mogulstates.com Open in urlscan Pro
2606:4700:3035::ac43:a4e3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.us-west-1.amazonaws.com/kdkjdhxfskdhjf/kdkjdhxfskdhjf.html#UC9ZRVdNTGRtc29ZMS9qdlNDMElkKzJFRUl6M1E4dG0zUnJQbHA4dlBsdkFEY...
Effective URL:
https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
Submission: On May 04 via api (May 4th 2022, 9:28:13 pm UTC) from BE — Scanned from US

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3035::ac43:a4e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mogulstates.com.
TLS certificate: Issued by E1 on March 21st 2022. Valid for: 3 months.

This is the only time mogulstates.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Weightloss Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	52.219.117.112 52.219.117.112	16509 (AMAZON-02) (AMAZON-02)
1 1	92.63.173.102 92.63.173.102	48635 (CLDIN-NL ...) (CLDIN-NL Total Webhosting Solutions TWS in)
1	185.147.127.208 185.147.127.208	49392 (ASBAXETN) (ASBAXETN)
1 1	2606:4700:303... 2606:4700:3035::6815:1809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2606:4700:303... 2606:4700:3035::ac43:a4e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:303... 2606:4700:3030::ac43:d1bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	13.225.64.251 13.225.64.251	16509 (AMAZON-02) (AMAZON-02)
2	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1 7	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3034::6815:22dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
58	13

1 52.219.117.112 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com

s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.173.102 (Netherlands) 1 redirects

ASN48635 (CLDIN-NL Total Webhosting Solutions TWS in, NL)
PTR: madnear.info

applefar.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.127.208 (Warsaw, Poland)

ASN49392 (ASBAXETN, RU)

weaveglasses.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:1809 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

combatcubes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:3035::ac43:a4e3 (United States)

ASN13335 (CLOUDFLARENET, US)

mogulstates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d1bf (United States)

ASN13335 (CLOUDFLARENET, US)

trk-tempore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.64.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-64-251.ewr53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.186.226.184 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::6815:22dd (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-tempore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	mogulstates.com mogulstates.com	1 MB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 973	2 KB
5	trk-tempore.com trk-tempore.com — Cisco Umbrella Rank: 71285 event.trk-tempore.com — Cisco Umbrella Rank: 197713	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	711 B
3	gstatic.com fonts.gstatic.com	47 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 658	558 B
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18066	6 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1364	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	113 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 936	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
1	combatcubes.com 1 redirects combatcubes.com	794 B
1	weaveglasses.com weaveglasses.com — Cisco Umbrella Rank: 460138	431 B
1	applefar.org.uk 1 redirects applefar.org.uk	375 B
1	amazonaws.com s3.us-west-1.amazonaws.com — Cisco Umbrella Rank: 10980	507 B
58	15

	Domain	Requested by
31	mogulstates.com	weaveglasses.com mogulstates.com
7	tr.snapchat.com	1 redirects sc-static.net mogulstates.com
4	event.trk-tempore.com	trk-tempore.com
3	www.facebook.com	mogulstates.com
3	fonts.gstatic.com	fonts.googleapis.com
2	pixel.tapad.com	2 redirects
2	a.mgid.com	mogulstates.com
2	sc-static.net	mogulstates.com tr.snapchat.com
2	connect.facebook.net	mogulstates.com connect.facebook.net
1	trk-tempore.com	mogulstates.com
1	code.jquery.com	mogulstates.com
1	fonts.googleapis.com	mogulstates.com
1	combatcubes.com	1 redirects
1	weaveglasses.com	s3.us-west-1.amazonaws.com
1	applefar.org.uk	1 redirects
1	s3.us-west-1.amazonaws.com
58	16

This site contains no links.

Subject Issuer	Validity	Valid
*.s3-us-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
weaveglasses.com R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.mogulstates.com E1	`2022-03-21` - `2022-06-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-08` - `2023-02-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-11` - `2022-05-12`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
Frame ID: 295A4C58A8D3F6BA8A68E63853B11281
Requests: 51 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Frame ID: 1E680AB7F488D08609B2C6DF186979F8
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 3DB1CD9FA2C19DB3480913EC1A2802CF
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 7002A885934B4D10DBAFD66199BF110A
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1651624243027&pnid=140&pcid=92433c3c-dae1-407d-a876-7c44a8b93da4
Frame ID: 860B1432408E6D8AB41D86F2128D6B26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

50lbs in 61 Days: New No-Exercise ‘Skinny Pill’ Melts Belly Fat. Why Every Judge On Shark Tank Backed This Product!

Page URL History Show full URLs

https://s3.us-west-1.amazonaws.com/kdkjdhxfskdhjf/kdkjdhxfskdhjf.html Page URL
http://applefar.org.uk/UC9ZRVdNTGRtc29ZMS9qdlNDMElkKzJFRUl6M1E4dG0zUnJQbHA4dlBsdkFEYlBMditSMDY3em5Q... HTTP 302
https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md Page URL
https://combatcubes.com/?s1=350753&s2=713015642&s3=1597&s10=1193&s4=1847 HTTP 302
https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

100 %
HTTPS

56 %
IPv6

15
Domains

16
Subdomains

13
IPs

4
Countries

1705 kB
Transfer

2382 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.us-west-1.amazonaws.com/kdkjdhxfskdhjf/kdkjdhxfskdhjf.html Page URL
http://applefar.org.uk/UC9ZRVdNTGRtc29ZMS9qdlNDMElkKzJFRUl6M1E4dG0zUnJQbHA4dlBsdkFEYlBMditSMDY3em5QaXF3TVQ4NU5rbnAzSWIzb3BJY2hHNzN5RXJneHRzOEJ4NGdWeWJhWFNzQzhKM0lxTEk9 HTTP 302
https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md Page URL
https://combatcubes.com/?s1=350753&s2=713015642&s3=1597&s10=1193&s4=1847 HTTP 302
https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://applefar.org.uk/UC9ZRVdNTGRtc29ZMS9qdlNDMElkKzJFRUl6M1E4dG0zUnJQbHA4dlBsdkFEYlBMditSMDY3em5QaXF3TVQ4NU5rbnAzSWIzb3BJY2hHNzN5RXJneHRzOEJ4NGdWeWJhWFNzQzhKM0lxTEk9 HTTP 302
https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md

