Submitted URL: http://moonsighting.com/
Effective URL: https://moonsighting.com/
Submission: On March 07 via manual from IN

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 27 HTTP transactions.
The main IP is 2606:4700:30::681b:bdef, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is moonsighting.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 26th 2018. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
12 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 206.123.119.74 30496 (AS-TIERP-...)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.36.123.135 16276 (OVH)
1 52.1.22.171 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 10
Domain
Subdomains
Transfer
13 moonsighting.com
136 KB
4 googlesyndication.com
176 KB
3 9cd47096ab1495d8d3b18667f6a52b9c.com
4 KB
2 doubleclick.net
0 B
2 google.com
4 KB
1 googletagservices.com
27 KB
1 google.de
171 B
1 easycounter.com
509 B
1 moonmodule.com
6 KB
27 9
Domain Requested by
13 moonsighting.com 1 redirects moonsighting.com
4 pagead2.googlesyndication.com moonsighting.com
pagead2.googlesyndication.com
3 geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com moonsighting.com
geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.easycounter.com moonsighting.com
1 www.google.com moonsighting.com
1 www.moonmodule.com moonsighting.com
27 10
Subject / Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2018-11-26 -
2019-11-26
a year
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
www.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com
Let's Encrypt Authority X3
2019-02-02 -
2019-05-03
3 months
easycounter.com
Let's Encrypt Authority X3
2019-01-28 -
2019-04-28
3 months
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Web
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Web
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://moonsighting.com/
  • https://moonsighting.com/
8 KB
3 KB
Document
General
Full URL
https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17746bad01842aa8550e40ef1a6904fc797f97f9e394f25bf7bf833d6d451574

Request headers

:method
GET
:authority
moonsighting.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 07 Mar 2019 14:54:22 GMT
content-type
text/html
set-cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462; expires=Fri, 06-Mar-20 14:54:22 GMT; path=/; domain=.moonsighting.com; HttpOnly; Secure
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b3d677bec2f647b-FRA
content-encoding
br

Redirect headers

Date
Thu, 07 Mar 2019 14:54:22 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 07 Mar 2019 15:54:22 GMT
Location
https://moonsighting.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4b3d677b98b79732-FRA
Adblocked adsbygoogle.js
pagead2.googlesyndication.com/pagead/js
82 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
8b3594bdabcf85727c03a90ec87d5d436ecc3416a2be91ab269214943f49664b
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
31481
x-xss-protection
1; mode=block
server
cafe
etag
15158222760801288001
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Mar 2019 14:54:22 GMT
header.js
242 B
344 B
Script
General
Full URL
https://moonsighting.com/header.js
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
814bd22eced06e3a0631f91be6e2279f5a5e9a6641c42d8528105de8c6f2eaf0

Request headers

:path
/header.js
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 14 May 2018 19:29:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
4b3d677f1f78647b-FRA
expires
Fri, 08 Mar 2019 14:54:23 GMT
moonsightingmenu.js
6 KB
2 KB
Script
General
Full URL
https://moonsighting.com/moonsightingmenu.js
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
697635a40c435322608bea4923745c79e456d9e5167c5df2810fa8fa171bc466

Request headers

:path
/moonsightingmenu.js
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Mar 2019 19:56:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
4b3d677f1f79647b-FRA
expires
Fri, 08 Mar 2019 14:54:23 GMT
mmenu.js
31 KB
10 KB
Script
General
Full URL
https://moonsighting.com/mmenu.js
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c80e408a86158019c6ae73b9c785d60eec200d0abf0b9ee97969d6846421050

Request headers

:path
/mmenu.js
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 09 Mar 2018 21:15:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
4b3d677f1f7a647b-FRA
expires
Fri, 08 Mar 2019 14:54:23 GMT
white-space.jpg
/images
338 B
436 B
Image
General
Full URL
https://moonsighting.com/images/white-space.jpg
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ecf3087d7f14eaece221715dfc8912bef01254bf74ed51bf8ae64508054a16

Request headers

:path
/images/white-space.jpg
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Nov 2017 16:56:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4b3d677f1f7c647b-FRA
content-length
338
expires
Fri, 08 Mar 2019 14:54:23 GMT
donate12.gif
/images
4 KB
4 KB
Image
General
Full URL
https://moonsighting.com/images/donate12.gif
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2aa2b6b0dfc7c2bad4d1e95c5e5fb88a653988d0a374fb5ced26a2f504c8cbc

