Windows Analysis Report
https://globalgrimmer.com/xxxj

Overview

General Information

Sample URL:	https://globalgrimmer.com/xxxj
Analysis ID:	1432299
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.56.6.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 23.56.6.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /xxxj HTTP/1.1Host: globalgrimmer.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xxxj/ HTTP/1.1Host: globalgrimmer.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 0bef7y10siuwczdssj39pr-fbx.hop.clickbank.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start?hop=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1 HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/?hop=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1 HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1 HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/fonts.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/bootstrap-reboot.min.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/icons.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/clean.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/o-0OIpQlx3QUlC5A4PNr4ARCQ_mu72Bi.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/o-0NIpQlx3QUlC5A4PNjOhBVZNyBx2pqPA.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /img/bg-wavewhite.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/css/clean.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /img/moon-reading-text-logo.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /js/jstz-1.0.4.min.js HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/bg-wavewhite.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /img/moon-reading-text-logo.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /_api/timezone.php?timezone=Europe/Berlin HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /signals/config/2523922164511192?v=2.9.154&r=stable&domain=www.moonreading.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_api/timezone.php?timezone=Europe/Berlin HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger=navigation-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155734435&cv=11&fst=1714155734435&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155734435&cv=11&fst=1714155734435&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155734435&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqYieZhwhfJMdq7A3besK6pwMT0Niihg&random=3721187132&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/moon-icon-16.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /img/moon-icon-16.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155734435&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqYieZhwhfJMdq7A3besK6pwMT0Niihg&random=3721187132&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&gjid=466285172&_gid=337683595.1714155737&_u=YEBAAUAAAAAAACAAI~&z=133570130 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&_u=YEBAAUAAAAAAACAAI~&z=317188382 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&_u=YEBAAUAAAAAAACAAI~&z=317188382 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=aries HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /img/white-back.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/start/2/?sign=ariesAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155749002&cv=11&fst=1714155749002&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: not-navigation-source, trigger, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/white-back.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155749.48.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155749002&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqNEK4AiQ59PqZMM9cIh8_uqxf27yIUzrMp0ZPfvrLnqIKp3P3&random=501203676&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155749002&cv=11&fst=1714155749002&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155749002&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqNEK4AiQ59PqZMM9cIh8_uqxf27yIUzrMp0ZPfvrLnqIKp3P3&random=501203676&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=taurus HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155749.48.0.0
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger=navigation-source, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155758513&cv=11&fst=1714155758513&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155758513&cv=11&fst=1714155758513&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155758513&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqzWsHOLhSVQriZ_5mI_OJrfjqBnIWbPw5uvMZSIJu0MDt_AQ0&random=1733060914&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155758513&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqzWsHOLhSVQriZ_5mI_OJrfjqBnIWbPw5uvMZSIJu0MDt_AQ0&random=1733060914&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=gemini HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155758.39.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155767945&cv=11&fst=1714155767945&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155767945&cv=11&fst=1714155767945&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155767945&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqTIVdXM9vQ6QaAwBnUb9eUtCrGYtaRBeKdoKN2dUIUzoi6aLA&random=1317763472&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155767945&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqTIVdXM9vQ6QaAwBnUb9eUtCrGYtaRBeKdoKN2dUIUzoi6aLA&random=1317763472&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=cancer HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155768.29.0.0
