Report - moufed.com/

Report Overview

Submitted URL
moufed.com/
IP
18.158.98.109
ASN
#16509 AMAZON-02
Submitted
2023-01-30 00:25:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	360 B	1.1 kB	216.58.211.4
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.214.111.16
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	472 B	16 kB	216.58.207.227
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.2 kB	93.184.220.29
gvl.ezodn.com	80678	2021-08-21T11:23:21Z	2023-03-13T01:14:25Z	423 B	220 kB	172.64.166.2
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-13T07:25:00Z	404 B	877 B	104.18.10.207
g.ezodn.com	57919	2020-05-19T10:05:54Z	2023-03-13T08:01:10Z	359 B	710 B	172.64.167.2
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
moufed.com	534354	2019-12-12T18:39:12Z	2023-02-12T16:14:54Z	8.6 kB	46 kB	18.158.98.109
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	57 kB	34.120.237.76
privacy.ezodn.com	unknown	2023-01-05T15:24:55Z	2023-03-13T07:47:16Z	359 B	663 B	172.64.167.2
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.163
ezodn.com	8162	2020-04-22T18:44:05Z	2023-03-13T05:55:44Z	377 B	792 B	172.64.167.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	moufed.com/	Malware
2023-01-30	medium	moufed.com/utilcave_com/inc/ezcl.webp?cb=4	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	moufed.com/	249 B	2023-03-13	2023-03-25
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:22:39 Last Seen2023-03-25 23:31:34 Times Seen4 Hash 39643d83f903d9f5ac683269d61d8f1d d0513878e9e1a6fc25c6462188b3072dd0647111 06387d2e03d6f8ca6d461fb3174e2e69da2f2638215eaf7171fd8b75a405865d Loading...

	moufed.com/	1.0 kB	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 685a8875bd3441fb65b72ae71995133d 20979516824290eb9d7f90a4c84b83f79f7a061c 8eb9cd160b6cb2eb348e851b3a1053678f4eda0e2fcd3e286b81e4c06e817088 Loading...

	moufed.com/	410 B	2023-03-12	2023-11-18
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:55:07 Last Seen2023-11-18 08:33:53 Times Seen515 Hash 76d19e17efe48f3d1d94086b42f6bbc2 dd737c5af3d6536908b2eb4141dd48386c96127b 3927dc9ab23af4a0326e8b0dc7f8725591cf98b213953b5a5ef00e2825e33031 Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	412 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:01:06 Last Seen2023-03-13 15:37:41 Times Seen1 Hash 10fa8a547b2ef125150037f815579540 32d80f0b24826584a73c4113d51300b7666282cb a0a04c24a9bdaac0e8aa2d22df95a7ae8c0d744a31b732da3d6e4bb279c79e40 Loading...

	ezodn.com/detroitchicago/consentsettings.js?cb=2	1.5 kB	2023-03-07	2023-12-12
Pretty URL ezodn.com/detroitchicago/consentsettings.js?cb=2 IP 172.64.167.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:55 Last Seen2023-12-12 21:36:36 Times Seen705 Hash 3a97ba13f255c9e558afa46584903ce3 faeedbdc6512014b3c4cd43ff65b08db8cac9a0a 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c Loading...

	moufed.com/	1 B	2023-03-07	2024-04-25
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-25 13:12:52 Times Seen68797 Hash 68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Loading...

	moufed.com/	260 B	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 1b2f7f9193fe0e0f751406d2f91fa99a b24ec652781c226496ac729e81c745499758434d 0d0e193dd8b9068817f4bf20367920c5ca4d177cc433a54a84bbef16184f8a61 Loading...

	moufed.com/	55 B	2023-03-07	2024-04-24
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:55 Last Seen2024-04-24 05:41:36 Times Seen160 Hash a5bd39e22f17398fea1d0d04266cf78d 596e30ec4d811a65701b1d7e41292a856d5c95b7 cd42dc8e838198fc30b476807c5e5089ea94fac6a9496e96a5610e2e18e8c9ff Loading...

	moufed.com/utilcave_com/inc/ezcl.webp?cb=4	1.3 kB	2023-03-07	2024-01-19
Pretty URL moufed.com/utilcave_com/inc/ezcl.webp?cb=4 IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:54 Last Seen2024-01-19 09:59:14 Times Seen10 Hash 96d6db4ca44de0d8668f201f874a21cd be179af8cd8fab3a430698876efb29ad165c869e 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319 Loading...