Request Chain 51

https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1651699688211 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1651624243027%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1651624243027%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1651624243027&pnid=140&pcid=92433c3c-dae1-407d-a876-7c44a8b93da4

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK kdkjdhxfskdhjf.html
s3.us-west-1.amazonaws.com/kdkjdhxfskdhjf/ 151 B
507 B 436ms
135ms Document
text/html 52.219.117.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-west-1.amazonaws.com/kdkjdhxfskdhjf/kdkjdhxfskdhjf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.112 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 151
Content-Type: text/html
Date: Wed, 04 May 2022 21:28:04 GMT
ETag: "b5c8bd440b8754d8b401d4fb2cdc8f38"
Last-Modified: Wed, 04 May 2022 16:10:23 GMT
Server: AmazonS3
x-amz-id-2: kdy4bxALAoPrFQEr9fqUh+WBNXLFzZOg4T0LNHQe3TxqK1/lSFJXy1A+d6kE2n15XFwOqy8hptY=
x-amz-request-id: TRSM6YYXT4HBA46N

GET
H/1.1

200
OK

2804_6645_168_31222_md
weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/
Redirect Chain

http://applefar.org.uk/UC9ZRVdNTGRtc29ZMS9qdlNDMElkKzJFRUl6M1E4dG0zUnJQbHA4dlBsdkFEYlBMditSMDY3em5QaXF3TVQ4NU5rbnAzSWIzb3BJY2hHNzN5RXJneHRzOEJ4NGdWeWJhWFNzQzhKM0lxTEk9
https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md

135 B
431 B

1399ms
624ms

Document
text/html

185.147.127.208
ASBAXETN

General

Check archive.org

Show headers Download Go to

Full URL: https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md
Requested by: Host: s3.us-west-1.amazonaws.com
URL: https://s3.us-west-1.amazonaws.com/kdkjdhxfskdhjf/kdkjdhxfskdhjf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.147.127.208 Warsaw, Poland, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://s3.us-west-1.amazonaws.com/kdkjdhxfskdhjf/kdkjdhxfskdhjf.html#UC9ZRVdNTGRtc29ZMS9qdlNDMElkKzJFRUl6M1E4dG0zUnJQbHA4dlBsdkFEYlBMditSMDY3em5QaXF3TVQ4NU5rbnAzSWIzb3BJY2hHNzN5RXJneHRzOEJ4NGdWeWJhWFNzQzhKM0lxTEk9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 135
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 21:28:05 GMT
server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 163
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 May 2022 21:28:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33

GET
H2

200

Primary Request 628c43eba59959b85fd7ce56deb6bdd7 Show response
mogulstates.com/
Redirect Chain

https://combatcubes.com/?s1=350753&s2=713015642&s3=1597&s10=1193&s4=1847
https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

86 KB
17 KB

304ms
211ms

Document
text/html

2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Requested by

Host: weaveglasses.com
URL: https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b599030d119232d79b68f77962f2c6e83359749df541af945950351beb2e52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weaveglasses.com/0/2/3267/045e0406f44f42a7a34da48d1bdcd304/26/2552_2/2804_6645_168_31222_md
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70645300be4b030a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 21:28:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72EKM0O%2BCApi2wGz9Ryg5YnJ2iWDh%2FpHjH6p9NRK%2Bf0K43FinpVqpOfeNuuECdp6Ew9ETKK2Dy80G1%2FCDr9ir1wBPjuswxyaSKoLIAWuZ8bLTPFLYXGvgX17mf%2BABePb%2FwljaNraBKYGPYqmOEc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 706452fece668dfa-MIA
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 21:28:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A%2BhBsrxi1hh6CDrHLy5ibGCTTE%2BAFYjQAno1CEXNUHpM5EmTLT9d%2FbarDbQm4K2QA4V%2FEe1AVoZXbTfAEkhqZEQgN%2BHQ1jErG8Z2RWFZuqUM6Gygp7R9T4BKX4vALwjpAUW%2BalO6Fz4BDDmikg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 index2.css
mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/ 66 KB
12 KB 565ms
562ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/index2.css

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43fff2ba016b4edef9c902f806ebab91a4a3b61d7b82b3648b62e1338721537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/diet/foxnews-diet-v2-free-us/assets/index2.css"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0Ob1JwsbGiLRQ7hZ9Ypf8%2FmFqQr551CxgZVcijTYreomTLUlbFN31osI7ejLuOzDZbVPe50rdv7cl%2FDh6%2FpnWmwDVnzuuXqoYul36aMmss%2Fz0sIwVzZH%2Fq34eFIAEXT9zaeBGHxR9eLquIFVcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 706453046c3c030a-MIA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bootstrap.css
mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/ 141 KB
22 KB 442ms
439ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/bootstrap.css

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42cf8e770c88ea7ace06fa4362af60ff7aa2bc61844a10322327651dcd585360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/diet/foxnews-diet-v2-free-us/assets/bootstrap.css"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyf83wIilELAh4cYPpEEoS18uUE%2FXaEajCX2Dx0cqlwxiwtDJQxSROFD2ws%2BvADpc3j8BHp5U0m9uiY0z5y6dA8EYE%2B%2FXYxalnK5sCAsoX6whuVgFWWlSM1AbfD5NH6MQhm1XlktI6llcKwgJcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 706453046c40030a-MIA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 brandico2.css
mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/ 10 KB
2 KB 188ms
186ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/brandico2.css