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger=navigation-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155772736&cv=11&fst=1714155772736&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155772736&cv=11&fst=1714155772736&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155772736&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqOW8fMWLylNgAqPfY1shkOexPoT-1wbi3cHW3_kl5buMCEFqZ&random=381502526&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155772736&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqOW8fMWLylNgAqPfY1shkOexPoT-1wbi3cHW3_kl5buMCEFqZ&random=381502526&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=leo HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155772.25.0.0; _ga=GA1.2.630221053.1714155737
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155781702&cv=11&fst=1714155781702&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155781702&cv=11&fst=1714155781702&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155781702&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqMbrkWhNYs2cmY5Wzxa2bgQP1Khe0FtxnGUjvcQrYfdVYTtdZ&random=3797219326&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=virgo HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155781.16.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155781702&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqMbrkWhNYs2cmY5Wzxa2bgQP1Khe0FtxnGUjvcQrYfdVYTtdZ&random=3797219326&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source;navigation-source, triggerReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155786721&cv=11&fst=1714155786721&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155786721&cv=11&fst=1714155786721&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155786721&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqDdJfTiANYjvQzvkvxCo4fcWPlml0qDOhg_8I9fvGQVLReDhj&random=521127747&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155786721&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqDdJfTiANYjvQzvkvxCo4fcWPlml0qDOhg_8I9fvGQVLReDhj&random=521127747&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=libra HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155786.11.0.0; _ga=GA1.2.630221053.1714155737
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155795718&cv=11&fst=1714155795718&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155795718&cv=11&fst=1714155795718&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155795718&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq_cgLVyl6KTSBFnAoypB5cRJYLkTmBhaj_Bh2nTFHFvEOAc09&random=3426040040&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155795718&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq_cgLVyl6KTSBFnAoypB5cRJYLkTmBhaj_Bh2nTFHFvEOAc09&random=3426040040&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_89.2.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(a){var b=new URL(a);b=b.hostname.endsWith(".facebook.com")&&b.pathname=="/signals/iwl.js";if(!b)throw new Error("Disallowed script URL");return a}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=null;e.exports=new h(function(d,e){try{n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}}}catch(a){return}function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=func
Source: chromecache_130.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Qj:function(){e=zb()},sd:function(){d()}}};var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_130.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=iA(a,c,e);M(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return M(122),!0;if(d&&f){for(var m=Jb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},lA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_130.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Xg:d,Vg:e,Wg:f,Ih:g,Jh:h,ye:m,Ab:b},p=D.YT,q=function(){IC(n)};if(p)return p.ready&&p.ready(q),b;var r=D.onYouTubeIframeAPIReady;D.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(LC(w,"iframe_api")\|\|LC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!CC&&JC(x[A],n.ye))return tc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_126.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_130.2.dr	String found in binary or memory: var NB=function(a,b,c,d,e){var f=Jz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!g.length)return!0;var h=Fz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if("https://www.facebook.com/tr/"===m)return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!uy(h,vy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: globalgrimmer.com
Source: global traffic	DNS traffic detected: DNS query: 0bef7y10siuwczdssj39pr-fbx.hop.clickbank.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.moonreading.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net

Source: unknown

HTTP traffic detected: POST /g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155730387&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=0&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&dt=Request%20Your%20FREE%20Moon%20Reading!&en=page_view&_fv=1&_ss=1&_ee=1&tfd=17951 HTTP/1.1Host: analytics.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.moonreading.comX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_100.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_100.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_93.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_127.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_127.2.dr	String found in binary or memory: https://github.com/necolas/normalize.css/blob/master/LICENSE.md)
Source: chromecache_127.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_100.2.dr	String found in binary or memory: https://google.com