	moufed.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-23y13-4y17-5y1e-4y23-3y31-4&cmbcb=121&sj=x04x02x06x07x19x0bx0dx13x17x1ex23x31&abt=LargeAdOptimization	64 kB	2023-03-13	2023-03-13
Pretty URL moufed.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-23y13-4y17-5y1e-4y23-3y31-4&cmbcb=121&sj=x04x02x06x07x19x0bx0dx13x17x1ex23x31&abt=LargeAdOptimization IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 56bb99b0a93ed0d31736c7761c8cfd2c 73a849faeb9cd75706b417ca75f36ddd98381650 4b0e5a2c10d01fcc0a9be4498282898d8f8a8ef2cd5ebf97f7c031e7d141e65e Loading...

	moufed.com/	716 B	2023-03-08	2023-03-25
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:31 Last Seen2023-03-25 23:31:34 Times Seen4 Hash 2f73e232e115a975f09c69a270a484aa 4e3166bbb387876d2d982c2bcfc57b8418eb8f39 ab236554f376eb89c21bf96ba0b06ea2a1af7e604efbcf3c2ed6388304481e58 Loading...

	moufed.com/	5.1 kB	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 223fcd5ec8b4426bb48c92002c2aa038 00b04e8cc7607d7e0b4eebf140b17c810d3a0e64 dc8cee4ce14995a2209353da97cce9bc6789fc80a96c0e0a11f0b311192d56c3 Loading...

	moufed.com/	504 B	2023-03-08	2023-03-25
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:31 Last Seen2023-03-25 23:31:34 Times Seen4 Hash f25324cc1378f014278f5e8e345ca577 7e4f2336a6ad4d08da592d1f9cc96fabbb1a8061 ffbfcac2d4147cb8446a4d538b41e6035346abde4667cf1841a45ef1800dda0d Loading...

	moufed.com/	568 B	2023-03-07	2023-03-17
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:55 Last Seen2023-03-17 12:34:09 Times Seen1 Hash 5c70811be4aa25746b1bb57cd1713673 706bacec450093dd9c2bcd22080745f8365130d9 47af9b47980d4d822244a2d8ad34aa46e7d854abd7a50efa08d0a9f2b072e4d2 Loading...

	moufed.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5&cmbcb=121&sj=x03x0cx18&abt=LargeAdOptimization	42 kB	2023-03-13	2023-03-13
Pretty URL moufed.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5&cmbcb=121&sj=x03x0cx18&abt=LargeAdOptimization IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash bd00ba197a5290194a4e8327f443a831 c4851861ffc50a918c8b52256961af4f647b0a57 75378cfed74215c26d247f5706f2730dab8f570fd1b1f706b1970ec111c2ea64 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LftahAaAAAAALSv4DObT44_PAtfCEoTJN1V-bEy&co=aHR0cDovL21vdWZlZC5jb206ODA.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=lujpl812iqem	36 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LftahAaAAAAALSv4DObT44_PAtfCEoTJN1V-bEy&co=aHR0cDovL21vdWZlZC5jb206ODA.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=lujpl812iqem IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 8fea1562092c3bb9111f353a676b7584 517781b7e77963bbf2706cef2df955131ea33b34 f256c7aeda45bddbd947c103709020a92b5ef59cc9196b08e1f49daaa21266e2 Loading...

	moufed.com/	4.7 kB	2023-03-07	2023-03-17
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:22:47 Last Seen2023-03-17 12:34:09 Times Seen1 Hash dc3cb8a8085d9cea0f9b9646b4788a70 ec0c03145141f30b6fea9efd011ad7b820b8861c 8aad5bf97455a2fb2f28d7dabe420fc855b379bb8c4b4594a8a69f99067ac8a2 Loading...

	moufed.com/	95 B	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash c133d153ae9b2d25e2342490e7a67c01 5a7a7864642fb90707a8c10cb443f96b5005cd70 4b0175da3473c87d3b35feff5a1839299e6e03f1d18dadd354d323ebd1f69a83 Loading...

	moufed.com/	475 B	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash e3a4fd0cb8969928f9a2d4b573facc62 4105b92ea2470368911bb6964d1c4d6e022da3ff 293bf0e10993b86b7ceb38a5f6112b1258226242c3319844140611821ef9b9b4 Loading...