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a371ec345898197d2f298aef0bd8689565e88fdfd8678471e52a7b10e7b653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/diet/foxnews-diet-v2-free-us/assets/brandico2.css"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynWcGpmSCIo6DJWhWZq8QnuS4pNuyeHnnRv82kUB3KEYXJWFNq69xinRMcnJTw4qDhTn3H2WSum5XDzsvZo0sXda%2F7vuIT%2Fgw0ah5O%2BMVnOuVq8RRroWuMcT%2Fy%2FwMgZEdKsiGGzkrVgzbYTy0q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 706453046c43030a-MIA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 232ms
82ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1f98ccf79d380deb41bb2c3a281390b81ccee0e182e47827847a15a4f8e9411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 20:31:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 21:28:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 21:28:07 GMT

GET
H2 200 utils.min.css
mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/ 0
390 B 319ms
316ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/09f3dba8e92be38552a9abcf1555fef1/utils.min.css

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/diet/foxnews-diet-v2-free-us/assets/utils.min.css"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60Ry%2B0%2BdqpznqFOCoY%2FsCojOY8ze%2BXGLzYbUdwWJ%2F9HvA25kpWNJ87gg3D%2B8sQI%2BNz8yBmNAJeWlToF1IlFb9pXJxPdkElfC03RtoMM2kgQx%2FygcAJ2%2BkU0tpqM03XkVc4n7rhjwbTzoywp1OGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 706453046c45030a-MIA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 msg.js Show response
mogulstates.com/inc/ 941 B
815 B 44ms
42ms Script
application/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/inc/msg.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543019
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 13:35:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdgCWy79rWCiHwFhZe3CVGh3g9GPFZYGUuQGPNS81PSYUVLl9Ns1OtaMwgTRpAzLtl1ETnE8u0225ve9XpYbaqL2bi8ygQ74Oi7uGpKJT5APg3Mlq5SREPdgjb9I%2BGxwSTFEZV2OVFetj6kWqV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 706453046c46030a-MIA
expires: Thu, 05 May 2022 14:37:48 GMT

GET
H2 200 fbcode1.js Show response
mogulstates.com/inc/ 2 KB
1 KB 48ms
46ms Script
application/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/inc/fbcode1.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 596584
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 23:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vspyZE5UwkVEAIMroOc29a1SeRfB5bLCeJ64m3qLUwqLphsaWbEEfOPbITbVgJ0p1uOM1gsUw3kLJ4KKyv2Kephm6g2xXVuntsQPohMZfDM6yvoMmS74ttMqaSz8rkObvtzTLCD6swwFnb7H2ZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 706453046c48030a-MIA
expires: Wed, 04 May 2022 23:45:03 GMT

GET
H3 200 879c2de0ad906b2ba0b50862d718bfd8.png
mogulstates.com/fim/1193/ 62 KB
63 KB 163ms
159ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/879c2de0ad906b2ba0b50862d718bfd8.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

363d9c1ea95c22f5acfa91816599219cc3dc5e54ba777ee3841d8a03b5179e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63575
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDaiuwpbP4hvUaN5571Sl%2F4wHDhPPvbDXhiLPXIXpY0GtTqdRjCTalkRrOAif3a%2BpLVAo4A%2B%2Bl4Bhr6dpC%2F%2FFklI0h1tutagovbUD7USFwxcLSDO5smZKfellM2zF7w7PDPONoaenKfbjZNrjeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: User-Agent,User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8333712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 8fc691e7e0cb426aeceb3d6f929ae1de.jpg
mogulstates.com/fim/1193/ 8 KB
8 KB 84ms
80ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/8fc691e7e0cb426aeceb3d6f929ae1de.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb9783874c9ff9adac5dc902c42a885a482f66985b674c6e6e6a41b432c414e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7830
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ss7afOF2na4%2BtU0MUZtSTFnSt4WnYK0LrMvuP5lCZndgeJwB2jR4RlTbiN7AJbv8SDA0%2Fpii7eye7B1OuvoGW01wW5O3D1rVyf5ggyC1VCltuufFHkjr02GSaA0kdiQdgDH4JrkJ9SwA9Gs4xTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8343712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 7ae9010f221ee3abd43d95473e5bac64.jpg
mogulstates.com/fim/1193/ 65 KB
65 KB 93ms
88ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/7ae9010f221ee3abd43d95473e5bac64.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d24768e8f2b98f53752f8767b070b64d060c3cb38e00dac701febab661e1b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66227
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfQkEeFZD0nnD1Rn3DN9ZZg3bVAL%2FlX5OnI9glsZQev2Ls6ZX85DsFJ1fbyldIRDx6%2FHpeT8NtVIThFtB81hNcFpOsxeDVD4Pb5RR0Znmu5zKdHMqgyj9fpqvMIM%2FMfFXXkpN1V%2B77GIfGv9ZOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8353712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 532b9eb342e1c9129f5a9d40e9284226.jpg
mogulstates.com/fim/1193/ 138 KB
139 KB 91ms
86ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/532b9eb342e1c9129f5a9d40e9284226.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