Request headers

:path
/images/donate12.gif
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 Jun 2016 04:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4b3d677f2f8c647b-FRA
content-length
3896
expires
Fri, 08 Mar 2019 14:54:23 GMT
logo-large2010.jpg
/images
9 KB
9 KB
Image
General
Full URL
https://moonsighting.com/images/logo-large2010.jpg
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacc35c66a319573b85625819e1124ce7ebfe85d9e4207378fc061df9c31f1c

Request headers

:path
/images/logo-large2010.jpg
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 May 2012 04:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4b3d677f2f8d647b-FRA
content-length
9629
expires
Fri, 08 Mar 2019 14:54:23 GMT
hn.gif
www.moonmodule.com/cs/dm
5 KB
6 KB
Image
General
Full URL
http://www.moonmodule.com/cs/dm/hn.gif
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
HTTP/1.1
Server
206.123.119.74 Orlando, United States, ASN30496 (AS-TIERP-30496 - TierPoint, LLC, US),
Reverse DNS
wasatch.directrouter.com
Software
LiteSpeed /
Resource Hash
a6db2d683d98192f0d8fd499c3385426fa10a4369c11588069bfe3ecaa4d424e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 14:54:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:00:07 GMT
Server
LiteSpeed
Content-Type
image/gif
Cache-Control
max-age=3600, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5615
Expires
Thu, 07 Mar 2019 15:54:22 GMT
Logo_40wht.gif
www.google.com/logos
4 KB
4 KB
Image
General
Full URL
https://www.google.com/logos/Logo_40wht.gif
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
40251830579c42f6d3ea03af4993d31ff649571886bb53d837d68a5e084b5d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Dec 2016 01:00:57 GMT
server
sffe
content-type
image/gif
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
3845
x-xss-protection
1; mode=block
expires
Thu, 07 Mar 2019 14:54:22 GMT
1440rjb_3-7-2019.gif
/visibilitycurves
65 KB
66 KB
Image
General
Full URL
https://moonsighting.com/visibilitycurves/1440rjb_3-7-2019.gif
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59869306bbe7570666f959afd4c83adf92ddeabbc723b2961330874bd1a37374

Request headers

:path
/visibilitycurves/1440rjb_3-7-2019.gif
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 08 May 2018 02:09:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4b3d677f2f8e647b-FRA
content-length
66917
expires
Fri, 08 Mar 2019 14:54:23 GMT
hope-not-hate.gif
/images/banners
31 KB
31 KB
Image
General
Full URL
https://moonsighting.com/images/banners/hope-not-hate.gif
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8ee57cb5362dc46fd3485f5df5231d158a1b73567085f1583144ce0ffb95d7

Request headers

:path
/images/banners/hope-not-hate.gif
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 29 May 2017 07:01:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4b3d677f2f8f647b-FRA
content-length
31668
expires
Fri, 08 Mar 2019 14:54:23 GMT
Adblocked geomap.js?compte=308874662588
geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com/private
11 KB
4 KB
Script
General
Full URL
https://geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com/private/geomap.js?compte=308874662588
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.123.135 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102048.ip-54-36-123.eu
Software
Apache / PHP/5.4.16
Resource Hash
405f99dcf1833070cd72a0e56e815bc1a46a1acc61d8a658721d89b20a5731d4
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Mar 2019 14:54:22 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding,User-Agent
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
3914
Expires
Tue, 9 May 2000 11:11:11 GMT
muslimteez.gif
/images/banners
7 KB
7 KB
Image
General
Full URL
https://moonsighting.com/images/banners/muslimteez.gif
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af29f9055ea53a12148d610a7b805e3d3a41fd42ca499ba4572ee0ee46c2ed62

Request headers

:path
/images/banners/muslimteez.gif
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 29 May 2006 04:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4b3d677f2f90647b-FRA
content-length
6811
expires
Fri, 08 Mar 2019 14:54:23 GMT
Adblocked counter.php?moonsighting1
www.easycounter.com
231 B
509 B
Image
General
Full URL
https://www.easycounter.com/counter.php?moonsighting1
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.22.171 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-22-171.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
54801eeeeb6068f98a29a4b246f14b0716f5fa50c0c394a931e67b2e2fbf7f42
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 14:54:23 GMT
Last-Modified
Thu, 07 Mar 2019 14:54:23 +0000
Server
nginx/1.14.2
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
Adblocked integrator.js?domain=moonsighting.com
adservice.google.de/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=moonsighting.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
Adblocked integrator.js?domain=moonsighting.com
adservice.google.com/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=moonsighting.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
104
x-xss-protection
1; mode=block
Adblocked show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190304/r20190131
196 KB
73 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190304/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
736bb7b157bdb2ffd258e9d8efbcf3106894b23d27ad86fb6d9c460b621251a4
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
74273
x-xss-protection
1; mode=block
server
cafe
etag
13486362083099496509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Mar 2019 14:54:22 GMT
Adblocked show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190304/r20190131
196 KB
73 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190304/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
736bb7b157bdb2ffd258e9d8efbcf3106894b23d27ad86fb6d9c460b621251a4
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
74273
x-xss-protection
1; mode=block
server
cafe
etag
13486362083099496509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Mar 2019 14:54:22 GMT
Adblocked ca-pub-1566246520237837.js
pagead2.googlesyndication.com/pub-config/r20160913
133 B
241 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1566246520237837.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 03:19:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:26:25 GMT
server
sffe
age
41696
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
1; mode=block
expires
Thu, 07 Mar 2019 15:19:26 GMT
Adblocked zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190304/r20190131
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190304/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190304/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://moonsighting.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://moonsighting.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 04 Mar 2019 14:42:22 GMT
expires
Mon, 18 Mar 2019 14:42:22 GMT
content-type
text/html; charset=UTF-8
etag
15457983066924787283
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6951
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
259920
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Adblocked ads?client=ca-pub-1566246520237837&output=html&adk=1812271804&adf=3025194257&lmt=1551970462&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&for...
googleads.g.doubleclick.net/pagead
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1566246520237837&output=html&adk=1812271804&adf=3025194257&lmt=1551970462&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmoonsighting.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1551970462613&bpp=13&bdt=47&fdt=51&idt=50&shv=r20190304&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6290521033213&frm=20&pv=2&ga_vid=1851395292.1551970463&ga_sid=1551970463&ga_hid=2121604597&ga_fc=0&iag=0&icsg=683&dssz=6&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=217932785&ifi=0&uci=0.cocwh66c8k4i&fsb=1&dtd=70
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190304/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1566246520237837&output=html&adk=1812271804&adf=3025194257&lmt=1551970462&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmoonsighting.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1551970462613&bpp=13&bdt=47&fdt=51&idt=50&shv=r20190304&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6290521033213&frm=20&pv=2&ga_vid=1851395292.1551970463&ga_sid=1551970463&ga_hid=2121604597&ga_fc=0&iag=0&icsg=683&dssz=6&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=217932785&ifi=0&uci=0.cocwh66c8k4i&fsb=1&dtd=70
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://moonsighting.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://moonsighting.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 07 Mar 2019 14:54:22 GMT
server
cafe
content-length
393
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 07-Mar-2019 15:09:22 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Thu, 07 Mar 2019 14:54:22 GMT
cache-control
private
Adblocked osd.js?cb=%2Fr20100101
www.googletagservices.com/activeview/js/current
77 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190304/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1551269762062339"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28006
x-xss-protection
1; mode=block
expires
Thu, 07 Mar 2019 14:54:22 GMT
moonsighting.css
23 KB
3 KB
Stylesheet
General
Full URL
https://moonsighting.com/moonsighting.css
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/header.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4574b3d28e966164f54bb0d4253393d6dc5484331aa22342e02d8cf99b95dc16

Request headers

:path
/moonsighting.css
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Jan 2019 14:43:47 GMT
server
cloudflare
cf-polished
status=cannot_optimize
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=86400
cf-bgj
minify
cf-ray
4b3d67822ad9647b-FRA
expires
Fri, 08 Mar 2019 14:54:23 GMT
tri.gif
/images
49 B
156 B
Image
General
Full URL
https://moonsighting.com/images/tri.gif
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:bdef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7585c63a168d0e6e4e3f6eb12799e4a27bd364d459860a95f2af8598fb9526d2

Request headers

:path
/images/tri.gif
pragma
no-cache
cookie
__cfduid=d11ead989f05f78f74b46e75ab52ede7d1551970462
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
moonsighting.com
referer
https://moonsighting.com/
:scheme
https
:method
GET
Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 14:54:24 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 May 2012 04:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4b3d67856eb9647b-FRA
content-length
49
expires
Fri, 08 Mar 2019 14:54:24 GMT
geomap_iframe_css_64.php?compte=308874662588&anim=1&bgskin=0&cbg=003366&dn=1&s=10&skin=0&tp=Today&ts=300x170&p=
geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com/private
0
0
Document
General
Full URL
https://geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com/private/geomap_iframe_css_64.php?compte=308874662588&anim=1&bgskin=0&cbg=003366&dn=1&s=10&skin=0&tp=Today&ts=300x170&p=
Requested by
Host: geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com
URL: https://geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com/private/geomap.js?compte=308874662588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.123.135 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102048.ip-54-36-123.eu
Software
Apache / PHP/5.4.16
Resource Hash

Request headers

Host
geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://moonsighting.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://moonsighting.com/

Response headers

Date
Thu, 07 Mar 2019 14:54:23 GMT
Server
Apache
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
20856
Connection
close
Content-Type
text/html; charset=UTF-8
Verified Adblocked %7CNULL
geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com/private/geoloc/pointeur.gif?%7C308874662588%7C%7C1200*1600%7Cmac+os+x%7Cen%7C24%7C1551970474%7C%7C%7Cchrome%7C67%7C%7CDE%7C50.102501%7C8.629900%7CFrankf...
43 B
257 B
Image
General
Full URL
https://geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com:4433/private/geoloc/pointeur.gif?|308874662588||1200*1600|mac+os+x|en|24|1551970474|||chrome|67||DE|50.102501|8.629900|Frankfurt+Am+Main||1551970462|geomap|-18000|1551970462|||https%3A//moonsighting.com/|NULL
Requested by
Host: moonsighting.com
URL: https://moonsighting.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.123.135 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102048.ip-54-36-123.eu
Software
lighttpd/1.4.47 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Verified resource
fancybox/2.1.5/blank.gif at cdnjs.com, project fancybox
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://moonsighting.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 14:54:23 GMT
Last-Modified
Tue, 04 Mar 2008 08:10:57 GMT
Server
lighttpd/1.4.47
Accept-Ranges
bytes
ETag
"1753750282"
Content-Length
43
Content-Type
image/gif

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://moonsighting.com/
  • https://moonsighting.com/

299 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| adsbygoogle object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| addmenu function| dumpmenus number| menunum number| menus object| _d number| timegap number| followspeed number| followrate number| suboffset_top number| suboffset_left string| effect object| style1 object| menu string| mt number| a object| menu1 object| menu2 object| menu3 object| menu4 object| menu5 object| menu6 object| menu7 object| menu8 object| menu9 object| _am undefined| oa object| im string| om number| flta number| omv object| imar number| cgm function| gmobj function| gmstyle function| spos function| gpos function| getMouseXY function| parseLink function| cHexColor function| stch function| fixForm function| SDiv function| close_el function| closeallmenus function| rep_img function| popdn function| dc function| getMenuByName function| getMenuItem function| sis function| fixb function| sm function| popup function| shl function| popi function| hl function| dmenu function| checs function| PlaceMenu function| setpos function| MScan function| mOL function| Minit number| Mtimer number| smc number| MLoaded number| ST number| mspu number| pu boolean| ns4 boolean| ns6 boolean| mac boolean| mac45 number| loadWait boolean| opera boolean| ns61 boolean| ie4 number| ta boolean| ie55 boolean| konq number| IEDtD object| mp number| oatop number| aleft number| oaleft number| osy number| oww number| owh number| frs number| fre number| nsmatch number| okpgms number| inDragMode number| closeFel object| hlarr number| hlcnt string| hll object| Mname object| parr object| SwapIM object| SoImG object| keyar number| keyarC number| keynum number| MenuHasFocus number| _OfM number| ParentMenu number| pf number| gmi number| ns6hif number| timo number| el number| nshl number| df number| ofrac string| omnu number| kmnu number| ac object| m number| sy number| sx number| ShM number| ww number| wh object| mr object| tmenu number| atop object| hlp string| eq number| z number| ns6c number| ns6w string| m18 string| iedf string| brd string| scrof number| dmleft number| x number| dlft number| b object| arg string| imgact string| hlnk string| subimg number| dwd string| pI string| omp string| ofc string| ofb string| onc string| onb string| ltarg string| lOnfunc string| lOffunc string| ltype string| lalign string| tfborc string| nborc string| fborc string| dragable string| simg string| bimg string| sbimg string| sbgc string| lt number| sp string| marw string| smO string| smC string| pd string| dragfunc number| rsp string| dw string| psp string| padd string| hms string| txt number| mbw string| bc number| dwid string| ims string| ti string| k2o string| _al string| tofc string| tofb string| tonc string| tonb string| soimg function| Oload number| ic number| m42 object| mn number| t_ number| l_ number| h_ number| w_ object| ml object| mlp number| tw object| th string| px object| gms number| xa object| tD string| mtxt object| mi object| gp number| ttop number| tleft object| ap object| aps object| tim object| imo object| imop object| imp number| imc number| imT number| imL string| compte string| platform string| name_browser string| version function| getCookieVal function| GetCookie function| EcrireCookieGeo number| nb_couleur number| browser string| resolution object| date_geoloc undefined| reg string| ref string| url string| page string| reg2 undefined| couleur_lib undefined| logo_lib undefined| compteur_lib undefined| categorie_lib undefined| defautgif string| md5 number| date_test string| outils2geomap8 string| bool_refresh object| tab_urlp number| datep function| refreshpiiiii function| detectFlash2 undefined| iversion string| uri84 function| geoclick function| popup84 function| chrome_flash_redraw string| base_url string| base_gmt object| geonb string| langue number| dateloc string| page_stat object| tab string| p_geomap8 object| geovisite_test_cookie_value string| id string| domain object| items

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
moonsighting.com/ Name: acceptcookie
Value: ok
.moonsighting.com/ Name: __cfduid
Value: d11ead989f05f78f74b46e75ab52ede7d1551970462

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

adservice.google.com
adservice.google.de
geoloc1.9cd47096ab1495d8d3b18667f6a52b9c.com
googleads.g.doubleclick.net
moonsighting.com
pagead2.googlesyndication.com
www.easycounter.com
www.google.com
www.googletagservices.com
www.moonmodule.com


206.123.119.74
2606:4700:30::681b:bcef
2606:4700:30::681b:bdef
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:815::2004
2a00:1450:4001:81a::2002
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
52.1.22.171
54.36.123.135

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
17746bad01842aa8550e40ef1a6904fc797f97f9e394f25bf7bf833d6d451574
1c8ee57cb5362dc46fd3485f5df5231d158a1b73567085f1583144ce0ffb95d7
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
2c80e408a86158019c6ae73b9c785d60eec200d0abf0b9ee97969d6846421050
40251830579c42f6d3ea03af4993d31ff649571886bb53d837d68a5e084b5d0e
405f99dcf1833070cd72a0e56e815bc1a46a1acc61d8a658721d89b20a5731d4
4574b3d28e966164f54bb0d4253393d6dc5484331aa22342e02d8cf99b95dc16
54801eeeeb6068f98a29a4b246f14b0716f5fa50c0c394a931e67b2e2fbf7f42
59869306bbe7570666f959afd4c83adf92ddeabbc723b2961330874bd1a37374
697635a40c435322608bea4923745c79e456d9e5167c5df2810fa8fa171bc466
736bb7b157bdb2ffd258e9d8efbcf3106894b23d27ad86fb6d9c460b621251a4
7585c63a168d0e6e4e3f6eb12799e4a27bd364d459860a95f2af8598fb9526d2
7dacc35c66a319573b85625819e1124ce7ebfe85d9e4207378fc061df9c31f1c
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
814bd22eced06e3a0631f91be6e2279f5a5e9a6641c42d8528105de8c6f2eaf0
8b3594bdabcf85727c03a90ec87d5d436ecc3416a2be91ab269214943f49664b
a6db2d683d98192f0d8fd499c3385426fa10a4369c11588069bfe3ecaa4d424e
af29f9055ea53a12148d610a7b805e3d3a41fd42ca499ba4572ee0ee46c2ed62
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d8ecf3087d7f14eaece221715dfc8912bef01254bf74ed51bf8ae64508054a16
f2aa2b6b0dfc7c2bad4d1e95c5e5fb88a653988d0a374fb5ced26a2f504c8cbc