	g.ezodn.com/cmp/v2/cmp.js?v=72	356 kB	2023-03-13	2023-03-13
Pretty URL g.ezodn.com/cmp/v2/cmp.js?v=72 IP 172.64.167.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:06:12 Last Seen2023-03-13 18:38:44 Times Seen1 Hash 91847ba6796d9d4351a6d25e4daab46e 718b8444faaf452a9ae8ae680dc5041109113748 205b52beeac2a7239627bdebdd465d664f7399626463e8928f3881b1dba0ef36 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:02:57 Last Seen2023-03-13 15:37:41 Times Seen1 Hash a1dd36c7e009478663c7566f99842331 c8c525f28c3c365989810c70ed2fc201028feb49 798d033ebf2fad984eed199fbcaf69b408342f8cf4b074c8935105062e444f0e Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LftahAaAAAAALSv4DObT44_PAtfCEoTJN1V-bEy	178 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LftahAaAAAAALSv4DObT44_PAtfCEoTJN1V-bEy IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash ac4e343b8061f3dc5e9a48600f9a2a84 c43221a08648630207eca1cfca15c8ff3e4558ee 9191a95dad2cf9ff73756d4b38b3f039b708883cfee5460e1595faf5b05e7509 Loading...

	privacy.ezodn.com/tcf2_stub.js	1.4 kB	2023-03-13	2023-03-29
Pretty URL privacy.ezodn.com/tcf2_stub.js IP 172.64.167.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:22:39 Last Seen2023-03-29 23:54:36 Times Seen28 Hash 851096c229ed2233115b18941a9381e1 b52ac838639fe8be1f9ea8a0a0655d2dfe851dc2 925beb768cc9209c0f4de784f15d6c1dde72232c5b457cb186fdea749d07eae8 Loading...

	moufed.com/	158 B	2023-03-08	2023-08-31
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:56:16 Last Seen2023-08-31 02:46:51 Times Seen11 Hash 2f1f337a4ffb66a4e77f546c5458166c 10a63e1faee126920758379534cb94d79407164e d7b5a0fb26ce0434c3387ed7720367c95ec244f05a901dddafdb289537909bef Loading...

	moufed.com/	866 B	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 760d92a30dfcec36bb6e7b78608058a8 a57fbeeba24162f9454b146db433959c32f91c3e 1b3dab9b08e588e3fe07d93b40cda8d808f957bb2d123ef9495ad389ba25e20b Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LftahAaAAAAALSv4DObT44_PAtfCEoTJN1V-bEy&co=aHR0cDovL21vdWZlZC5jb206ODA.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=lujpl812iqem	69 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LftahAaAAAAALSv4DObT44_PAtfCEoTJN1V-bEy&co=aHR0cDovL21vdWZlZC5jb206ODA.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=normal&cb=lujpl812iqem IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 13:15:29 Times Seen99480 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	moufed.com/	17 B	2023-03-07	2023-12-09
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:39 Last Seen2023-12-09 21:56:02 Times Seen306 Hash 81a6197e82ed6674ed12cb2cc12ffdcf 6831aefdc2a7a3b0082665e6564b7f4e1473dee3 55d6e68cddb41293bb8ff1b6ea547be7819ebd29075ddaf30659aef8fc54a52c Loading...

	moufed.com/	214 B	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 22f5983423667ab5c0d931cb839ca849 2e496f91b8140df463e40cf59b99f91e7904db3d 657e35ee3a2427c275b67bf767df0b2b4862d88282e82de44b659ff2230e2c6c Loading...

	moufed.com/	3.2 kB	2023-03-13	2023-03-13
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 11:50:48 Times Seen1 Hash 3fe1b4ead921c6009b96730747c20f52 5b1ac24c7a40b7d10c6285fa475d5612d39606fd 607f734f1e9b076ec79884577014f611fd15e62b270c6c3f9bef97892f5e408f Loading...

	moufed.com/	19 B	2023-03-07	2024-04-24
Pretty URL moufed.com/ IP 18.158.98.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:55 Last Seen2024-04-24 17:29:34 Times Seen723 Hash 7712820779763b8bdcaee9139164ac9a 48dce47aafe3335ccfee2eae544fcec9f0c24384 8fa0587e1fc49914844eb62c45e9878b1064f6c6f98e67a4fbf83adfcb547c2b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 703b9b4ee324ed5bea800395d6e7b778	64 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 703b9b4ee324ed5bea800395d6e7b778 d9dbc963793c903a99ad1184d4a8c8b76f00a92b ac3659fff3d443c469cac8e740b2ebacc39f1260da426918c1fedd90dea242fd Loading...