515ad9e110e185f90bd0aef59138c02bb4a7c0b316f982b5226feb511d57988f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 141516
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2HGenIp3fr2aTRb2M9yc3BEFbvB7Ol%2FmVLzK5fBtwfBzUdb0GV53RKpziFB2pVvro5A8ZO1ljc%2FbBivv8h4Ke5ZF6FaeRoMs4Y79ATfmVhHeuTKBSwqmokuQaL3bc71FUT4bi4mXeN%2FjqaGLQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8363712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 2989affe31cc5d16190381e58c8bb12e.png
mogulstates.com/fim/1193/ 82 KB
83 KB 237ms
233ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/2989affe31cc5d16190381e58c8bb12e.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0834f46d9f5139e8b7f8f5f09be31053c44e3caee6f11caec08480d1d328dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84062
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uwzn5VDFeQz2bzrNHERazdbU32X7REh5L9Mqu4EQ0HkEhDNh9%2FTT04Mai6gnw8JLPPDdQNgt179xr%2F4gidTHtPICdoSd%2FG5HgRIrgP3f2ePmLFHByr2TATRXqDCLzv1n7inos1ImNxwpEDfOk54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8383712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 2bd55115095eba210763744d381e03e8.png
mogulstates.com/fim/1193/ 126 KB
127 KB 231ms
226ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/2bd55115095eba210763744d381e03e8.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a35657b2c0f2eaa8e7d3da99d021492453979c35f5bd8d650eb177fc437dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 129114
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAn87IjiyYMsTJKoEeINOAEvTxlo%2FKuNxKE55KoMsJlHgO%2FJp7eBIeA%2FPzunfY8rquRkINipM5qAJNHq%2BYkdYnjrsmGD5qotkWvMvdAwoqHVNgcPdSKxXyH0dS1ewqeggOCpZqA7OSNCDNqLFjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: User-Agent,User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8393712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 c73edfd3151dc048af0d79e416f77521.jpg
mogulstates.com/fim/1193/ 150 KB
151 KB 197ms
192ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/c73edfd3151dc048af0d79e416f77521.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da26bddf8849eb8f4774bb82d77cc7f2e816779b1ae4373edf7dae5b6d54e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 153619
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ka%2FUGOvt%2BvfSWsMTbbcmdnEGs9FGGGiiowKchCJpZYumJ2hDGO3TevBwrsmjO7nT4KuTaGVJuAdFXd5bOm%2BiC3jJqNphdP3BrhS%2FjD%2FTL7%2BTu%2BuwOMGRpLc2WQFBg0DHdcxP9ZmIljCAjGZSyAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent,User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f83a3712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 c09185b4726372883ec41cc7cfdfaf79.png
mogulstates.com/fim/1193/ 67 KB
68 KB 301ms
297ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/c09185b4726372883ec41cc7cfdfaf79.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f0cf4d099f89bae2af62f3492d64d3bffb955f3396fa3746a05edd792d4925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68854
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1k3BKzdAcp%2BLGMlECGrND7ssXPxOxtGNPdZG16Ne%2FaQJ590VHcXDbpNC3PdOqRGkaVbmHzleENXRbBjQvRFYv684ktpP26%2BuKW1%2Bsq5P7ANPqp7ZZqrnf6j6VSeEsaE%2F9tZk6Q%2F3bXAHrBSrWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f83b3712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 2b58e08dc6e0255494181bcf5f690c34.jpg
mogulstates.com/fim/1193/ 17 KB
18 KB 306ms
301ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/2b58e08dc6e0255494181bcf5f690c34.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883979605c75b733eb6d6754cb6f115b10d295c3f041ac919c2d2f828f65237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17800
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x5bOoTmZ6zjLSwytEERzYAsSOplL4ysTmTp4iFeROM6FIlvDIXPY4K2l1diJfJgkLPFIiWQ597zHbXEDoDjTQbcq9Z6EintbSQ7LTua%2BPoAqJplCmLzTZIqPn%2FbgZpYGcHyBy%2FbYhIUnClAvco%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f83c3712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 ea1f1681a976cc72e75e86dcdb80bf76.png
mogulstates.com/fim/1193/ 334 B
965 B 306ms
302ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/ea1f1681a976cc72e75e86dcdb80bf76.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 334
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QH%2BzhyRMOOkfl5Z6ZJfN65iy6iKCW4ktp8jQ%2BgKMt0pg%2B8%2F%2Bza0DQmGZkijpRw3dAl4zP0FtzOM%2FqTzCpWsfkqzIV4RwZ7n8b13WCRywCv5gCzam%2BeAJ%2BqLTshJp%2BpTabUUpLIvzhILrNyrlcrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: User-Agent,User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f83f3712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 c502b8e5fe31a362a843afb32b395065.png
mogulstates.com/fim/1193/ 121 KB
121 KB 307ms
303ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/c502b8e5fe31a362a843afb32b395065.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f69f11aaae5238392bebf71202606a08d03a00c281aee99cb4ec0427a8ad3d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 123667
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTJbtAPubg%2FRegEQflnlvLBAo3o4QZSp7wD85DIRbcd8JToL46POA%2Fv3RFfegKnA0KrDsIPT6aRnajKOuK1c%2BsQLs%2FmfhmMjssIea4p0K3DQayEMZKYv9Cay1VJ%2BAnoWavUWs18TdwVxkMeoxrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8413712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 9ecb086fde8f3b8f442d862bd066155a.png
mogulstates.com/fim/1193/ 747 B
1 KB 315ms
310ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/9ecb086fde8f3b8f442d862bd066155a.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8526f89caa77931946ad6e066a3b76845d9b5f7c9b896eda7229f4320143336d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 747
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1REUtG8REW%2FgQ9MI31gzqfb4qUUclsZHndifB1Gu%2FciDyXqx4bMhn3F%2B6jX7TL5VCC7EcxxBruSYZG9nZTxNiz0QxXeFPNvYavvOY9uDaZ8A%2BhU3Jl4PxgQ%2BjPMxd7bLT47mITAymJwKxW5soY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8433712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 788b94a71104c135bfd5d221b0f86e1d.jpg
mogulstates.com/fim/1193/ 18 KB
19 KB 315ms
311ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/788b94a71104c135bfd5d221b0f86e1d.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18323
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7w6rBjJPwYhV5NlRojurfjsHohb9024YvDUHe2cZZKaKx1cv9iyU0FB8jEsvavU7vuCcbfy5FPCVCiRjyJTpLVspJMtKio%2B291yvGXpwWhs%2Fr8o62m2x8OSWVCmVJZO9zN64mrHBU25TZh3RFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8443712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 e363459af1e0c925ef979776e5eeaaaa.jpg
mogulstates.com/fim/1193/ 59 KB
59 KB 323ms
319ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/e363459af1e0c925ef979776e5eeaaaa.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d17710ec8fdd8345e06a46060c8c4cc0aea6624ab9cc4e1911e55da425d825d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60233
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGHb%2F3qD9Cq7FpBigGXK3NjUUly34j0Edv6zwkrLFH4yDNoNrjYvl2OBS0lzG7M3PtfHBjP6Rx8xrWKqQohOlT6N4Z8rXlJX4ynaIMIKbgneQ0j9ZPxFJda6layxZmMGc3NxoSgSd20%2BEuBaAdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8463712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 531a26380f69e5c32d490c48b06b44f7.jpg
mogulstates.com/fim/1193/ 416 KB
416 KB 335ms
330ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/531a26380f69e5c32d490c48b06b44f7.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e8642006a037d8288ac1cd9fda7908e8558951cc18c33fced06dfa4a04fd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 425744
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gNkwPGZ3DaUmMxrJGRAOPIVN7Fs3IVsW%2BEDC5NS0SFHV9J0K8PV48dHakG5n%2F7q1QAKYOhQ9LqoN3UbNimaFJIhj2Y45uMwDtvFmbY2XVpOkeUr%2FqvmVFXo51oXhMQs4acQbrfP%2BRjHZ%2F502ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent,User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8493712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 b3eaf600b8b188f2309c22aee368e8bd.jpg
mogulstates.com/fim/1193/ 51 KB
52 KB 362ms
357ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/b3eaf600b8b188f2309c22aee368e8bd.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6018f31e4190c0c7e9eeb91486445aa15379f779dbf9455d5421657e02913940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52287
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KdfzURn68p8b49LXXPLWR4%2FLFoh%2BAvRKMaENcjYzFCnVM8P3djlrJeaXZCd9fUjdTehhbmrFeStxIUTVlCtEUTr27LtwxY4kbXltJ8hhjjbQAZYfUlPdAozQmXxu0dmFLEwjeqreVttn1uYRKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f84d3712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 7c075d3e1b641bfbd71cb6e1e38d6c34.jpg
mogulstates.com/fim/1193/ 5 KB
5 KB 368ms
363ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/7c075d3e1b641bfbd71cb6e1e38d6c34.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c039304b1f83ce8df5462bdc85730898ebd3e7762d0833f5d6b2d123cd627dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4964
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyO3kUM5M1t4VxtIiZ5zYLV%2FkOXMiVlGxw5NKWIuGjDdkSkMtx3jW1csZaI6xViAQ6aZklxXvtDJ982oTLKc%2Flar18xrXrxVwuBoPgUB0wrPAKNuALI2vAOcG4vRxBuMqk1NSVmdUmCx9rQS7ig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent,User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8503712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 31f98be17811ef130c7a4fd77dcfc3f2.png
mogulstates.com/fim/1193/ 558 B
1 KB 371ms
366ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/31f98be17811ef130c7a4fd77dcfc3f2.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31825b853e17fdd1f53cd0ad03626a9dd108418a0b91293a67d559d4563bbcbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 558
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtnXvomuEu2CWN%2FDZ2PtomCJbLwMACMJ3Ho1TaUylBw0J9vV4wZrb%2FaX2jXz0c9mwm%2BOT2o5nXRheLrfEVe%2BA%2F2ryjaCUwcFLguTiCRMRjCB8Jn1WYxZvFh5xCjoLctz8Lta2NM0qLFlwAigSXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: User-Agent,User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8523712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 056d59b73761b92f1d910a4114909366.png
mogulstates.com/fim/1193/ 8 KB
9 KB 371ms
367ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1193/056d59b73761b92f1d910a4114909366.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c933753f362af10c379a78ded6587bf009cff81745f17b5497d9655b55d75d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8445
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 20:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwMjlI0VTU3q1XkoXWWcgYVQV4fbn48ijNMpVAHHqkL9sW4l5fMWMRdG3puglCVTSxbuikjVSU%2Bgc%2B7SmKqN6QdDNHlx6aKlogB8xhufkkKiw7%2FS6Oeh%2BMgVN3x0s7LH9WrFGxPlx3Q5E2LuKyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70645307f8533712-MIA
expires: Wed, 11 May 2022 21:28:07 GMT

