391df3bc64e5f7ab9a413cc26b204b6fd45c14f96efa9c63414","first_seen":"2026-02-04T16:59:16.153168Z","last_seen":"2026-02-04T16:59:16.153168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"moonsbrds.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}