	#2 Eval - 459ec9cfee68d036557a8679627d303d	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 459ec9cfee68d036557a8679627d303d 25b45ef0c0ea6e24c150ab10bec3eac40902795a b004954a8ae3697a3df5d38a4d92354a8918e637c53204ae3cf8f6ade91de69f Loading...

	#3 Eval - f36e4d0961d40ef71e8bd20ba0f929fe	16 kB	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash f36e4d0961d40ef71e8bd20ba0f929fe cae72965339f0db453f17b1831fad21b4cb08360 e1a4bc1babc09967a368fe423660be9c79500204b341c68b432adb9ee56baa3b Loading...

	#4 Eval - a94e1b3944ece2d56d0bc7a1233e9d4b	20 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:50:48 Last Seen2023-03-13 18:54:52 Times Seen1 Hash a94e1b3944ece2d56d0bc7a1233e9d4b 1ddfb7ad31fc103e312eae921c0a024dad2178ac 250a4cf2dc1712aad4fc85bced7e61d09aa78dad44435f0ef523325574146c95 Loading...

	#5 Eval - 6a3c1e3a120be4e035e322c68dd503f9	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 6a3c1e3a120be4e035e322c68dd503f9 a5e4b5e2582288db30e3e8a309e79dd3bc30df9b f00c4fa0123db2791dc34da467be1797fe727652a37bcd967753739158deed2d Loading...

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5678
Expires: Mon, 30 Jan 2023 01:59:59 GMT
Date: Mon, 30 Jan 2023 00:25:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Mon, 30 Jan 2023 01:55:08 GMT
Date: Mon, 30 Jan 2023 00:25:21 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 23:43:10 GMT
content-type: application/json
age: 2531
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7236
Expires: Mon, 30 Jan 2023 02:25:57 GMT
Date: Mon, 30 Jan 2023 00:25:21 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RXKIzradqMRpPAdHhgO5dcPEW74baxg4kFzSG/f/5y+y0RowCVjXdOb37PtllXCtgPcgOIBC35s=
x-amz-request-id: RCQGME9CPSBBPGJS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 23:50:31 GMT
age: 2090
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:25:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

moufed.com/

18.158.98.109

200 OK

12 kB

URL HTTP/1.1
moufed.com/
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19966)
Size
12 kB (11461 bytes)
Hash
2a2ea9547e9576d4eea39f7d9eb5d18c
21d25044313e72e5975bcfe6b36958e427ab369a
88b76b142f1ad346a391e0d9a77d5dbc4aef7a302381e53d07925e80f78079dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 00:25:21 GMT
Display: orig_site_sol
Expires: Sun, 29 Jan 2023 00:25:21 GMT
Pagespeed: off
Response: 200
Server: Captcha Server
Set-Cookie: ezoadgid_191806=-1; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 00:55:21 UTC
ezoref_191806=; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 02:25:21 UTC
ezoab_191806=mod98; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 02:25:21 UTC
lp_191806=http://moufed.com/; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 00:55:21 UTC
ezovuuidtime_191806=1675038321; Path=/; Domain=moufed.com; Expires=Wed, 01 Feb 2023 00:25:21 UTC
ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 00:55:21 UTC
ezopvc_191806=1; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 00:55:21 UTC
ezCMPCCS=false; Path=/; Domain=moufed.com; Expires=Tue, 30 Jan 2024 00:25:21 GMT
Vary: Accept-Encoding
X-Ez-Proxy-Out: true 2.3
X-Middleton-Display: orig_site_sol
X-Middleton-Response: 200
X-Powered-By: PHP/7.2.34
X-Sol: orig
X-Turbo-Charged-By: LiteSpeed
Transfer-Encoding: chunked

moufed.com/utilcave_com/inc/ezcl.webp?cb=4

18.158.98.109

200 OK

1.3 kB

URL HTTP/1.1
moufed.com/utilcave_com/inc/ezcl.webp?cb=4
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1337), with no line terminators
Size
1.3 kB (1337 bytes)
Hash
96d6db4ca44de0d8668f201f874a21cd
be179af8cd8fab3a430698876efb29ad165c869e
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /utilcave_com/inc/ezcl.webp?cb=4 HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://moufed.com/
Cookie: ezoadgid_191806=-1; ezoref_191806=; ezoab_191806=mod98; lp_191806=http://moufed.com/; ezovuuidtime_191806=1675038321; ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; ezopvc_191806=1; ezCMPCCS=false