Source: chromecache_100.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_100.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_130.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_130.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_93.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_93.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_98.2.dr, chromecache_96.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_100.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_109.2.dr, chromecache_123.2.dr, chromecache_94.2.dr, chromecache_114.2.dr, chromecache_99.2.dr, chromecache_118.2.dr, chromecache_120.2.dr, chromecache_106.2.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/590897327/?random
Source: chromecache_100.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_93.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_130.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_130.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@25/84@43/18

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=2024,i,15679915342265595539,6128884579569338529,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://globalgrimmer.com/xxxj"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=2024,i,15679915342265595539,6128884579569338529,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.217.165.206	analytics.google.com	United States	15169	GOOGLEUS	false
216.239.34.181	analytics-alv.google.com	United States	15169	GOOGLEUS	false
157.240.14.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
104.16.80.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
31.13.80.36	unknown	Ireland	32934	FACEBOOKUS	false
172.217.165.194	unknown	United States	15169	GOOGLEUS	false
142.250.189.130	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
173.194.212.157	unknown	United States	15169	GOOGLEUS	false
142.250.217.228	www.google.com	United States	15169	GOOGLEUS	false
104.26.1.66	unknown	United States	13335	CLOUDFLARENETUS	false
63.250.47.116	globalgrimmer.com	United States	22612	NAMECHEAP-NETUS	false
172.217.193.155	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.217.196	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.35.228	unknown	United States	15169	GOOGLEUS	false
31.13.67.20	scontent.xx.fbcdn.net	Ireland	32934	FACEBOOKUS	false
35.80.252.204	0bef7y10siuwczdssj39pr-fbx.hop.clickbank.net	United States	237	MERIT-AS-14US	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
star-mini.c10r.facebook.com	157.240.14.35	true
www.moonreading.com	172.67.73.212	true
static.cloudflareinsights.com	104.16.80.73	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
stats.g.doubleclick.net	172.217.193.155	true
globalgrimmer.com	63.250.47.116	true
scontent.xx.fbcdn.net	31.13.67.20	true
analytics-alv.google.com	216.239.34.181	true
googleads.g.doubleclick.net	142.250.189.130	true
www.google.com	142.250.217.228	true
td.doubleclick.net	142.250.189.130	true
analytics.google.com	172.217.165.206	true
0bef7y10siuwczdssj39pr-fbx.hop.clickbank.net	35.80.252.204	true
www.facebook.com	unknown	unknown
connect.facebook.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&_u=YEBAAUAAAAAAACAAI~&z=317188382	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155786655&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&dt=Get%20your%20FREE%20Moon%20Reading!&en=page_view&_ee=1&tfd=857	false		high
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=GET	false		high
https://www.moonreading.com/start/?hop=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=GET	false		high
https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1	false		unknown
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155781594&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&dt=Get%20your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6232	false		high
https://www.moonreading.com/css/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2	false	Avira URL Cloud: safe	unknown
https://www.moonreading.com/img/bg-wavewhite.png	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=FGET	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155795632&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&dt=Get%20your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=5&tfd=5988	false		high
https://www.moonreading.com/start/2/?sign=virgo	false		unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=FGET	false		high
https://www.moonreading.com/img/white-back.png	false	Avira URL Cloud: safe	unknown
https://0bef7y10siuwczdssj39pr-fbx.hop.clickbank.net/	false		high
https://connect.facebook.net/signals/config/2523922164511192?v=2.9.154&r=stable&domain=www.moonreading.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105	false		high
https://www.moonreading.com/start/2/?sign=libra	false		unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=FGET	false		high
https://www.moonreading.com/start/2/?sign=taurus	false		unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=FGET	false		high
https://www.moonreading.com/_api/timezone.php?timezone=Europe/Berlin	false	Avira URL Cloud: safe	unknown
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155767833&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&dt=Get%20your%20FREE%20Moon%20Reading!&en=page_view&_ee=1&tfd=1308	false		high
https://globalgrimmer.com/xxxj/	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://connect.facebook.net/en_US/fbevents.js	false		high
https://www.moonreading.com/img/moon-icon-16.png	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=FGET	false		high
https://globalgrimmer.com/xxxj	false		unknown
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155786655&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&dt=Get%20your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5872	false		high
https://www.moonreading.com/cdn-cgi/rum?	false	Avira URL Cloud: safe	unknown
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155758382&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&dt=Get%20your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5971	false		high