GET
H3 200 lander.css
mogulstates.com/templates/assets/ 9 KB
2 KB 60ms
60ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/templates/assets/lander.css

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4510bab255981b0603809be87ea6c1265506449ca79c4039b148592ae254a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jan 2022 16:27:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCibl1ncOmoNcf%2FqN7VveO8UIGXgpgn9%2FLeQiT77i3pBbhcNlOm4zjbipaD9P031rCIwPgIs4YvHqcBcdaBVqMWOU1v8rUko3iaO7Kf7DIjDk%2FhbnER8%2Bzl0QdYSurYRXHJ7C%2FDzhhBigaLvT3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 706453073f033712-MIA
expires: Wed, 11 May 2022 15:56:55 GMT

GET
H3 200 jquery.lightbox.css
mogulstates.com/templates/assets/ 5 KB
2 KB 46ms
46ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/templates/assets/jquery.lightbox.css

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d25030cad5e23aa280c9a65fb19e973700ca57b5cb728d9b036d2207cb42057b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Dec 2021 15:42:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MFm6USFRHrrm7RO2piJCu7SeUBOFPOjNVsvhPJrHOZlhvS5TmMLibv9LTajwJFx6wqCGGG0UwKmsBfkfG8eNch3%2BDGn%2BCsEM8%2FrEg3dCo9hWDcfWjh9Vk3BnTJUCx0i7z7CcXoOHwcVm79yEJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 706453079fe03712-MIA
expires: Wed, 11 May 2022 15:56:55 GMT