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 00:25:21 GMT
Display: staticcontent_sol
Server: Apache/2.4.39 (Ubuntu)
Set-Cookie: ezoab_191806=mod98; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 02:25:21 UTC
ezoadgid_191806=-1; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 00:55:21 UTC
ezoref_191806=; Path=/; Domain=moufed.com; Expires=Mon, 30 Jan 2023 02:25:21 UTC
Vary: Accept-Encoding
X-Middleton-Display: staticcontent_sol
X-Sol: middleton
Content-Length: 1337

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2995
Cache-Control: max-age=98020
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:25:21 GMT
Etag: "63d5dea2-118"
Expires: Tue, 31 Jan 2023 03:39:01 GMT
Last-Modified: Sun, 29 Jan 2023 02:49:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2995
Cache-Control: max-age=98020
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:25:21 GMT
Etag: "63d5dea2-118"
Expires: Tue, 31 Jan 2023 03:39:01 GMT
Last-Modified: Sun, 29 Jan 2023 02:49:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

moufed.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-23y13-4y17-5y1e-4y23-3y31-4&cmbcb=121&sj=x04x02x06x07x19x0bx0dx13x17x1ex23x31&abt=LargeAdOptimization

18.158.98.109

200 OK

19 kB

URL HTTP/1.1
moufed.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-23y13-4y17-5y1e-4y23-3y31-4&cmbcb=121&sj=x04x02x06x07x19x0bx0dx13x17x1ex23x31&abt=LargeAdOptimization
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (25651)
Size
19 kB (18816 bytes)
Hash
4c1ea55fda4a8bc95d521a25916c758c
510393e602db747c5634670cbeedab664d4d34c5
7e5b140ead20e325c1dbd3da737bd45c0f36e02dd77f1a96c4dfad43d37430e7

HTTP Headers

GET /detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-23y13-4y17-5y1e-4y23-3y31-4&cmbcb=121&sj=x04x02x06x07x19x0bx0dx13x17x1ex23x31&abt=LargeAdOptimization HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://moufed.com/
Cookie: ezoadgid_191806=-1; ezoref_191806=; ezoab_191806=mod98; lp_191806=http://moufed.com/; ezovuuidtime_191806=1675038321; ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; ezopvc_191806=1; ezCMPCCS=false

HTTP/1.1 200 OK
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 00:25:21 GMT
Server: Apache/2.4.39 (Ubuntu)
Vary: Accept-Encoding
X-Middleton-Display: sol-js
X-Robots-Tag: noindex
Transfer-Encoding: chunked

www.google.com/recaptcha/api.js

216.58.211.4

200 OK

556 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
556 B (556 bytes)
Hash
f678bcfbe98b4039961065c12543bfd0
31a000bba532f910d036c24c795ef3636450e4c3
1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://moufed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 30 Jan 2023 00:25:21 GMT
date: Mon, 30 Jan 2023 00:25:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

moufed.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22NO%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A191806%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%229ddb37a5-bb62-4b4f-5ebc-581abd8a831b%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A1514%2C%22response_time_orig%22%3A317%2C%22serverid%22%3A%223.66.198.35%3A28052%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1675038321%2C%22template_id%22%3A126%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Fmoufed.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A85%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1

18.158.98.109

200 OK

43 B

URL HTTP/1.1
moufed.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22NO%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A191806%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%229ddb37a5-bb62-4b4f-5ebc-581abd8a831b%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A1514%2C%22response_time_orig%22%3A317%2C%22serverid%22%3A%223.66.198.35%3A28052%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1675038321%2C%22template_id%22%3A126%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Fmoufed.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A85%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

POST /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22NO%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A191806%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%229ddb37a5-bb62-4b4f-5ebc-581abd8a831b%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A1514%2C%22response_time_orig%22%3A317%2C%22serverid%22%3A%223.66.198.35%3A28052%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1675038321%2C%22template_id%22%3A126%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Fmoufed.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A85%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1 HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://moufed.com
Connection: keep-alive
Referer: http://moufed.com/
Cookie: ezoadgid_191806=-1; ezoref_191806=; ezoab_191806=mod98; lp_191806=http://moufed.com/; ezovuuidtime_191806=1675038321; ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; ezopvc_191806=1; ezCMPCCS=false
Content-Length: 0

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: HEAD, PUT, POST, GET, OPTIONS
Access-Control-Allow-Origin: http://moufed.com
Access-Control-Max-Age: 1728000
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 00:25:23 GMT
Expires: Sun, 29 Jan 2023 00:25:23 GMT
Vary: Accept-Encoding
X-Middleton-Display: imp_sol

moufed.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5&cmbcb=121&sj=x03x0cx18&abt=LargeAdOptimization