https://www.moonreading.com/start?hop=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=FGET	false		high
https://www.moonreading.com/start/2/?sign=aries	false		unknown
https://www.moonreading.com/css/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2	false	Avira URL Cloud: safe	unknown
https://www.moonreading.com/css/o-0OIpQlx3QUlC5A4PNr4ARCQ_mu72Bi.woff2	false	Avira URL Cloud: safe	unknown
https://www.moonreading.com/css/o-0NIpQlx3QUlC5A4PNjOhBVZNyBx2pqPA.woff2	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=FGET	false		high
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=FGET	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155758382&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&dt=Get%20your%20FREE%20Moon%20Reading!&en=page_view&_ee=1&tfd=965	false		high
https://www.moonreading.com/start/2/?sign=cancer	false		unknown
https://www.moonreading.com/img/moon-reading-text-logo.png	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=GET	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155772654&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&dt=Get%20your%20FREE%20Moon%20Reading!&en=page_view&_ee=1&tfd=902	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155772654&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&dt=Get%20your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5915	false		high
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://www.moonreading.com/start/2/?sign=leo	false		unknown
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H802VRJEV8&cid=630221053.1714155737&gtm=45je44o0v895586847za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0	false		high
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=GET	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155748297&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&dt=Get%20your%20FREE%20Moon%20Reading!&en=page_view&_ee=1&tfd=3485	false		high
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=GET	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155748297&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&dt=Get%20your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=16&tfd=8500	false		high
https://www.moonreading.com/css/fonts.css	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=GET	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155795632&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&dt=Get%20your%20FREE%20Moon%20Reading!&en=page_view&_ee=1&tfd=974	false		high
https://www.moonreading.com/start/2/?sign=gemini	false		unknown
https://www.moonreading.com/css/clean.css	false	Avira URL Cloud: safe	unknown
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155730387&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=0&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&dt=Request%20Your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=23&tfd=22992	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155730387&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=0&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&dt=Request%20Your%20FREE%20Moon%20Reading!&en=page_view&_fv=1&_ss=1&_ee=1&tfd=17951	false		high
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=GET	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155767833&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EEA&_s=2&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&dt=Get%20your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=15&tfd=7300	false		high
https://analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je44o0v895586847za200&_p=1714155781594&gcd=13l3l3l3l1&npa=0&dma=0&cid=630221053.1714155737&ul=en-us&sr=1280x1024&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EA&_s=1&sid=1714155737&sct=1&seg=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&dt=Get%20your%20FREE%20Moon%20Reading!&en=page_view&_ee=1&tfd=1012	false		high
https://www.moonreading.com/css/bootstrap-reboot.min.css	false	Avira URL Cloud: safe	unknown
https://www.moonreading.com/css/icons.css	false	Avira URL Cloud: safe	unknown
https://www.moonreading.com/js/jstz-1.0.4.min.js	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&gjid=466285172&_gid=337683595.1714155737&_u=YEBAAUAAAAAAACAAI~&z=133570130	false		high
https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=GET	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (4179)	BBB5F28739DE016981F56E1B8C924B8C	974A2040D629D92B01539DED90AB93167EA16C11	38979AD36E6B1AC9A5C0265709BAF55E14B8C24C681192E21CD1262DFD72D834
Chrome Cache Entry: 101	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 102	Web Open Font Format (Version 2), TrueType, length 17920, version 1.0	B105CF87BFE3A58447DB822E7FDB0875	DB5553E071B4CA5347B4DDA7E1FC9A4C398F9DC4	546DB554B9A7C8DAB36A67CA582D98882C575957BD515A4BC1E00563BC0B46D2
Chrome Cache Entry: 103	Web Open Font Format (Version 2), TrueType, length 11608, version 1.0	BC83CC7C28B234E56A4C755C10E657A0	70265CC6DF1EEB9EBE6993D04E8904311B909F69	DA2704436D0C1CA2F39C174776FC1AE4E434D25AADE210C27F025F74EDB421FF
Chrome Cache Entry: 104	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	D220D19781902102B895711947636307	96B27279C892039E002402CABC77E5A5D428E97F	953CD2B7A9F5033DDE29B93C093FD24150B5AA0BAC851339A5DF5230254C336B
Chrome Cache Entry: 105	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 106	ASCII text, with very long lines (2409), with no line terminators	5248D2ABC8A856292AFB7D0D64661762	2D85F26D702C495A1DC0258AE9AD2DFE9312598D	5982AE04C8CDA50B2CBDC7ECE0B06049084BB1137E544C0A40BCCB7EDF9A75A9
Chrome Cache Entry: 107	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 108	ASCII text, with very long lines (10160)	C2DA9C56E57CC39E6F9A07FE987BEEA1	6A20E02EE2BECB6D5AFF01116365F2721194E97E	350FCAD4D719EA33CE8BD0000D6FFA994FFD6C44915DEB51A9A92E73D66E4DD0