GET
H3 200 email-decode.min.js Show response
mogulstates.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 37ms
37ms Script
application/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 17:17:34 GMT
server: cloudflare
etag: W/"626c1dae-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h27EcNP8MvX0hjIrHRGelyiKBtQPDCR7ovEugI9xmGMnWkuw%2BKn9zK0tIeuDutXICuFcv1SUslLh7n%2BDRSitcPE6xtSaF29hGhP8RwQ8g0RNqsDE21uHPF7jqT1unnj2ioxnaNIYtrQYGvOlLEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70645307e81d3712-MIA
vary: Accept-Encoding
expires: Fri, 06 May 2022 21:28:07 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
code.jquery.com/ 95 KB
33 KB 136ms
37ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.0.min.js
Requested by: Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17c52"
vary: Accept-Encoding
x-hw: 1651699687.dop204.mi1.t,1651699687.cds222.mi1.hn,1651699687.cds042.mi1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33820

GET
H3 200 jquery.lightbox.js Show response
mogulstates.com/templates/assets/ 48 KB
15 KB 55ms
53ms Script
application/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/templates/assets/jquery.lightbox.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:49:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn5Mw2HkWvVscjP215vKiuBJ7DY8gqzo%2BmsC0tAhaZlsO%2BPGwtaStjNYKBAJKuxR3fK%2BmN%2BUiPQxKfjy8B%2F%2FUMGmLQEvkQm2iDMbFzAPE6n8Y0FW0vsZ04rDoliWKa%2FK9WlBb5l5dBiYdEdROEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 70645307f8303712-MIA
expires: Wed, 11 May 2022 15:56:55 GMT

GET
H3 200 main.js Show response
mogulstates.com/templates/assets/ 2 KB
1 KB 47ms
43ms Script
application/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/templates/assets/main.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b918c4f27132dffcab7d4e4285c5da84f8ebc185116b432e40b4957ae2b3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jan 2022 16:27:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ao6vYY5sKVkcRzhf6QkVlSrWtPe1Xfzv8DFZL0XewYhwArMEM6oYmxoBqPRWyFpsYcjJBfAm4BkGx1DJ4h9pQfBTQoCONe3Hga19UIUnq9F5MudtmmIeeRRNkptszWnXRFSzgUj1Yfz2ALmmaWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 70645307f8323712-MIA
expires: Wed, 11 May 2022 15:56:55 GMT

GET
H2 200 v9e118mez8 Show response
trk-tempore.com/scripts/push/ 7 KB
3 KB 202ms
104ms Script
application/javascript 2606:4700:3030::ac43:d1bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-tempore.com/scripts/push/v9e118mez8

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d1bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUrsqtk5BDw%2FuFWSJ5RYFKfpGglcUBY0sd8Gutoqk8Hro9QratX2p7LfaeOIjlgAtsEfWJ20fZu5cGur6y0mH0Q0%2B%2BFuUk6uBUGPXytsRRsbkP%2Bily4FepQ%2FXoXJEeOoJKvBb0ksNJ9hLPjBNsc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 706453089d426da9-MIA
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 216ms
71ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/inc/fbcode1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: uOEY1Tv8Lpz03iCmYq5P0hWbc3CJNj7rKhoXfoSW6mga8t0MpUUlppg7L9kCChLbFz/e0LDyWxhyAAgndVavqg==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 04 May 2022 21:28:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 20 KB
7 KB 231ms
91ms Script
application/javascript 13.225.64.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: mogulstates.com
URL: https://mogulstates.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.64.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-64-251.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: cc308e76a07a70ae096c8c443bbf04154969ef4f52a4c632fc69ef233b8b5fa1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7163
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-amz-cf-id: AChyDBvsgn5zVUBhz-xvGT0yBT-e4JJPLHnd7jxSQDOaKSGT1ty74g==

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 170ms
77ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1651699687655
Requested by: Host: mogulstates.com
URL: https://mogulstates.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 07abb8e1-2723-478c-a93f-bea192b54a46
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 706453089bc80a02-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 227ms
70ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mogulstates.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 13:49:19 GMT
x-content-type-options: nosniff
age: 27528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 04 May 2023 13:49:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 247ms
90ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mogulstates.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 565057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Apr 2023 08:30:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 304ms
146ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mogulstates.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:46:46 GMT
x-content-type-options: nosniff
age: 114081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 13:46:46 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
354 B 118ms
78ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fmogulstates.com%2F628c43eba59959b85fd7ce56deb6bdd7&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1651699687877
Requested by: Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 706453099b43961a-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 399694290689525 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 145ms
71ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399694290689525?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88882
x-xss-protection: 0
pragma: public
x-fb-debug: yrwdcqZuhGmIVDeDE6ENCdXaLan+JOQHxMu3AYdcR7NFcz2xaIG0jDMffeMhoozs0kuxqLzhiY7MVfr8tKS/sg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 04 May 2022 21:28:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
189 B 150ms
72ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:08 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 63 B
330 B 147ms
71ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

78ab8776c8f68316d19152a9ca8954b8abb84868d60a268d5db5fdeba3d68eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:08 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1E68 672 B
879 B 155ms
80ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mogulstates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 672
content-type: text/html
date: Wed, 04 May 2022 21:28:08 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

POST
H2 200 p Show response
tr.snapchat.com/ Frame 3DB1 0
405 B 88ms
75ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mogulstates.com
Referer: https://mogulstates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Wed, 04 May 2022 21:28:08 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

POST
H2 200 p Show response
tr.snapchat.com/ Frame 7002 0
186 B 87ms
76ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mogulstates.com
Referer: https://mogulstates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Wed, 04 May 2022 21:28:08 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 1E68 20 KB
7 KB 68ms
67ms Script
application/javascript 13.225.64.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.64.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-64-251.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: cc308e76a07a70ae096c8c443bbf04154969ef4f52a4c632fc69ef233b8b5fa1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:49:58 GMT
content-encoding: gzip
server: CloudFront
age: 77890
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR53-C1
access-control-allow-headers: Content-Type
content-length: 7163
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-amz-cf-id: cKRHREQ793ZC4Il9ZhkTvBiN5Yh6hPGLUNrt8OfnhZMhMxEEI-NB0g==

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 214ms
72ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Fmogulstates.com%2F628c43eba59959b85fd7ce56deb6bdd7&rl=https%3A%2F%2Fweaveglasses.com%2F&if=false&ts=1651699688201&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651699688199.694814365&it=1651699687894&coo=false&rqm=GET

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 04 May 2022 21:28:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 214ms
72ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Fmogulstates.com%2F628c43eba59959b85fd7ce56deb6bdd7&rl=https%3A%2F%2Fweaveglasses.com%2F&if=false&ts=1651699688204&sw=1600&sh=1200&v=2.9.58&r=stable&ec=1&o=30&fbp=fb.1.1651699688199.694814365&it=1651699687894&coo=false&rqm=GET

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 04 May 2022 21:28:08 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 860B
Redirect Chain

https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1651699688211
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1651624243027%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1651624243027%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1651624243027&pnid=140&pcid=92433c3c-dae1-407d-a876-7c44a8b93da4

0
15 B

87ms
87ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1651624243027&pnid=140&pcid=92433c3c-dae1-407d-a876-7c44a8b93da4

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Wed, 04 May 2022 21:28:08 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 04 May 2022 21:28:08 GMT
location: https://tr.snapchat.com/cm/p?rand=1651624243027&pnid=140&pcid=92433c3c-dae1-407d-a876-7c44a8b93da4
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H3 200 v9e118mez8
event.trk-tempore.com/register/event_log/ 0
0 150ms
110ms Fetch 2606:4700:3034::6815:22dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-tempore.com/register/event_log/v9e118mez8

Requested by

Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mogulstates.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 04 May 2022 21:28:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IR6cNJrpRswBn%2FTbqJhhH2JPIJw5jgJYpeNCi7iBk8rLJv%2BLgzUwE4zkA3it3MUNu0dDtqb7YpeypXd9JlKUSoiffaujxlYmAXH1BTkAB%2Fnha9Ng4TYtC97L1osnaQOdWTBv2gKVMWBg07rJkJfAjM8i9Oc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 7064530d5d450359-MIA
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 0
0 161ms
76ms Preflight 2606:4700:3034::6815:22dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:22dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mogulstates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7064530c9afe9ab3-MIA
content-length: 0
date: Wed, 04 May 2022 21:28:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wvr1A%2FjjarC3idm2CtXzwUMw7IYrQjXeMM16NilAFdOg2brHIMXHeIBT8isVFaHxBF0fbYsAIydlR%2F%2FIaCik8xsSPEWFKQqxi6Hy%2Bv2QeysyL7qW9wpHP3f%2FSHRnLZrjQBirhzUWyGrnsj2d6VLlkq8LiEk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

OPTIONS
H2 200 v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 0
0 164ms
80ms Preflight 2606:4700:3034::6815:22dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:22dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mogulstates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7064530c9b019ab3-MIA
content-length: 0
date: Wed, 04 May 2022 21:28:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9%2Fvr0owWKOmeiktHc9WvMRXUwMh1qdja8yJJ2Ov26rEi06IRp2FyjWfR%2BVBIAJ22CHfuY77cdzbC288hkxtoHMPsPUj1msqLmHjwqqn7ubIDi7%2F9TJVpwJ8Grsn8fxPRQ9tbWAl5R1QwcO0y8QwAPHRHCw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 v9e118mez8
event.trk-tempore.com/register/event_log/ 0
0 151ms
115ms Fetch 2606:4700:3034::6815:22dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-tempore.com/register/event_log/v9e118mez8

Requested by

Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22dd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mogulstates.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 04 May 2022 21:28:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfkXQBKZDOT1oamUqKxaICRdGV2mssGiqQNhjvd0YNu6Zg%2Fv01DlWmwVXL3JzOLBc86Eae5oSLnu%2BJjmygsR9WeiuMoikzCRllpvlWvuzlxEZRwKl6A4IK8Xam7dHg7R8ERdJnWTb6D1ih3ycB5fSFs9G4E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 7064530d5d430359-MIA
x-pushplatformapp-params

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 145ms
73ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Fmogulstates.com%2F628c43eba59959b85fd7ce56deb6bdd7&rl=https%3A%2F%2Fweaveglasses.com%2F&if=false&ts=1651699689705&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%2250lbs%20in%2061%20Days%3A%20New%20No-Exercise%20%E2%80%98Skinny%20Pill%E2%80%99%20Melts%20Belly%20Fat.%20Why%20Every%20Judge%20On%20Shark%20Tank%20Backed%20This%20Product!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.58&r=stable&ec=2&o=30&fbp=fb.1.1651699688199.694814365&it=1651699687894&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:28:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 04 May 2022 21:28:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Weightloss Scam (Online)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 02:49:46	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
weaveglasses.com/	1970-01-20 03:31:35	Name: uid1597 Value: 713015642-20220504172805-122eb2ae959e7b9e3c20f2860ac48a08-1847
combatcubes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d17dd53d27387d6beb4088a2dd14d9af
mogulstates.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2cd1a4b328ebc8a5e0374d1f122e8d58
.mgid.com/	1970-01-20 02:48:21	Name: __cf_bm Value: 0384wCLwHOuu2Y4Q.9Qp4dUUz5eiPqt3BCsZSxmD3Yc-1651699687-0-ARvzax8ze6yVFEulA9Gcu7MNkOH8ydo9bsUv0ISWhhi6C5iCchPMLzHo7J1U1mejl88KXTzkLAjOGDb1lptunPQ=
mogulstates.com/	1970-01-20 04:57:55	Name: MgidSensorNVis Value: 1
mogulstates.com/	1970-01-20 04:57:55	Name: MgidSensorHref Value: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7
.mogulstates.com/	1970-01-20 12:18:06	Name: _scid Value: f8498398-56c6-4e9a-a51e-cb6888683652
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m447p0xxjwse
.mogulstates.com/	1970-01-20 04:57:55	Name: _fbp Value: fb.1.1651699688199.694814365
.facebook.com/	1970-01-20 04:57:55	Name: fr Value: 0YBFjx8Sok2dqId00..Bicu_o...1.0.Bicu_o.
.snapchat.com/	1970-01-20 12:09:55	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwREAIQgEsIqYYRFBrhtOtAqL92te8cwdW0FcUqQ1QelzkXRn5N+WwA6UP1iHRdgY5ylfoaPMdEAAAAA=
.tapad.com/	1970-01-20 04:14:43	Name: TapAd_TS Value: 1651699688610
.tapad.com/	1970-01-20 04:14:43	Name: TapAd_DID Value: 92433c3c-dae1-407d-a876-7c44a8b93da4
.tapad.com/	1970-01-20 04:14:43	Name: TapAd_3WAY_SYNCS Value:
.mogulstates.com/	1970-01-20 12:18:06	Name: _sctr Value: 1\|1651622400000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://mogulstates.com/628c43eba59959b85fd7ce56deb6bdd7 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
applefar.org.uk
code.jquery.com
combatcubes.com
connect.facebook.net
event.trk-tempore.com
fonts.googleapis.com
fonts.gstatic.com
mogulstates.com
pixel.tapad.com
s3.us-west-1.amazonaws.com
sc-static.net
tr.snapchat.com
trk-tempore.com
weaveglasses.com
www.facebook.com
104.19.133.78
107.178.246.49
13.225.64.251
185.147.127.208
2001:4de0:ac18::1:a:1b
2606:4700:3030::ac43:d1bf
2606:4700:3034::6815:22dd
2606:4700:3035::6815:1809
2606:4700:3035::ac43:a4e3
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2003
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
35.186.226.184
52.219.117.112
92.63.173.102
0d17710ec8fdd8345e06a46060c8c4cc0aea6624ab9cc4e1911e55da425d825d
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61
1d24768e8f2b98f53752f8767b070b64d060c3cb38e00dac701febab661e1b71
21e64d024aa24a971eaa07a66b05c6c6634cb6f777fe584168136923cffb45df
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b918c4f27132dffcab7d4e4285c5da84f8ebc185116b432e40b4957ae2b3a6
31825b853e17fdd1f53cd0ad03626a9dd108418a0b91293a67d559d4563bbcbc
363d9c1ea95c22f5acfa91816599219cc3dc5e54ba777ee3841d8a03b5179e2f
41a371ec345898197d2f298aef0bd8689565e88fdfd8678471e52a7b10e7b653
42cf8e770c88ea7ace06fa4362af60ff7aa2bc61844a10322327651dcd585360
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
4b599030d119232d79b68f77962f2c6e83359749df541af945950351beb2e52c
515ad9e110e185f90bd0aef59138c02bb4a7c0b316f982b5226feb511d57988f
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6018f31e4190c0c7e9eeb91486445aa15379f779dbf9455d5421657e02913940
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
78ab8776c8f68316d19152a9ca8954b8abb84868d60a268d5db5fdeba3d68eb3
8526f89caa77931946ad6e066a3b76845d9b5f7c9b896eda7229f4320143336d
883979605c75b733eb6d6754cb6f115b10d295c3f041ac919c2d2f828f65237a
8da26bddf8849eb8f4774bb82d77cc7f2e816779b1ae4373edf7dae5b6d54e05
97e8642006a037d8288ac1cd9fda7908e8558951cc18c33fced06dfa4a04fd71
98f0cf4d099f89bae2af62f3492d64d3bffb955f3396fa3746a05edd792d4925
9e0834f46d9f5139e8b7f8f5f09be31053c44e3caee6f11caec08480d1d328dc
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
c039304b1f83ce8df5462bdc85730898ebd3e7762d0833f5d6b2d123cd627dd8
c933753f362af10c379a78ded6587bf009cff81745f17b5497d9655b55d75d3c
cc308e76a07a70ae096c8c443bbf04154969ef4f52a4c632fc69ef233b8b5fa1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a
d25030cad5e23aa280c9a65fb19e973700ca57b5cb728d9b036d2207cb42057b
d4510bab255981b0603809be87ea6c1265506449ca79c4039b148592ae254a3b
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
e1f98ccf79d380deb41bb2c3a281390b81ccee0e182e47827847a15a4f8e9411
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43fff2ba016b4edef9c902f806ebab91a4a3b61d7b82b3648b62e1338721537
e7a35657b2c0f2eaa8e7d3da99d021492453979c35f5bd8d650eb177fc437dec
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
eb9783874c9ff9adac5dc902c42a885a482f66985b674c6e6e6a41b432c414e9
f69f11aaae5238392bebf71202606a08d03a00c281aee99cb4ec0427a8ad3d80

mogulstates.com Open in urlscan Pro 2606:4700:3035::ac43:a4e3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

56 %IPv6

15 Domains

16 Subdomains

13 IPs

4 Countries

1705 kBTransfer

2382 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mogulstates.com Open in urlscan Pro
2606:4700:3035::ac43:a4e3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

56 %
IPv6

15
Domains

16
Subdomains

13
IPs

4
Countries

1705 kB
Transfer

2382 kB
Size

16
Cookies

58 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!