18.158.98.109

200 OK

10 kB

URL HTTP/1.1
moufed.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5&cmbcb=121&sj=x03x0cx18&abt=LargeAdOptimization
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (11780)
Size
10 kB (10202 bytes)
Hash
92c3263f135238699f887fe22031f0f2
940cb26bfdd26d9bca278d482cd8d71e42cc287d
7ec9a5560ff18d38c3d5f3b0d847b1a2aef07690f35ed56815d3ce523118458d

HTTP Headers

GET /detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5&cmbcb=121&sj=x03x0cx18&abt=LargeAdOptimization HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://moufed.com/
Cookie: ezoadgid_191806=-1; ezoref_191806=; ezoab_191806=mod98; lp_191806=http://moufed.com/; ezovuuidtime_191806=1675038321; ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; ezopvc_191806=1; ezCMPCCS=false

HTTP/1.1 200 OK
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 00:25:22 GMT
Server: Apache/2.4.39 (Ubuntu)
Vary: Accept-Encoding
X-Middleton-Display: sol-js
X-Robots-Tag: noindex
Transfer-Encoding: chunked

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 23:41:41 GMT
age: 2621
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:25:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=en&cmpv=2

172.64.166.2

200 OK

220 kB

URL HTTP/2
gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=en&cmpv=2
IP
172.64.166.2:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65514), with no line terminators
Size
220 kB (219693 bytes)
Hash
83bfd6a73610d13c3425a5cfdb627e3a
eb9b7246b226cdea3f54dae2d2eb581990ef2eff
3894a9dfd339a4165eeb7f3fe4e89bd9b76c43f5904ca1ab9b284aa3d2919ae1

HTTP Headers

GET /gvlcache/GVL?gvlSpecificationVersion=2&language=en&cmpv=2 HTTP/1.1
Host: gvl.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://moufed.com
Connection: keep-alive
Referer: http://moufed.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:25:22 GMT
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
gvlcache-hit: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3xgXMpXIpq34WLCOP5J7eZVfYhJoXe1PBN0%2B%2FB8FiNJ7npCf9QDahAHnB9kYwzmG1IUihwP7EscfFPcpllSsBHAfmCEuqAcWJLCW60H07osdyapp9Kp%2F0pJgub9SVj3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791611e8d95223ae-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:25:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3904
Expires: Mon, 30 Jan 2023 01:30:26 GMT
Date: Mon, 30 Jan 2023 00:25:22 GMT
Connection: keep-alive

push.services.mozilla.com/

54.214.111.16

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.214.111.16:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4WX5RVrtIZ//h9uhnHZlNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8Pi6mnl2mIX+2A7qxbOws90XCVY=

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 268639
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Mon, 30 Jan 2023 02:58:14 GMT
Date: Mon, 30 Jan 2023 00:25:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Mon, 30 Jan 2023 02:58:14 GMT
Date: Mon, 30 Jan 2023 00:25:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Mon, 30 Jan 2023 02:58:14 GMT
Date: Mon, 30 Jan 2023 00:25:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7223 bytes)
Hash
36ff8d0c9899da25e80edbb858b164de
3e2491c5465f3c427a11c32bdfee27767559bb3f
b060501c6d82e97bd4826a62b790d58cd9d7ece8e1590267bc9b48033f3ce9b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7223
x-amzn-requestid: b05a1db9-29e2-42d0-9eca-9a0f462c87c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3IHtpIAMFUkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e693-7e13d93143b5e666313a4b8f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y8z-TFrhe0-x-KHZd2pIVITumrB18bqIzK_vX9em0eEpt3U8i0sozA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:07 GMT
age: 9136
etag: "3e2491c5465f3c427a11c32bdfee27767559bb3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6646 bytes)
Hash
f49153c1aade8aa30bc6c84db4fa09d7
5cce4e085c87e7fbe82907694a36a91cc1bc9bfc
3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6646
x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRsHiaIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PXMbaFBZrgdsIRduRmCb8ALPII3zv7dTT4Ikn2B_Waxz3wLcp2giKQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:49:27 GMT
age: 74156
etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12507 bytes)
Hash
5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 9046
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8159 bytes)
Hash
f0729af7c574710c33356c8c3c7757d6
aec801b4158398d2d3222e7247532a1b0ba446e3
057d2ed0960c8d83dda10de975594b21ddeaaf8dcc07a106f3b3c121afb90e57