Chrome Cache Entry: 109	ASCII text, with very long lines (2615), with no line terminators	761D88CF6F8A223F76B7417CFD32C638	F90990EC9041BE2462D4DDB8513A11D3818BF17C	FCD4CDA3D0CCBAF47463C88E67BBE080A46CE7A63A4E59382056146022E79FCF
Chrome Cache Entry: 110	ASCII text, with very long lines (345)	4F4B734C170035CFFDAF44792A9519BC	F641F67EF8699C4D184E39B28179D25BCFCF479D	FF5EE8F150404794B05E0E63CF3FB3EEDEF25A8B6E5A947589BFAF5422C4BA9D
Chrome Cache Entry: 111	ASCII text, with very long lines (5400)	CF77C217A823810AB91C5430A021A5F5	3294044B8DE59BEFE54C0EE64338C257798B1031	35A3913CEDD5F32C17FB626FDAC5363FEEC1AB3921DDE24B3D9831D15A5F643A
Chrome Cache Entry: 112	PNG image data, 2160 x 175, 8-bit/color RGB, non-interlaced	4CACC92DE7AB81E53024A7B1B4DDD85F	6DE1487F7563727E32371D300922EA7127F36B01	F2AB94D9925615E97339029F1C4DA28DA9FE02B0F1EC2FDBDD7ECFCD3FB5D3DA
Chrome Cache Entry: 113	PNG image data, 2160 x 175, 8-bit/color RGB, non-interlaced	4CACC92DE7AB81E53024A7B1B4DDD85F	6DE1487F7563727E32371D300922EA7127F36B01	F2AB94D9925615E97339029F1C4DA28DA9FE02B0F1EC2FDBDD7ECFCD3FB5D3DA
Chrome Cache Entry: 114	ASCII text, with very long lines (2614), with no line terminators	4A4B015BE9092337ADE7D3078C1960D4	5D9006A044736D5A6E6449E7E48C97EF832585A9	DC090B65A748C2F2896C20B6E293386964810C385C5DD21F2B15BB773612B918
Chrome Cache Entry: 115	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 116	ASCII text	E3CDE220C848CE4DDC200F035AD1ADC3	250F62BB8349D295A449B1254C73E8B7F00750DF	55F8D13D8EF94D15F330E66652CDCFEBF1DA212212D70F5DDAFBD73EF10ACE37
Chrome Cache Entry: 117	ASCII text, with very long lines (5140)	B847ADE1CFAF365B5E7DD95352DC41E2	81CA652DA8EB2BCF9FC6088BFAC53629F6C0CA7A	B76A8D26DD35EEF1679C50B89835FC6C25420405AD2B82F208A6943E17691322
Chrome Cache Entry: 118	ASCII text, with very long lines (2613), with no line terminators	CBF2FEA275F10256667076BFBB6D8713	943092BDDC493ECFA2518F066B092D9E96C97F93	2456238C4762DF8BBE4E64CA433AE058B22EEFD8B097C2D47BE1EE39C61C0F76
Chrome Cache Entry: 119	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 120	ASCII text, with very long lines (2614), with no line terminators	5BAB79125EE43C9D1B126241F39FFB49	57DEEC5EEE402D8D7839D3ECA8714F47F6B61963	9904BB44881935979CE306F5A4E31FED11CFDF50095C4A5B24C8B5ED0B49535E
Chrome Cache Entry: 121	PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced	CBA22880FB0372AB011AA5F26AA46738	9B2C69799F4161EA2614B04076C5CFBA503808D0	5C35C53AAA3394F7B4EBC4B4E3BB3B6401228E52A5B264ECBC15F520AE8C4DA7
Chrome Cache Entry: 122	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 123	ASCII text, with very long lines (2616), with no line terminators	E16566C09A5B7F9B415ACB7FDD0AFA58	2CCD5ECA2AC0C8C016579ACEFA46F6C09D64BCBA	1CC6406614C0A4822C3D6AFF271A118EC95C862516F597B1F911CDB4E6CB3369
Chrome Cache Entry: 124	Web Open Font Format (Version 2), TrueType, length 13020, version 1.0	D5382465C092A866BB58A53030A24348	9AE10C7B1F1927FDB2907ED3DE3054B516D0DF2B	DF3111EBF7A54A08878F3B239DEE2E463DB0EB24CCED9223B9F0DC9550F0E79B
Chrome Cache Entry: 125	ASCII text, with very long lines (19261), with no line terminators	3BE93FD15D2F7DEE2FC0C8981C6FA5C6	8CD88C36FAD3E96641DBC4D781F5DDBE5123312F	17106BF803D42BCF2F2BDF778ECE084D3F91C68E7EA41DAE7BFF61FEFA573DEE
Chrome Cache Entry: 126	ASCII text, with very long lines (4179)	C54B3DD59C6B7EC2EFFDDB51E531CC53	6D2AB7C524D030E0AC75D981B3A3119CA9FC46E2	FCDE03A5FEA6E57B89D2F83975268528EF7EE38F22BF20E73DEE1B4EAF29423B
Chrome Cache Entry: 127	ASCII text, with very long lines (3640)	220E4DC01283A9E9C5C146F984EB8934	990F408175CAEF6B397C247F3AA614692211C5B4	740458B82DE9774C1AFFB4781E4B7FB11DB37CB1C281B9D5010DAC3F084D7B40
Chrome Cache Entry: 128	PNG image data, 860 x 130, 8-bit/color RGBA, non-interlaced	4974222EEA9D84136D18A58CD0D3FF36	A3B95EBD156B6F263B30C1A33609CB1411F5F2E4	B112019E9548E12C74669AEF363DE97BC2D9760AA5C76ECD9DD826FA55B639B5
Chrome Cache Entry: 129	PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced	CBA22880FB0372AB011AA5F26AA46738	9B2C69799F4161EA2614B04076C5CFBA503808D0	5C35C53AAA3394F7B4EBC4B4E3BB3B6401228E52A5B264ECBC15F520AE8C4DA7
Chrome Cache Entry: 130	ASCII text, with very long lines (7711)	034B4BC58D92116FAB43E42E6C64A7BD	02D64123B44B63FE831EAA31E5396FB68AF00CD9	F2729C529AC7F4C6A57AEC4BBD74D99F1974286DEB2CF8F9564022016D90122E
Chrome Cache Entry: 131	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 132	HTML document, ASCII text, with no line terminators	C83301425B2AD1D496473A5FF3D9ECCA	941EFB7368E46B27B937D34B07FC4D41DA01B002	B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
Chrome Cache Entry: 89	ASCII text, with very long lines (64347)	85F41014BE15CC3E54A4123C00C5021E	1E5468F507A8B0216114A8D8F63309BE8CBCAB9F	01E9582655224C83E6C075F44B7EECB135E108B6AD2150BF6F78A0A77C4AD5E0
Chrome Cache Entry: 90	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 91	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	D220D19781902102B895711947636307	96B27279C892039E002402CABC77E5A5D428E97F	953CD2B7A9F5033DDE29B93C093FD24150B5AA0BAC851339A5DF5230254C336B
Chrome Cache Entry: 92	PNG image data, 860 x 130, 8-bit/color RGBA, non-interlaced	4974222EEA9D84136D18A58CD0D3FF36	A3B95EBD156B6F263B30C1A33609CB1411F5F2E4	B112019E9548E12C74669AEF363DE97BC2D9760AA5C76ECD9DD826FA55B639B5
Chrome Cache Entry: 93	ASCII text, with very long lines (2343)	575B5480531DA4D14E7453E2016FE0BC	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
Chrome Cache Entry: 94	ASCII text, with very long lines (2654), with no line terminators	2D60863B0B8E6060DF13F5192EAAEB18	EC343569F3431F03CB9B00F1ED5B1D70134213B1	0C92F260091131E30E315C47EE1FA56E78E85F29C5C52C5336CFA204CB93318E
Chrome Cache Entry: 95	ASCII text, with very long lines (32077)	4F252523D4AF0B478C810C2547A63E19	5A9DCFBEF655A2668E78BAEBEAA8DC6F41D8DABB	668B046D12DB350CCBA6728890476B3EFEE53B2F42DBB84743E5E9F1AE0CC404
Chrome Cache Entry: 96	ASCII text, with very long lines (4179)	AF9827EE2459C01CBDAE71C3266CEBB2	DED7A2A73ACA8BE471C207A5CFE271C4B6B4A367	827E153649E258BC9BBF45C75898EE158261BB635A3D4214FDA5E3FFB8EA302A
Chrome Cache Entry: 97	Web Open Font Format (Version 2), TrueType, length 12852, version 1.0	3B5DF7E947D77201EAF22F3DBDAC08CC	21989CA07E4AFE32D48982B816B8FAC85CE3E668	4A46D61A9AED90CEA010DBABCDB510B9CEFF1B729A06B169CDBE142F66CBC86F
Chrome Cache Entry: 98	ASCII text, with very long lines (4179)	F1DA48DF933D5EA501450E7C14CF570F	D9D2D8FBD6CDE8415669131A93732A919802374E	3225B0033797D19DCEC1F07C30EFDCF89E62397A75457878628FC80B27A92425
Chrome Cache Entry: 99	ASCII text, with very long lines (2616), with no line terminators	D0616DD2EAAD1F89255F66F375AD3D98	85900494C880E4C85B6304477B1849AA244C34FF	720859412A9C8B3049AAFD201ABB103BFF492A739A90425C23666D7F2A9B93FD

There are no high impact signatures.

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.204.76.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.56.6.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 23.56.6.27
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /xxxj HTTP/1.1Host: globalgrimmer.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xxxj/ HTTP/1.1Host: globalgrimmer.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 0bef7y10siuwczdssj39pr-fbx.hop.clickbank.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start?hop=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1 HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/?hop=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1 HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1 HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/fonts.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/bootstrap-reboot.min.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/icons.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/clean.css HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/o-0OIpQlx3QUlC5A4PNr4ARCQ_mu72Bi.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /css/o-0NIpQlx3QUlC5A4PNjOhBVZNyBx2pqPA.woff2 HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /img/bg-wavewhite.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/css/clean.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /img/moon-reading-text-logo.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /js/jstz-1.0.4.min.js HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.moonreading.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/bg-wavewhite.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /img/moon-reading-text-logo.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /_api/timezone.php?timezone=Europe/Berlin HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i
Source: global traffic	HTTP traffic detected: GET /signals/config/2523922164511192?v=2.9.154&r=stable&domain=www.moonreading.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_api/timezone.php?timezone=Europe/Berlin HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger=navigation-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155734435&cv=11&fst=1714155734435&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155734435&cv=11&fst=1714155734435&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155734435&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqYieZhwhfJMdq7A3besK6pwMT0Niihg&random=3721187132&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&rl=&if=false&ts=1714155734545&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155733570&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/moon-icon-16.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/start/1/?source=dragon040&hopId=72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /img/moon-icon-16.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155734435&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Ddragon040%26hopId%3D72ccc26d-dbd7-45a5-84ae-5891ca4cc0c1&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqYieZhwhfJMdq7A3besK6pwMT0Niihg&random=3721187132&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&gjid=466285172&_gid=337683595.1714155737&_u=YEBAAUAAAAAAACAAI~&z=133570130 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&_u=YEBAAUAAAAAAACAAI~&z=317188382 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146859082-1&cid=630221053.1714155737&jid=892447600&_u=YEBAAUAAAAAAACAAI~&z=317188382 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=aries HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /img/white-back.png HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/start/2/?sign=ariesAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.0.1714155737.60.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155749002&cv=11&fst=1714155749002&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: not-navigation-source, trigger, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/white-back.png HTTP/1.1Host: www.moonreading.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155749.48.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155749002&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqNEK4AiQ59PqZMM9cIh8_uqxf27yIUzrMp0ZPfvrLnqIKp3P3&random=501203676&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155749002&cv=11&fst=1714155749002&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&rl=&if=false&ts=1714155749504&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155749144&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155749002&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Daries&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqNEK4AiQ59PqZMM9cIh8_uqxf27yIUzrMp0ZPfvrLnqIKp3P3&random=501203676&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=taurus HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155749.48.0.0
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger=navigation-source, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155758513&cv=11&fst=1714155758513&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155758513&cv=11&fst=1714155758513&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&rl=&if=false&ts=1714155758561&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155758448&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155758513&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqzWsHOLhSVQriZ_5mI_OJrfjqBnIWbPw5uvMZSIJu0MDt_AQ0&random=1733060914&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155758513&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dtaurus&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqzWsHOLhSVQriZ_5mI_OJrfjqBnIWbPw5uvMZSIJu0MDt_AQ0&random=1733060914&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=gemini HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155758.39.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155767945&cv=11&fst=1714155767945&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155767945&cv=11&fst=1714155767945&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155767945&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqTIVdXM9vQ6QaAwBnUb9eUtCrGYtaRBeKdoKN2dUIUzoi6aLA&random=1317763472&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&rl=&if=false&ts=1714155768081&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155767931&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155767945&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dgemini&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqTIVdXM9vQ6QaAwBnUb9eUtCrGYtaRBeKdoKN2dUIUzoi6aLA&random=1317763472&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=cancer HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155768.29.0.0
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger=navigation-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155772736&cv=11&fst=1714155772736&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&rl=&if=false&ts=1714155772792&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155772719&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155772736&cv=11&fst=1714155772736&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155772736&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqOW8fMWLylNgAqPfY1shkOexPoT-1wbi3cHW3_kl5buMCEFqZ&random=381502526&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155772736&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dcancer&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqOW8fMWLylNgAqPfY1shkOexPoT-1wbi3cHW3_kl5buMCEFqZ&random=381502526&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=leo HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155772.25.0.0; _ga=GA1.2.630221053.1714155737
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger, event-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155781702&cv=11&fst=1714155781702&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155781702&cv=11&fst=1714155781702&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&rl=&if=false&ts=1714155781782&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155781689&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155781702&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqMbrkWhNYs2cmY5Wzxa2bgQP1Khe0FtxnGUjvcQrYfdVYTtdZ&random=3797219326&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=virgo HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga=GA1.1.630221053.1714155737; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155781.16.0.0
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155781702&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dleo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqMbrkWhNYs2cmY5Wzxa2bgQP1Khe0FtxnGUjvcQrYfdVYTtdZ&random=3797219326&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source;navigation-source, triggerReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155786721&cv=11&fst=1714155786721&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155786721&cv=11&fst=1714155786721&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&rl=&if=false&ts=1714155786766&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155786705&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155786721&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqDdJfTiANYjvQzvkvxCo4fcWPlml0qDOhg_8I9fvGQVLReDhj&random=521127747&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155786721&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dvirgo&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqDdJfTiANYjvQzvkvxCo4fcWPlml0qDOhg_8I9fvGQVLReDhj&random=521127747&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /start/2/?sign=libra HTTP/1.1Host: www.moonreading.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2bdKwt39nHbcMa; PHPSESSID=c8k1i53c4jds5aj1q9k6j2c50l; moon_id=drag0_bt6u35bplm6i; timezone=Europe%2FBerlin; _gcl_au=1.1.492570948.1714155734; _fbp=fb.1.1714155734542.469568372; _gid=GA1.2.337683595.1714155737; _gat_gtag_UA_146859082_1=1; _ga_H802VRJEV8=GS1.1.1714155737.1.1.1714155786.11.0.0; _ga=GA1.2.630221053.1714155737
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/590897327/?random=1714155795718&cv=11&fst=1714155795718&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /td/rul/590897327?random=1714155795718&cv=11&fst=1714155795718&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUlqvGQ6KO1bKLOeC3vvT-O096BHZ0mNWr5h97HgW0trR9uQzYoClAQMMC_R
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155795718&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq_cgLVyl6KTSBFnAoypB5cRJYLkTmBhaj_Bh2nTFHFvEOAc09&random=3426040040&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://www.moonreading.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&rl=&if=false&ts=1714155795861&sw=1280&sh=1024&ud[external_id]=5b953279082baba2a37d72157a4b0ba9f81ae6b3da4f1771bc9936e70c06a8c4&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714155734542.469568372&ler=empty&cdl=API_unavailable&it=1714155795752&coo=false&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/590897327/?random=1714155795718&cv=11&fst=1714154400000&bg=ffffff&guid=ON&async=1&gtm=45be44o0v895203738za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F2%2F%3Fsign%3Dlibra&hn=www.googleadservices.com&frm=0&tiba=Get%20your%20FREE%20Moon%20Reading!&npa=0&pscdl=noapi&auid=492570948.1714155734&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq_cgLVyl6KTSBFnAoypB5cRJYLkTmBhaj_Bh2nTFHFvEOAc09&random=3426040040&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiWocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_89.2.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(a){var b=new URL(a);b=b.hostname.endsWith(".facebook.com")&&b.pathname=="/signals/iwl.js";if(!b)throw new Error("Disallowed script URL");return a}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=null;e.exports=new h(function(d,e){try{n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}}}catch(a){return}function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=func
Source: chromecache_130.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Qj:function(){e=zb()},sd:function(){d()}}};var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_130.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=iA(a,c,e);M(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return M(122),!0;if(d&&f){for(var m=Jb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},lA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_130.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Xg:d,Vg:e,Wg:f,Ih:g,Jh:h,ye:m,Ab:b},p=D.YT,q=function(){IC(n)};if(p)return p.ready&&p.ready(q),b;var r=D.onYouTubeIframeAPIReady;D.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(LC(w,"iframe_api")\|\|LC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!CC&&JC(x[A],n.ye))return tc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_126.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: return b}yC.J="internal.enableAutoEventOnTimer";var dc=ka(["data-gtm-yt-inspected-"]),AC=["www.youtube.com","www.youtube-nocookie.com"],BC,CC=!1; equals www.youtube.com (Youtube)
Source: chromecache_130.2.dr	String found in binary or memory: var NB=function(a,b,c,d,e){var f=Jz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Jz("fsl","nv.ids",[]):Jz("fsl","ids",[]);if(!g.length)return!0;var h=Fz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if("https://www.facebook.com/tr/"===m)return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!uy(h,vy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: globalgrimmer.com
Source: global traffic	DNS traffic detected: DNS query: 0bef7y10siuwczdssj39pr-fbx.hop.clickbank.net
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.moonreading.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net

Source: unknown

Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_100.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_100.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_93.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_127.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_127.2.dr	String found in binary or memory: https://github.com/necolas/normalize.css/blob/master/LICENSE.md)
Source: chromecache_127.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_100.2.dr	String found in binary or memory: https://google.com
Source: chromecache_100.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_100.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_130.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_130.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_93.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_93.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_98.2.dr, chromecache_96.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_100.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_93.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_109.2.dr, chromecache_123.2.dr, chromecache_94.2.dr, chromecache_114.2.dr, chromecache_99.2.dr, chromecache_118.2.dr, chromecache_120.2.dr, chromecache_106.2.dr	String found in binary or memory: https://www.google.com/pagead/1p-user-list/590897327/?random
Source: chromecache_100.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_126.2.dr, chromecache_130.2.dr, chromecache_98.2.dr, chromecache_96.2.dr, chromecache_100.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_93.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_130.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_130.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.204.76.112:443 -> 192.168.2.4:49744 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@25/84@43/18

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=2024,i,15679915342265595539,6128884579569338529,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://globalgrimmer.com/xxxj"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=2024,i,15679915342265595539,6128884579569338529,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1432299
Product:	CloudBasic
Start time:	20:21:05
Start date:	26.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://globalgrimmer.com/xxxj

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://globalgrimmer.com/xxxj

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://globalgrimmer.com/xxxj