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8159
x-amzn-requestid: 52245e9a-4ea7-470c-ad88-1051471fc543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvBxGv2oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4920b-6b6d100e11edfa5307b67933;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:10:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qgh4eyT_OHA_N3vH7o37gjmjUpRyJMXzG3pyvKH8pnxjWxu8ykXIRw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:56:29 GMT
age: 73734
etag: "aec801b4158398d2d3222e7247532a1b0ba446e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 13146
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6927 bytes)
Hash
029e272400d7190359cd2eabbf418188
6300f72a4e44444fc9e4027fb47a85122650b0f2
ef353caae33db21140027a07d1bf3956c2476baaa69c12c1de3c369ac69b13dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6927
x-amzn-requestid: 6749dadd-1cbd-4e35-9dae-20337098eccf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGjtGWwoAMF87Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf847d-3c470030501c0e572e9f2560;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AZgJTalW0bIj3KeZYEB5vTy9yVErnDqk8EC2Si8WWFnOjzMiqc8mxw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:15:27 GMT
age: 7796
etag: "6300f72a4e44444fc9e4027fb47a85122650b0f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

moufed.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDEtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkZGIzN2E1LWJiNjItNGI0Zi01ZWJjLTU4MWFiZDhhODMxYiIsImRvbWFpbl9pZCI6IjE5MTgwNiIsInRfZXBvY2giOjE2NzUwMzgzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkZGIzN2E1LWJiNjItNGI0Zi01ZWJjLTU4MWFiZDhhODMxYiIsImRvbWFpbl9pZCI6IjE5MTgwNiIsInRfZXBvY2giOjE2NzUwMzgzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==

18.158.98.109

204 No Content

0 B

URL HTTP/1.1
moufed.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDEtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkZGIzN2E1LWJiNjItNGI0Zi01ZWJjLTU4MWFiZDhhODMxYiIsImRvbWFpbl9pZCI6IjE5MTgwNiIsInRfZXBvY2giOjE2NzUwMzgzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkZGIzN2E1LWJiNjItNGI0Zi01ZWJjLTU4MWFiZDhhODMxYiIsImRvbWFpbl9pZCI6IjE5MTgwNiIsInRfZXBvY2giOjE2NzUwMzgzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDEtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkZGIzN2E1LWJiNjItNGI0Zi01ZWJjLTU4MWFiZDhhODMxYiIsImRvbWFpbl9pZCI6IjE5MTgwNiIsInRfZXBvY2giOjE2NzUwMzgzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkZGIzN2E1LWJiNjItNGI0Zi01ZWJjLTU4MWFiZDhhODMxYiIsImRvbWFpbl9pZCI6IjE5MTgwNiIsInRfZXBvY2giOjE2NzUwMzgzMjEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ== HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://moufed.com
Connection: keep-alive
Referer: http://moufed.com/
Cookie: ezoadgid_191806=-1; ezoref_191806=; ezoab_191806=mod98; lp_191806=http://moufed.com/; ezovuuidtime_191806=1675038321; ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; ezopvc_191806=1; ezCMPCCS=false
Content-Length: 0

HTTP/1.1 204 No Content
Access-Control-Allow-Origin: http://moufed.com
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Date: Mon, 30 Jan 2023 00:25:30 GMT
Expires: Sun, 29 Jan 2023 00:25:30 GMT
Vary: Accept-Encoding
X-Middleton-Display: ezp_sol

moufed.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIyNyJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNDUzIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjI1MyJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjI1NyJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMjA1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI3NDUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxMjgweDkzOSJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTIwMTkyMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjEyMDE5MjAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiOTM5In1dfV0=

18.158.98.109

204 No Content

0 B

URL HTTP/1.1
moufed.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIyNyJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNDUzIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjI1MyJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjI1NyJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMjA1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI3NDUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxMjgweDkzOSJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTIwMTkyMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjEyMDE5MjAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiOTM5In1dfV0=
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIyNyJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNDUzIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjI1MyJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjI1NyJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMjA1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWRkYjM3YTUtYmI2Mi00YjRmLTVlYmMtNTgxYWJkOGE4MzFiIiwiZG9tYWluX2lkIjoiMTkxODA2IiwidF9lcG9jaCI6MTY3NTAzODMyMSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI3NDUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxMjgweDkzOSJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTIwMTkyMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjEyMDE5MjAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiOTM5In1dfV0= HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://moufed.com
Connection: keep-alive
Referer: http://moufed.com/
Cookie: ezoadgid_191806=-1; ezoref_191806=; ezoab_191806=mod98; lp_191806=http://moufed.com/; ezovuuidtime_191806=1675038321; ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; ezopvc_191806=1; ezCMPCCS=false
Content-Length: 0

HTTP/1.1 204 No Content
Access-Control-Allow-Origin: http://moufed.com
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Date: Mon, 30 Jan 2023 00:25:29 GMT
Expires: Sun, 29 Jan 2023 00:25:29 GMT
Vary: Accept-Encoding
X-Middleton-Display: ezp_sol

18.158.98.109

204 No Content

0 B

URL HTTP/1.1
moufed.com/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNjc1MDM4MzM5ODQ3In1dfV0=
IP
18.158.98.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZGRiMzdhNS1iYjYyLTRiNGYtNWViYy01ODFhYmQ4YTgzMWIiLCJkb21haW5faWQiOiIxOTE4MDYiLCJ0X2Vwb2NoIjoxNjc1MDM4MzIxLCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNjc1MDM4MzM5ODQ3In1dfV0= HTTP/1.1
Host: moufed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://moufed.com
Connection: keep-alive
Referer: http://moufed.com/
Cookie: ezoadgid_191806=-1; ezoref_191806=; ezoab_191806=mod98; lp_191806=http://moufed.com/; ezovuuidtime_191806=1675038321; ezovuuid_191806=0642b151-91cc-40bc-6ecc-21baf0cd970e; ezopvc_191806=1; ezCMPCCS=false
Content-Length: 0

HTTP/1.1 204 No Content
Access-Control-Allow-Origin: http://moufed.com
Cache-Control: private, max-age=0, must-revalidate, no-cache, no-store
Date: Mon, 30 Jan 2023 00:25:30 GMT
Expires: Sun, 29 Jan 2023 00:25:30 GMT
Vary: Accept-Encoding
X-Middleton-Display: ezp_sol

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://moufed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:25:21 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 23148658
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791611e76f95b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

privacy.ezodn.com/tcf2_stub.js

172.64.167.2

200 OK

0 B

URL HTTP/2
privacy.ezodn.com/tcf2_stub.js
IP
172.64.167.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tcf2_stub.js HTTP/1.1
Host: privacy.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://moufed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:25:21 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC4hChfbk1W7mWURC9ruHm45eT6%2FSm8tZAW%2BpvwX3BwzxrsEtP%2BUyhFKf75uiTbjjyK3xRcN8teKKBQrC288jolyGQoikihX3S8BiPhlSLf6LQ0i9nNSr2jQNjFaNihgeCMdeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791611e7598288a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ezodn.com/detroitchicago/consentsettings.js?cb=2

172.64.167.2

200 OK

0 B

URL HTTP/2
ezodn.com/detroitchicago/consentsettings.js?cb=2
IP
172.64.167.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /detroitchicago/consentsettings.js?cb=2 HTTP/1.1
Host: ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://moufed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:25:21 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
etag: W/"5be-5d82b97e3f1b8;5d82b97e3f1b8-gzip"
last-modified: Thu, 17 Feb 2022 00:10:27 GMT
vary: Accept-Encoding, Accept-Encoding
x-robots-tag: noindex
cf-cache-status: HIT
age: 29897611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B9kwZ2hMY19balj%2Bz9eQvYGZa1oxiBM3wqSH0ebrLyaYnOHvkqB9RC6J0c%2Buhf1l2fhI0IZF87PxZ%2B%2BRXPAtXhNFhtHXBZCV07G6FtfjQSsoEGhLeaEc8rPvPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791611e789a888a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

g.ezodn.com/cmp/v2/cmp.js?v=72

172.64.167.2

200 OK

0 B

URL HTTP/2
g.ezodn.com/cmp/v2/cmp.js?v=72
IP
172.64.167.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cmp/v2/cmp.js?v=72 HTTP/1.1
Host: g.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://moufed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:25:21 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
last-modified: Mon, 23 Jan 2023 22:37:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 475859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7L7dOG%2FKzDIyuumvNpZSzcYUh68P8k21zEBYt0D%2B67xIoAswPCmaRmglEPMhocQHnQM6J4mJWApV5qQviIN3kh4N5eHnR8SF8uxCqcupOfX1uTa70JlFJyyAjS2P9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791611e779a388a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML