www.halfmoon.com Open in urlscan Pro
2606:4700:20::681a:215 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mv2.cybersemail.com/track.php/98A5AE3B39/fcad56b83967f4b420604097cc8e747a/8
Effective URL:
https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
Submission: On March 24 via api (March 24th 2022, 7:10:21 am UTC) from CH — Scanned from DE

Summary HTTP 108 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 108 HTTP transactions. The main IP is 2606:4700:20::681a:215, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.halfmoon.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2021. Valid for: a year.

This is the only time www.halfmoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.71.232.152 199.71.232.152	47869 (NETROUTIN...) (NETROUTING-AS)
54	2606:4700:20:... 2606:4700:20::681a:215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:211... 2600:9000:211e:6200:6:f816:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.196.223.207 104.196.223.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.7.51 99.86.7.51	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:184c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.7.95 99.86.7.95	16509 (AMAZON-02) (AMAZON-02)
108	24

1 199.71.232.152 (United States) 1 redirects

ASN47869 (NETROUTING-AS, NL)
PTR: mv2.cybersemail.com

mv2.cybersemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700:20::681a:215 (United States)

ASN13335 (CLOUDFLARENET, US)

www.halfmoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211e:6200:6:f816:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

newbooking.azds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.196.223.207 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.223.196.104.bc.googleusercontent.com

visitingmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

9536303.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-51.fra6.r.cloudfront.net

ws.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:184c (United States)

ASN13335 (CLOUDFLARENET, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-95.fra6.r.cloudfront.net

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	halfmoon.com www.halfmoon.com	9 MB
12	gstatic.com www.gstatic.com fonts.gstatic.com	477 KB
8	audioeye.com ws.audioeye.com — Cisco Umbrella Rank: 3613 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3256 analytics.audioeye.com — Cisco Umbrella Rank: 3793	221 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	23 KB
6	azds.com newbooking.azds.com — Cisco Umbrella Rank: 130379	1 MB
4	doubleclick.net 1 redirects 9536303.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	501 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	113 KB
2	visitingmedia.com visitingmedia.com — Cisco Umbrella Rank: 137962	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	159 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	cybersemail.com 1 redirects mv2.cybersemail.com	322 B
108	17

	Domain	Requested by
54	www.halfmoon.com	www.halfmoon.com client
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	wsv3cdn.audioeye.com	ws.audioeye.com wsv3cdn.audioeye.com
6	newbooking.azds.com	www.halfmoon.com newbooking.azds.com
5	www.google.com	www.halfmoon.com www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google-analytics.com	www.googletagmanager.com www.halfmoon.com
2	www.facebook.com	www.halfmoon.com
2	www.google.de	www.halfmoon.com
2	connect.facebook.net	www.halfmoon.com connect.facebook.net
2	9536303.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	visitingmedia.com	www.halfmoon.com visitingmedia.com
2	www.googletagmanager.com	www.halfmoon.com www.googletagmanager.com
1	analytics.audioeye.com	wsv3cdn.audioeye.com
1	ws.audioeye.com	www.halfmoon.com
1	fonts.googleapis.com	www.halfmoon.com
1	adservice.google.de	adservice.google.com
1	code.jquery.com	visitingmedia.com
1	cdnjs.cloudflare.com	www.halfmoon.com
1	adservice.google.com	9536303.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	mv2.cybersemail.com	1 redirects
108	24

This site contains links to these domains. Also see Links.

Domain
www.salamanderresort.com
www.hotelbennett.com
www.innisbrookgolfresort.com
www.facebook.com
twitter.com
www.instagram.com
goo.gl
www.salamanderhotels.com
preferredhotels.com
healthsecurity.sharecare.com
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.azds.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
visitingmedia.com R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-31` - `2022-03-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.audioeye.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-14`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
Frame ID: 315CF6A8D484F2E3F9E9EB595BB56E1C
Requests: 98 HTTP requests in this frame

Frame: https://9536303.fls.doubleclick.net/activityi;dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022
Frame ID: B6E996C429F2FFCCC1ED292CE169198E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022
Frame ID: 610CE34F6AE880A90F3833C6EF4818FD
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022
Frame ID: 1A3E583A0C1C8B6A0FAA7D0E00C92B16
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVfKMaAAAAAKq3Ij5HyLSv5trC-xta99cwfLGV&co=aHR0cHM6Ly93d3cuaGFsZm1vb24uY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=hz0f1425z5m
Frame ID: 95239A6DD8CF2F5DC03B7A1D1E618C07
Requests: 7 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=
Frame ID: 51126152B0027E1C1C6150F89A245B1A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Activities | Half Moon | Jamaica Luxury Hoteltransferclose carousel

Page URL History Show full URLs

http://mv2.cybersemail.com/track.php/98A5AE3B39/fcad56b83967f4b420604097cc8e747a/8 HTTP 302
https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AudioEye (Accessibility) Expand

Overall confidence: 100%
Detected patterns

audioeye\.com/ae\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

108
Requests

100 %
HTTPS

75 %
IPv6

17
Domains

24
Subdomains

24
IPs

4
Countries

11865 kB
Transfer

18782 kB
Size

13
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.salamanderresort.com/
Title: Salamander Resort Middleburg, Virginia

Search URL Search Domain Scan URL

URL: http://www.hotelbennett.com/
Title: Hotel Bennett Charleston, SC

Search URL Search Domain Scan URL

URL: http://www.innisbrookgolfresort.com/
Title: Innisbrook Tampa Bay, FL

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HalfMoonJamaica/

Search URL Search Domain Scan URL

URL: https://twitter.com/halfmoonjamaica

Search URL Search Domain Scan URL

URL: https://www.instagram.com/halfmoonjamaica/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/6EdU5NUNkGTbVyFe8
Title: Rose Hall Montego Bay St. James, Jamaica WI

Search URL Search Domain Scan URL

URL: https://www.salamanderhotels.com/press/half-moon/overview
Title: Press

Search URL Search Domain Scan URL

URL: https://preferredhotels.com/destinations/montego-bay/half-moon-jamaica

Search URL Search Domain Scan URL

URL: https://preferredhotels.com/iprefer/enroll?hotel=MBJHM

Search URL Search Domain Scan URL

URL: https://healthsecurity.sharecare.com/certification/7171-001

Search URL Search Domain Scan URL

URL: http://www.salamanderresort.com/
Title: Salamander ResortMiddleburg, VA

Search URL Search Domain Scan URL

URL: http://www.salamanderhotels.com/
Title: SalamanderHotels.com

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mv2.cybersemail.com/track.php/98A5AE3B39/fcad56b83967f4b420604097cc8e747a/8 HTTP 302
https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://9536303.fls.doubleclick.net/activityi;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022 HTTP 302
https://9536303.fls.doubleclick.net/activityi;dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request overview Show response
www.halfmoon.com/activities/
Redirect Chain

http://mv2.cybersemail.com/track.php/98A5AE3B39/fcad56b83967f4b420604097cc8e747a/8
https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

317 KB
58 KB

1376ms
1206ms

Document
text/html

2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0147ab4c9ebf7cd58e2707908c2e40fd212f3ebfa6220ccc824bfe312f822fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=600
expires: Thu, 24 Mar 2022 07:19:51 GMT
last-modified: Thu, 24 Mar 2022 07:09:51 GMT
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNFnsETHIraABoBLEm5%2F5Irc2mGgIKTrxt%2BVLLBHUJkhNu0ZJI%2F%2BwMqCjoLCax3trndvfRLs8OhG5FPrEE%2Fh9l1oARTNDyswo8Y4RUKJqaI3smimAG0%2FenZmund%2FTsqL1STNlEDcFP4%2BUBv3JKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f0d95e00e540f82-MXP
content-encoding: br

Redirect headers

Date: Thu, 24 Mar 2022 06:53:00 GMT
Server: Apache/2.0.48 (Unix) PHP/4.3.4
X-Powered-By: PHP/4.3.4
Location: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022#family-adventures
Content-Length: 0
Content-Type: text/html; charset=ISO-8859-1

GET
H2 200 fontello.woff2
www.halfmoon.com/css/fontello/font/ 11 KB
12 KB 69ms
57ms Font
font/woff2 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/fontello/font/fontello.woff2?78671574

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

414bb589f166e6710ac14287ac8aa20bfe1dbc0aa48a6aa7481f01d75475144c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51861
content-length: 11744
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8020564251eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Uw7NPHxPs6idXH0W6p%2BM4fNUMeQVoZlais02U69zbmotFlYDfRUIA28TspqtkBxfPZQm1OE5hNxWE7lrcMPWRMx5kCfYVmjurcNx3uTYZGpPMzp%2FwQFUYSyuk1te6zdOdMFdBr5ovlCLghWDTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8cbe10f82-MXP

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 386 KB
96 KB 105ms
64ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TD566NW&l=HDMdataLayer

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab9f1d8457a3acd52a21122015a816b82bc95063849d3519552d79d63b5c97a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97296
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Mar 2022 07:10:11 GMT

GET
H2 200 fontello.css
www.halfmoon.com/css/fontello/css/ 5 KB
2 KB 44ms
32ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/fontello/css/fontello.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440510758d69cbe824dc10eca001dd0e229b80b05fed9af2c03fc5a0d204098a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17635
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0b7ee4251eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nasFMiwjpn2whXHq%2BBSFh5N8AzJ%2BMxZk%2FbjnOXokkEUJX4E%2Fc5fJqSK3zkWyJJNpXOkXgujDf1hG1t8NRhpY3girk1ZHyUOusvyDfLqYB307OjaWbKrNuK7Z5wnbK9Qhbx3Wy3NMdZCuHgyRa%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6f0d95e8cbf30f82-MXP

GET
H2 200 half-moon_arch_eclipse_breakfast-table-still-life-1092.jpg
www.halfmoon.com/images/content/tile/ 93 KB
93 KB 37ms
30ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/half-moon_arch_eclipse_breakfast-table-still-life-1092.jpg?017011289570893995

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e03dc84ac616def6d8f3dceea45f2da3cd74037b5d5826876d0db1d02a4f81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 95001
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Sep 2021 16:50:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "e34fc001babd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FavSJGfVugtKhNLtTr6S87qgkC6Sh8LypzkZwPA6vKUEWFh%2BaF1U02ytwek9yI%2By2QaA8vS%2FifxMZr4YlL%2Bv91DVj2SGY%2BFsEla4x2UlG%2Bzh4ucGR3Hu3PdyTVUpp%2B5Fx7DHIPkuUCatzSx7A%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc030f82-MXP
cf-bgj: h2pri

GET
H2 200 rose-villas.jpg
www.halfmoon.com/images/content/tile/ 746 KB
747 KB 58ms
51ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/rose-villas.jpg?08990193305297032

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe717b85bb71a66129b40b1a8f5a42c4df32f4bf99b394ef4810f186947936a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 763422
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX%2FUnlmNu9baf3fKHIcjUOxCH2%2BxuFR%2FUemwi3hocSOyYUZVQraGUk5p8Ho8jhR8pJrotj%2FOv6ZRmuaFkQTdjmmZvI4fDhTyBJ90lTwIOZBClP4mN5BW9GKIWtzC4TyR5Y%2FdLfsY%2FdlqX%2FZEm3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc120f82-MXP
cf-bgj: h2pri

GET
H2 200 eclipse.jpg
www.halfmoon.com/images/content/tile/ 623 KB
624 KB 59ms
53ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/eclipse.jpg?08307594110197127

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a852a12f836c425dccd9d291e640ebee8f614e6e9985d680efc88d398c51dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 638207
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6GBWtjiNxH3vrWbPztyODAS4VwqJL2GPjZUMyigFmOxw06gcr3Lr0JvwQ%2F5NDqMOAnxcPwEp2xMno6RvfWMfQXctQmrMrklB%2BlRQrsSZbJofgbEkeMuDsuLesjMQ%2FW89vfS48Ox%2F0vHP3%2BL5DY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc140f82-MXP
cf-bgj: h2pri

GET
H2 200 spa.jpg
www.halfmoon.com/images/content/tile/ 176 KB
177 KB 56ms
49ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/spa.jpg?07904104314126421

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2b439626948a7482666daa68ec7e4ea9f759ca79161eb286c3f7772fb30571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 180383
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1aAXkwge9EulMgQ4FbCSgooDxn7YhXlTG5PqJfrGorkQBLpJAyZEP68uoW8QjReFPp5S%2FdexiJkjWTX7EifBovtz5bBJjitXDnrHrPolXo7nAe4a4SA6dmY06KKSgCtywwcrE5iJK4wikvV2Y4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc150f82-MXP
cf-bgj: h2pri

GET
H2 200 HM-Family-Bikes-800x800.jpg
www.halfmoon.com/images/content/tile/ 156 KB
157 KB 57ms
51ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/HM-Family-Bikes-800x800.jpg?09397580375023646

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4bb5c6add55df86dba1c70cf4ac8dda6918e9857a7cf517af0ecc5daded4e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 159539
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Feb 2022 20:40:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b4a7c639ac22d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZjcvwudPcHxZH0So7kZk0el5CX2NhY40%2Fj1C2o63m2MKxs99%2FlyQfhw%2F%2FAPQ%2BjyoWFpilY0CVahrWB1%2BoH19NS%2BB9RtA7Knr4C%2BidVnt90jbD%2BIXX2jF5HCVKnKiAq1WlvzOtjC8AScbsepWVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc170f82-MXP
cf-bgj: h2pri

GET
H2 200 activities-001.jpg
www.halfmoon.com/images/content/tile/ 874 KB
875 KB 58ms
52ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-001.jpg?09039461942996183

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60fa16cd2fcf7d9bda3a7d8cb1c9f896c687bfb0b52c053120febaeb9cf6efcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 894541
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elu1qXEzCZKT6xrvPyQNS5VIK4BYApAu20Y7lFUuJdZ8PLQ3%2FRo4kVpa0decFom7bkqLRqGTCwaTzI2mZtT0XbpVh2fl8qGhgCfSPg7OLhdbLvpp0h8ZSSMH9Z1KqejHNNegnGKpY1UDfebxUFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc190f82-MXP
cf-bgj: h2pri

GET
H2 200 dining-sugar-mill.jpg
www.halfmoon.com/images/content/tile/ 625 KB
626 KB 58ms
52ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/dining-sugar-mill.jpg?013378307052059413

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46145801088a8c1eb1dbe347313a4ef70f8342d8a86e14f820c0b9f96e2a8bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 640344
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BycT7rsGqBA1ztmJ3TcjRSWNzVOWwKz1Jg9CosvJPYShlD7j2B3Xfz8RebF8M2tpqSz1zhGxIYljfevME2V2Srn3DFB%2FII%2BTY9RXUiKXIXOw%2Bi1Fx6Zg3cD24AOoii%2FdKs%2FHq9UYIYK0sSRWI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc1a0f82-MXP
cf-bgj: h2pri

GET
H2 200 JRidyard01-800.jpg
www.halfmoon.com/images/content/tile/ 201 KB
202 KB 55ms
50ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/JRidyard01-800.jpg?04101038859805397

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee94be67b0d3cce9d60ea8df8d1b7939e749595045028754cc64d86d63a6fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 206099
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 15:53:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d96644e5cb1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFJYNK7tSiDgGojoirUeNKF2Cx7cgweSkMtQUXvRdtpk7t2rBSv4eOwPPsPeWS1oIj%2FImQgAYA9FyKV2pNjd1lxldlJUKIrJ%2FzV0J97oEQZ1HS3FIIcb0OU56Z0qFni9n64OzMGzB4HaRzje%2FmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8dc1c0f82-MXP
cf-bgj: h2pri

GET
H2 200 activity_golf_hole07.jpg
www.halfmoon.com/images/content/tile/ 138 KB
138 KB 58ms
53ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activity_golf_hole07.jpg?03298182892611974

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eadcb4cc11ef667c7433a1c9ca01f06df8f2ab86414b4f2a81a65d82f7918e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 141233
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u8nVTmj%2F6Q8IPKcw4I5NCJj3ZFJa4XoPzExdx6F4ndMA6jShoH3LwCpE%2FvIGkQdrZETuV7d8lOzE2l4vaJpnJIzCVWFM6B4SfGO%2BJJLLxIRK7mUyu%2BsRUTmWgg3NlQhycjsqDEdSp%2BPATfkMK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8ec260f82-MXP
cf-bgj: h2pri

GET
H2 200 spa.jpg
www.halfmoon.com/images/content/tile/ 176 KB
177 KB 58ms
52ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/spa.jpg?06889207918136582

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2b439626948a7482666daa68ec7e4ea9f759ca79161eb286c3f7772fb30571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 180383
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahnjQc7YdkLfAI4XgQFi2xxamPCXMiZos9FD96PKsRcI4mL%2BavKde65JNo9RYDlXl2gWrqVZagiesx3t8%2FSz7YB788aGu9phE6H8BzQ9Suppiwl7TLhSh59wt%2BaNV%2Fln5dRCki7H3t9Dw0Z0o9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8ec270f82-MXP
cf-bgj: h2pri

GET
H2 200 meetings-callout.jpg
www.halfmoon.com/images/content/tile/ 155 KB
155 KB 57ms
51ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/meetings-callout.jpg?007678948770793093

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57dfb5bdb817231a2e0a50db83485e01bdbe1dc9387e605a77ff8bf31ab40599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 158613
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Y4JMQXOEt%2FCmBgRA7zmyk8C%2BQn8HxOVeI0LkTxlT131iDzE9L2z6T1cY2D1tpZnen10x0MdD4kurDzdwJ24orRj4NLRxV7TYDJLa54u1Ecr5a1w78rq9nvGOQrabNHnp4K%2FPpvezIit3ia2%2Bjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8ec280f82-MXP
cf-bgj: h2pri

GET
H2 200 wedding-special.jpg
www.halfmoon.com/images/content/tile/ 135 KB
135 KB 58ms
52ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/wedding-special.jpg?08028238083067405

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b845025a8fbc2f294b7c6208c1395cddcaf5bbdf78eae6ee8d2062854c72927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 137826
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FhdMI0vKGHftpVy486yrn9ogOBErdmONbDm%2FjcXgQ%2FXNpIEAhqNwE2BmqPGWNymcsJ5T9B3UoAWHOYy143i36XQk2zF%2BnIpe2jWRTjSxpd0jH%2B5E5rsGQ%2BmYn4%2B6qrhLeywH4YcqyU2MtkI%2FnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e8ec290f82-MXP
cf-bgj: h2pri

GET
H2 200 styles
newbooking.azds.com/api/hotel/half-moon/ 8 KB
2 KB 70ms
4ms Stylesheet
text/css 2600:9000:211e:6200:6:f816:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newbooking.azds.com/api/hotel/half-moon/styles

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:6200:6:f816:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

3cc9395fd69a99a468a16f708cc66107efd68f88540865252df8fed4689ddc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:15:57 GMT
x-correlation-id: 8db494d6-4d44-45ea-b644-262da07d78c9
x-content-type-options: nosniff
age: 424454
x-cache: Hit from cloudfront
x-host: 421d9597776b
x-custom-cors: on
content-encoding: gzip
x-xss-protection: 1; mode=block
server: nginx/1.11.10
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=UTF-8
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: no-cache, private
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: CC6YH10LbOX6P3WnpWCATMNIwTdm6DPT31hCuPiQypThEkCxygjihw==

GET
H2 200 popup.js Show response
visitingmedia.com/tt8/embed/ 4 KB
1 KB 557ms
202ms Script
application/javascript 104.196.223.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://visitingmedia.com/tt8/embed/popup.js
Requested by: Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.223.207 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.223.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae9f201b84f424051bbb1adef5909ba018b7ca1aeca252c9c0c66117ae3e79dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: br
last-modified: Mon, 13 Jan 2020 23:58:23 GMT
server: nginx
etag: W/"5e1d041f-107e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 caret-white.png
www.halfmoon.com/images/content/pages/icons/ 178 B
546 B 34ms
34ms Image
image/png 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/pages/icons/caret-white.png

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e532d3d6ce8b38747b290b43e62720457869853453088af37815fa20c4aacff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17635
content-length: 178
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:09:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0d0806551eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdgxcIFlfdqMvLRzQbVhT8gPezPOfUQXc629fiGDZGIZ%2B9ACzm4Mb%2BuIKhUf1RYgSkCwy%2Fmat7w4d2Z4CMr3h4RLRKmOLhq7CfX3DJMch5f1dQgk7D0qT7MoA6ozDVJEJjMQkcEJhZj1pR8ytfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e95ccd0f82-MXP

GET
H2 200 audio-off.png
www.halfmoon.com/images/layout/icons/ 1 KB
1 KB 32ms
31ms Image
image/png 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/layout/icons/audio-off.png

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5062a49c16a303085516a530f5cdd11bd7b674d6b8871f6ce898f0c048695977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51857
content-length: 1059
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 17:15:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "43a5e67ca0f2d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkqYI7up5uQAfP1%2BSXhC6p2BmzxmkcpeY3jRW1cqHdfMQJ1EHGK0NQcMel81Ygr7MK7%2FCwP1RuiO7qAzXB9cMnz0a3hmb6YwhHw7qBBZMdLPjdetZc9JjHOlhr1xo92xSgmzdO7HctFT3cVy%2F2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e95cce0f82-MXP

GET
H2 200 fontello.woff2
www.halfmoon.com/css/fontello/font/ 11 KB
12 KB 32ms
31ms Font
font/woff2 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/fontello/font/fontello.woff2?65857982

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/css/fontello/css/fontello.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

414bb589f166e6710ac14287ac8aa20bfe1dbc0aa48a6aa7481f01d75475144c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.halfmoon.com/css/fontello/css/fontello.css
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51857
content-length: 11744
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8020564251eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLQQBxwiorYPYFxseA%2Ft1AQPhKaWWjyHAba6aKUuFqp3%2FU%2Fwg%2BWSkLZh66HAdOfKShlhgC%2B6G9pN8aEZhjp%2BN0dovAwDIG1G6o7vx4ScJ73U3%2BTY5EaWfl%2FmQJz7LNtcqtppt26RgOTkBj39EQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95e95ccf0f82-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E32LX9Z5E2&l=HDMdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD566NW&l=HDMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10fcee19a7557d861150e82a8eeb93c517edbaf4b24137d753341c0a69eb7a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64680
x-xss-protection: 0
expires: Thu, 24 Mar 2022 07:10:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD566NW&l=HDMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5721
date: Thu, 24 Mar 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 07:34:50 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 60ms
23ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD566NW&l=HDMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 07:10:11 GMT

GET
H3

200

activityi;dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefi... Show response
9536303.fls.doubleclick.net/ Frame B6E9
Redirect Chain

https://9536303.fls.doubleclick.net/activityi;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=unde...
https://9536303.fls.doubleclick.net/activityi;dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Fover...

655 B
497 B

36ms
18ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9536303.fls.doubleclick.net/activityi;dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD566NW&l=HDMdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

d21af859c496b67ecbedbdbabf6d8e77e89e72ffeaff4e4ee7e4f0833b2ee33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Mar 2022 07:10:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 472
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Mar 2022 07:10:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9536303.fls.doubleclick.net/activityi;dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: 6SQWHYR4OFHwHRbuu9simN8C3DCIk1ExZsFQxLh7EPuY8W998uynh99/4qmDHqg8yQZqQclO4u6M+T1wjIJCQQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 24 Mar 2022 07:10:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loading.gif
www.halfmoon.com/images/ 771 B
1 KB 31ms
30ms Image
image/gif 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/loading.gif

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51861
content-length: 771
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:09:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0d0806551eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bi6g0Sjlbft4Sv%2Bzea2I4%2FlkXSingnCgPhJYb%2Fr0T3LCU8FId1WlxP%2BKCGNdlcQTTwwTs5pruIRIY%2BkWTlqSLviPgJS4tFoyk7HEUPHq%2BkkCrI248J1r9D8eA4hOnruEkmBPB0XDerowr7yRCjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95eb98000f82-MXP

GET
H2 200 email-decode.min.js Show response
www.halfmoon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 14:13:59 GMT
server: cloudflare
etag: W/"62388827-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xy%2BVkk%2Fxi8henKJAEkdhpp7%2Fh0%2FY6JfOfl0KG%2FbsQ7iT2F7D9PF8rRbkshCMzwWMEiza4LrxpdwLsqdlxd39os7FAfxiNbRuVOr4YES%2FExITeZitlSGx9aSLseSZV%2BsEJr05LJ7GKuJzxnDUI%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0d95eb98020f82-MXP
vary: Accept-Encoding
expires: Sat, 26 Mar 2022 07:10:11 GMT

GET
H2 200 js_client_bundle.js Show response
www.halfmoon.com/js/ 393 KB
107 KB 48ms
44ms Script
text/javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ca40d6d73d5ebdb3fb4af9470737047cdad6f3303f28fff5cbdc6bebb52b4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 51860
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 16:45:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gI3uwq2ouT3hSVQALeq0gJIFWCnGvts1q3GcOZ10nbWwws5MezPuJc9j3OI7eXOuZW6AQybZ7x8ssLyawflKpf7W6WxZt8Ts2ocGdHYN2I9PUhl%2BfBIa9Gtjk%2BUa7tRICBpjjNodGtm3fc6LRSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6f0d95eb98080f82-MXP
expires: Thu, 23 Mar 2023 16:45:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721081549/ 2 KB
2 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721081549/?random=1648105812242&cv=9&fst=1648105812242&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022&tiba=Activities%20%7C%20Half%20Moon%20%7C%20Jamaica%20Luxury%20Hotel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf52d661241800a5932063e3ce01c02378ac2c3e801d469a570e81a4394f0296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 66ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19793638-1&cid=1468091987.1648105812&jid=2038583838&gjid=1614125292&_gid=492031225.1648105812&_u=YGBAiAABBAAAAE~&z=1128991925

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.halfmoon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Mar 2022 07:10:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.halfmoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
8ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1865318219&t=pageview&_s=1&dl=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022&ul=en-us&de=UTF-8&dt=Activities%20%7C%20Half%20Moon%20%7C%20Jamaica%20Luxury%20Hotel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABB~&jid=2038583838&gjid=1614125292&cid=1468091987.1648105812&tid=UA-19793638-1&_gid=492031225.1648105812&gtm=2wg3e0TD566NW&z=1366646175

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 13:01:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65335
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2407323886204618 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 71ms
60ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2407323886204618?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66437f5bb97cf3fe071e244abd91be50764ed35aa27d1619e87ec5c4bbfb8b0b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: z0MPqIcxhSDeNbdzT1LZ/B07a2rhHDGeHYX/vTQNZslNuzKlC5nuJu9VVErW+PnspY+yJxWadixunuvbfsQHyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 24 Mar 2022 07:10:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-E32LX9Z5E2&gtm=2oe3e0&_p=1865318219&sr=1600x1200&ul=en-us&cid=1468091987.1648105812&_s=1&dl=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022&dt=Activities%20%7C%20Half%20Moon%20%7C%20Jamaica%20Luxury%20Hotel&sid=1648105812&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E32LX9Z5E2&l=HDMdataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:10:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.halfmoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=und... Show response
adservice.google.com/ddm/fls/i/ Frame 610C 654 B
941 B 80ms
44ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022

Requested by

Host: 9536303.fls.doubleclick.net
URL: https://9536303.fls.doubleclick.net/activityi;dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc90dfb3fc3e2bc870cd2de2937468a14fe82f6a20c4d6ca07705c5bba4c0569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9536303.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Mar 2022 07:10:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 472
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.google.com/pagead/1p-user-list/721081549/ 42 B
154 B 45ms
22ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721081549/?random=1648105812242&cv=9&fst=1648105200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022&tiba=Activities%20%7C%20Half%20Moon%20%7C%20Jamaica%20Luxury%20Hotel&async=1&fmt=3&is_vtc=1&random=2780326810&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/721081549/ 42 B
154 B 45ms
23ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/721081549/?random=1648105812242&cv=9&fst=1648105200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022&tiba=Activities%20%7C%20Half%20Moon%20%7C%20Jamaica%20Luxury%20Hotel&async=1&fmt=3&is_vtc=1&random=2780326810&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 28ms
21ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19793638-1&cid=1468091987.1648105812&jid=2038583838&_u=YGBAiAABBAAAAE~&z=1108905410

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 26ms
19ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19793638-1&cid=1468091987.1648105812&jid=2038583838&_u=YGBAiAABBAAAAE~&z=1108905410

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:10:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 48ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 556371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FgXX%2FzAvm25ECK94AkYRFaV7%2Bxh%2BZTmtLLHVAMH3wKs4PS43iXvXzDx2CLtCxItiYY7hcZcHfPPywkn8El%2BJvP0H8HnJAoItbqkucYkwSD%2FobVXwanRGxQBXHZs6lSBWOoawvab91zJAi3Rgo%2Bw38cX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f0d95ecda890204-ZRH
expires: Tue, 14 Mar 2023 07:10:11 GMT

GET
H2 200 activities-hero.jpg
www.halfmoon.com/images/hero/partial/ 327 KB
327 KB 36ms
35ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/hero/partial/activities-hero.jpg

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6269c938005688eece15020c0ecfacf889e1e3b7e678d0cfd2112a7a5138c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16335
content-length: 334395
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 22:25:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0fab1ee85eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwF29Sdlkmwyp3dnhOToouR6QR7h96W3BYpjZnzlKUre9S2lcSYmWVDoMOhm5TW7ycwsS6NG%2BWu5BAiHM3qKeXqnEXI2%2BhTqnIAXstEXouC2MJnovgZMlhD9lpixggwVDDJp2iBUkFHSBqu73KM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95ecea550f82-MXP
cf-bgj: h2pri

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 47ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: visitingmedia.com
URL: https://visitingmedia.com/tt8/embed/popup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://www.halfmoon.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1648105812.dop126.fr8.t,1648105812.cds052.fr8.hn,1648105812.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 jquery.ba-hashchange.min.js Show response
www.halfmoon.com/js/vendors/site/ 2 KB
1 KB 36ms
35ms Script
application/x-javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/js/vendors/site/jquery.ba-hashchange.min.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a86f73a4968e8df219a6c1f63f4f362beec8e468f0ac44bdd36203146d7ff5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51855
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:10:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"806ec89551eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGBYvuOq4A1%2FvtX%2BpmFydSYNjTLJElEOY%2B%2FvbQVRLT16fMWZD19j8hH7waGt3iqafERR6x97FHnJwEKaskLe%2B0ckbVXFiN3h8yix7wuKN%2BtbWNmiMZ2odJ0tXR%2FplLiHxE9qBvQEm%2BmUVxFfnm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6f0d95ed0a7c0f82-MXP

GET
H2 200 webfontloader.js Show response
www.halfmoon.com/js/vendors/site/ 12 KB
5 KB 45ms
44ms Script
application/x-javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/js/vendors/site/webfontloader.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be52e44aa1e93d142d6d9c4adbd9e6bb02906f80bc7add85058571c63723319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51855
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:10:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"806ec89551eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuEOXkX06AnJNNbP%2B97WSzLqKCehsanrUhmeY6Q%2FtYQga4j%2Bsh6ZyTl5Bui5KhyclJNEOF0ChJvZEYaABKbeBgwwclFwDlS6QZ9fOJUAzN%2FaafUj0xBkJ3gsKLgn20%2BUfeA2t4YM4dqIQYJJnJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6f0d95ed0a7e0f82-MXP

GET
H2 200 intersection-observer.js Show response
www.halfmoon.com/js/ 22 KB
7 KB 44ms
43ms Script
application/x-javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/js/intersection-observer.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8680da0adfcd426795f9a320117419621828e5e7c998deb3c25b76214786af60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17635
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:10:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"05619651eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y36KVBw0I5F3h6suWshcJPEVhXhPEhk%2BMBw28Y6MAIIeCySuwFmBCQXubicSVUDPsyoR14OwVp0%2BoaXkFxvrjE1K%2FXwXYt3NNI1SzdBYkKUdmT8QxTTD%2F%2F5jH6mkKWO2bih2g4i6cR5rpYOs1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6f0d95ed0a810f82-MXP

GET
H2 200 scrollreveal.js Show response
www.halfmoon.com/js/bundle/site/ 10 KB
4 KB 36ms
36ms Script
application/x-javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/js/bundle/site/scrollreveal.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b9f04a694e6568ab1b52573a9a67cff12b9eece4b91d73efca239a83b3f4507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17635
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:10:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"806ec89551eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nz7%2BbTEmV9cuusnDcnPpX1l2TIaNXANTmzi0NuqR5iHVd%2F6IxJgbADB%2BVqFm8PD3c0lYCOPUYscRVOfuFhFevfYYvhWd5O2b1fdnBFmqZPuhwoFhMELCZt89FZncB38QHHHg9%2BuWvsk%2F2mZkI3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6f0d95ed0a840f82-MXP

GET
H2 200 gridder.js Show response
www.halfmoon.com/js/bundle/site/ 9 KB
3 KB 36ms
35ms Script
application/x-javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/js/bundle/site/gridder.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1d47b847691922a81a7cc8c91af501050e0ece16bbf05839fff0476cdad1a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51856
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:10:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"806ec89551eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8kxvVm8sNAM2Jv5I0C1oyJllDFzYHuoRA%2FMJq319smrcGfOHKq0lFBuYqwshit0lxCSVIhzruvYzxEw%2FtyBh7rCjHGdJIBd5ofoOzGMULu883%2FKYf6B6I2bTYQpwK9R3RPe71wCHxdprHY4ocs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6f0d95ed0a860f82-MXP

GET
H2 200 inline.bundle.js Show response
newbooking.azds.com/ 3 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:211e:6200:6:f816:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newbooking.azds.com/inline.bundle.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:6200:6:f816:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

f57b96ba26242313a6ab74d37cf4ecf60f380b25e94fadc3bde3ad5a22c99c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 19 Mar 2022 09:02:20 GMT
server: nginx/1.11.10
age: 424472
etag: W/"62359c1c-caa"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: uJolHfGHh4SKeKPCmj-Xpz9ghqUgaZ9DpMkAf5YQslK-9IBSeHd5XQ==
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui.min.js Show response
www.halfmoon.com/js/vendors/site/ 248 KB
68 KB 42ms
40ms Script
application/x-javascript 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/js/vendors/site/jquery-ui.min.js

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17635
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:10:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"806ec89551eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBkdcqUthmjFWvYb431HNBM2TH03%2FQCcNPlczYhVu8o%2BVXezI1nO2Tpa4k%2B8OekfQ5E7OEbUROAXI76Wwfc87ckrzTVakMHsheDQXV1GQ7O7Mftdua%2B%2BdZ3mnM%2FwW1bfh0MGOGQ8EKrOVnOLhqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6f0d95ed0a930f82-MXP

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 884 B
607 B 40ms
22ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeVfKMaAAAAAKq3Ij5HyLSv5trC-xta99cwfLGV

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/js_client_bundle.js?v=HjZqYGewu_pMeYGtXkyBaEWC7dGxt9LIm-yhStoSPY01

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3dbf48f9341b47b6a59a55b03d96f43b1e20d9ac16627d88e3e60a2c7de17337

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 07:10:12 GMT

GET
H2 200 after.css
www.halfmoon.com/css/ 64 KB
8 KB 40ms
34ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/after.css?v=aMlpY1J1QvwpntF5YgQ3005jTENg-GYYR5RXfvVagJQ1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f1227ed37f31943cb6d13281c376af009c32a209268067f29bcdf671ddf8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 51856
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 16:45:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucfD%2BF%2BEysJJO%2BwVlwf4xHi2ZrbhUuH%2FSSyO%2F9Foanqx%2B%2BPaZF12yXoAd5tlhJFR8Z%2F8J3c%2B5eY0JSdW4%2Fo97reczLkVuuHEWJrHvrZpi19CXBzLl1y9rohpqtK9pYXVdcwkJypOSTpp0zhpLXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6f0d95ed1aa70f82-MXP
expires: Thu, 23 Mar 2023 16:45:39 GMT

GET
H2 200 jquery-ui.min.css
www.halfmoon.com/css/custom-theme/ 30 KB
8 KB 43ms
38ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/custom-theme/jquery-ui.min.css

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af9327bd949eb7b8f898c2ef4d94a6c95bae78fc9fd4d26a2a20e21d72d2d1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51856
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0b7ee4251eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBgDoRHbm6TrZYPnH8LUs%2BGmJtODZrz9SgIagqa1Gjymn%2Bb8wbhnygGzpC3r5xVkCmsK0rKiPsEGjFqK0JI4Cnj%2Fy51SilfTPzUF83nfbIsQ7vzVz7s6fQTTE%2BUTkV2C%2FhZknNqn60FsZ3Nq4E4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6f0d95ed1ab80f82-MXP

GET
H2 200 index_after.css
www.halfmoon.com/css/auto-bundles/pages/interior/ 13 KB
3 KB 956ms
952ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/auto-bundles/pages/interior/index_after.css?v=nmd7sdb-6swd68vfh6bqswxk4_jnrvjmbhb4wcd-l1i1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbdc29c5b6d0e1dd13d4651dd431fc8210d27407c85796e3686053c877884909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 06:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNh3PyrvfHFHp51w3LaLuOd5dVQpaEtITID6KP6i6pS9Y6fBgeXPvJSA7F8XcPLvA98%2BSzZzd%2BL7sCh5yhwSTJwXsujKThlHlUCfqV52isHgWrn2e%2FqwazA9Mvez0zMyXDAcK7jhBUWXSbOJ1AQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed1abc0f82-MXP
expires: -1

GET
H2 200 category_grid.css
www.halfmoon.com/css/auto-bundles/pages/interior/ 4 KB
1 KB 968ms
964ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/auto-bundles/pages/interior/category_grid.css?v=gynhi8l-72xbcutwem5kmoefteubginyezkk3c5dxuc1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b68983ea7a3432edb08d0ad608fc0ea814cefe377b7096c6f819d14ac32abe1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 06:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYk1ZFBq7w8b9pZIUKEDswtoInvyQJt9qXSuXAyivg2SGzdEa7jCe7BuVziOebWWyECwtvKRnzWO8KqMuQ%2BT9lX8lJbTWfvCzrg7cpqLl%2BuVqnD4RvTOZwKe4AFUN4Gwv7sgxumygqNKxaWXL04%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed2ac10f82-MXP
expires: -1

GET
H2 200 grid-expand.css
www.halfmoon.com/css/auto-bundles/pages/interior/ 7 KB
2 KB 928ms
923ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/auto-bundles/pages/interior/grid-expand.css?v=t8kjgz9ihe5kdsk6y-iahl5cxnctubyv4v5rlggsask1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44fa63bf862077a332caecc99cc1a2bc8d62eb519ac11c28aae7811fc9764d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 02:37:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVo80QOOUZEXpcqaTkiNBusAjniTYEZpmeQRrwUL2DWCHJiMP4l2LTBoNZmB6IjQSVos3LRHq0f%2B78eoyk9Ca4I%2B6qOomay4pkQB%2FuhHZ596W6vaCbKFGsPO%2Fb9fC9j0jFLCuFY%2FlcdtAgGN6xw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed2ac20f82-MXP
expires: -1

GET
H2 200 footer_after.css
www.halfmoon.com/components/footer/css/ 6 KB
2 KB 961ms
957ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/components/footer/css/footer_after.css?v=hoskhzdmvwrbn1ro6fgiy73dzld5qflul7jn5ozcm6q1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051d76a1b4b7839d3d07f3f981a5c058515f96d8e5dd9847febefb73c369d83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 06:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xHQ8TIDFhmwB9GptIB4vqGvkACzKpPyJb7A7uqtsATFuGsmAsKLEeaiw4XvairYVE1XiCIt4LeBAbaDofvOBnjhI9T84kPVWkBLskUjuIPPBPwSGifhmhVDRE468CWaXy7tCo856dsUEekqGaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed2ac30f82-MXP
expires: -1

GET
H2 200 eclub_after.css
www.halfmoon.com/components/forms/eclub/css/ 1 KB
578 B 1032ms
1028ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/components/forms/eclub/css/eclub_after.css?v=cyibhkkr-j20fxrqdzarsnrw7texwnf2m8herl46u4u1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade618d03acc91f678f87842b7fc2de7b6cf6ed3445a1f6f07662aa8e1833e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 06:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoXVjJAG4jOYj4sUl%2FoTPY6dfD41jRkh%2BhgZGdR3HdlJd2zyDEjxWJM%2Bz3OOb2W6aQV21amxpBpgOyZWjQ6DKFWe42Z76A%2BKFNuDn4dqs1rm2XUsg9F0ujTgvQ4Z0WNtQfT4gY91hCbEDJU9%2Fkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed2ac60f82-MXP
expires: -1

GET
H2 200 spa_after.css
www.halfmoon.com/components/forms/spa/css/ 1 KB
617 B 966ms
964ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/components/forms/spa/css/spa_after.css?v=ri4y6gw3pntddfofz6ojlgcybdk8wr81xfsuzybc0io1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9aa44836e01eb2c58892c95625aae47b42c34142152a76e7f5316e6997e4719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 06:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8NSgfgRCIBPxo9vsJ9qR%2Frk2Fenue0E3Qy1MqKLdiZRoy41AFUNOpMWW2fzt7kwrqv7z7TkAsXECeBR4GW2SaK8MiLyNNOeWtxNAzLnqUIpkD9nPlqtQQgJ6lY2CCKMxFLCOusQrErmv05J5A8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed2aca0f82-MXP
expires: -1

GET
H2 200 gift_registry_after.css
www.halfmoon.com/components/forms/gift_registry/css/ 123 B
399 B 937ms
936ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/components/forms/gift_registry/css/gift_registry_after.css?v=sq7pms4csrfce7by-u9rwyfz9-jyb0g9ifjwlwaxvhm1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8673e0b3b16f1203b0c6a1f9faad2bd6a1b0ba22e3edd1d5e9793c872918d25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 06:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCnCq5db6k7zuDYQJZEBhlyOudAi7wsyKniDPjaPqbsMhjP5tkgTeBtV5A2IQnOtP67agyrFYu3w4Yiom8e8tiBpCF367RWg5OXPvTi7DyzK0iYTDSMa5mA%2Bv7%2Bqqz4gKxOicZCOgtnwSRoe6eY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed2acd0f82-MXP
expires: -1

GET
H2 200 booking_after.css
www.halfmoon.com/components/booking/css/ 3 KB
1 KB 1126ms
1125ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/components/booking/css/booking_after.css?v=doxhdbul3peiotsgliymwc6gbjpzo8vvgg-poa0enku1

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3bc3138cf14309975c2bf5cec4339e8dddd5855e81f40894800d02db82a0b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 06:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CvlPMNygPKQVyNpAP%2FsWmL88M9uaZjmSU%2FRKKird%2FKR43wUp4G0%2BuLJQfhfQ57DDj8Q0aDRLxfGzDSIdjtEhvIlxt%2FwS1QLfubW8IiM3CfiAUX5LC8%2B7U%2FJGRKX%2BK%2FM3EB%2FtPCCgqprwU40Hqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 6f0d95ed2ace0f82-MXP
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 24ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2407323886204618&ev=PageView&dl=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022%23family-adventures&rl=&if=false&ts=1648105812509&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648105812507.1371280203&it=1648105812278&coo=false&exp=p0&rqm=GET

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 24 Mar 2022 07:10:12 GMT

GET
H2 200 animation.css
www.halfmoon.com/css/fontello/css/ 2 KB
513 B 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/fontello/css/animation.css

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/css/after.css?v=aMlpY1J1QvwpntF5YgQ3005jTENg-GYYR5RXfvVagJQ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5693d3fc7e182e6415edeaf606b8d0ba0d8a6de5d3a94b64b74cf059abd211fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/css/after.css?v=aMlpY1J1QvwpntF5YgQ3005jTENg-GYYR5RXfvVagJQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51855
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0b7ee4251eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvedD6WKBhaf8s%2BkeuYUw8WO95%2FDs9TiBG7hw3zkHYRlB0K7hfCVbrGH9veJBOXbTaLTL1vL6TD8nX5ojmSURB1NM5pwXh%2BeKlkSjQaH556ubDOskIgRUJLkwWO%2Fn5xaoJMnWmBUDAAOgpT%2B%2B0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6f0d95ed8b9d0f82-MXP

GET
H2 200 style.css
www.halfmoon.com/css/icomoon/ 859 B
730 B 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/icomoon/style.css

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/css/after.css?v=aMlpY1J1QvwpntF5YgQ3005jTENg-GYYR5RXfvVagJQ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

383d424e1676b09a68235666d41d29035707082c385a9973c3a70886160cdabd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/css/after.css?v=aMlpY1J1QvwpntF5YgQ3005jTENg-GYYR5RXfvVagJQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51854
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Aug 2020 18:55:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0e3a849c87fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZYe8kuoTfi4i5yyzhI6kh%2FRhoZ%2BsCVVez0WH8KmAAdhqjck3S8YGUyoZPLh1NiNrS98aJ7SeJRrRdKIcNK9WYfjAjdKUGBYutSUD%2BhO3uIJxdXsqZ68Rrz2yXYyML3HuZP2u4N%2B%2FuKd0%2F2NB10%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6f0d95ed8b9e0f82-MXP

GET
H2 200 dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=und... Show response
adservice.google.de/ddm/fls/i/ Frame 1A3E 194 B
870 B 67ms
44ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK7G2suY3vYCFUWvUQod1xEMsw;src=9536303;type=usrtrk;cat=audtrk;ord=6248613191982;gtm=2wg3e0;auiddc=1059237061.1648105812;u22=%2Factivities%2Foverview;u23=www.halfmoon.com;u20=undefined;u9=undefined;~oref=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Mar 2022 07:10:12 GMT
expires: Thu, 24 Mar 2022 07:10:12 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700%7CLibre+Baskerville:400,700

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/js/vendors/site/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98199a0576079a88bcdb636285e74f96b853fe6d312e8912d338d8dccb87a75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 07:09:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 07:10:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 07:10:12 GMT

GET
H2 200 polyfills.bundle.17fa166bf36.js Show response
newbooking.azds.com/ 533 B
1 KB 6ms
6ms Script
application/javascript 2600:9000:211e:6200:6:f816:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newbooking.azds.com/polyfills.bundle.17fa166bf36.js

Requested by

Host: newbooking.azds.com
URL: https://newbooking.azds.com/inline.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:6200:6:f816:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

d05aa43ec8a4119e839d06c53249a096ae8b0effb4242b394fe5d23881eb168e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:15:39 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 424473
x-cache: Hit from cloudfront
content-length: 533
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 09:02:20 GMT
server: nginx/1.11.10
etag: "62359c1c-215"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v_AgS7eRsBHdf973wg7RTI-MYtKJ0e5ojjmX5KEKGS5gJWyCM0fEeg==
expires: Mon, 18 Apr 2022 09:15:39 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 360 KB
143 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeVfKMaAAAAAKq3Ij5HyLSv5trC-xta99cwfLGV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halfmoon.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 06:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 06:59:53 GMT

GET
H2 200 embed-popup.2d9f7.css
visitingmedia.com/tt8/embed/css/ 4 KB
1 KB 107ms
107ms Stylesheet
text/css 104.196.223.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://visitingmedia.com/tt8/embed/css/embed-popup.2d9f7.css
Requested by: Host: visitingmedia.com
URL: https://visitingmedia.com/tt8/embed/popup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.223.207 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.223.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4759ab578ed6fe173ae5ce3dade04a2ca1ae7b3460496fd068ed64931649fe22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: br
last-modified: Mon, 13 Jan 2020 23:58:23 GMT
server: nginx
etag: W/"5e1d041f-ee0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 vendor.bundle.17fa166bf36.js Show response
newbooking.azds.com/ 4 MB
1 MB 6ms
6ms Script
application/javascript 2600:9000:211e:6200:6:f816:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newbooking.azds.com/vendor.bundle.17fa166bf36.js

Requested by

Host: newbooking.azds.com
URL: https://newbooking.azds.com/inline.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:6200:6:f816:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

8acb8c7b1d7f3e06f9fd20482b4ebd8dc702823a514ce4871f4d79d673f9eb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424473
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 09:02:20 GMT
server: nginx/1.11.10
etag: W/"62359c1c-4690c0"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J-ppsNPPfcj3jc4byUXrZcmgyGbzt-c-kSot9covOQyZmrHdhFzB_A==
expires: Mon, 18 Apr 2022 09:15:39 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700%7CLibre+Baskerville:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 41934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:31:18 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v13/ 27 KB
27 KB 67ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v13/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700%7CLibre+Baskerville:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 07:48:52 GMT
x-content-type-options: nosniff
age: 343280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:00:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 20 Mar 2023 07:48:52 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v13/ 26 KB
27 KB 53ms
37ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v13/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700%7CLibre+Baskerville:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 20:37:35 GMT
x-content-type-options: nosniff
age: 37957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27120
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 20:37:35 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 48ms
32ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700%7CLibre+Baskerville:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 41957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:30:55 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 42ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700%7CLibre+Baskerville:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 41934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:31:18 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9523 41 KB
21 KB 34ms
28ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVfKMaAAAAAKq3Ij5HyLSv5trC-xta99cwfLGV&co=aHR0cHM6Ly93d3cuaGFsZm1vb24uY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=hz0f1425z5m

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

770d3b50d2f72b120bbc7e98106e137aaddcd1eee66533950180a3a38686c885

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7q+VzrXcJlYmw9eUmbvRjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 07:10:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-7q+VzrXcJlYmw9eUmbvRjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21621
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles.bundle.17fa166bf36.js Show response
newbooking.azds.com/ 184 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:211e:6200:6:f816:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newbooking.azds.com/styles.bundle.17fa166bf36.js

Requested by

Host: newbooking.azds.com
URL: https://newbooking.azds.com/inline.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:6200:6:f816:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

ba390e683765c31b081fc5560d9a1123aab3bb3d8c498c82680e8d8f2d48ce4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424473
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 09:02:20 GMT
server: nginx/1.11.10
etag: W/"62359c1c-2dfe1"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hnCdr1oIdq7BIAdd96Vf3Q8CtAryxtcW3DZinosw2twe7knwbkXKag==
expires: Mon, 18 Apr 2022 09:15:39 GMT

GET
H2 200 main.bundle.17fa166bf36.js Show response
newbooking.azds.com/ 867 KB
229 KB 7ms
7ms Script
application/javascript 2600:9000:211e:6200:6:f816:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newbooking.azds.com/main.bundle.17fa166bf36.js

Requested by

Host: newbooking.azds.com
URL: https://newbooking.azds.com/inline.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:6200:6:f816:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

56d1c655a1de297346bfa28ab425d817e6662be09206448a49e609def1e62d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424473
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Mar 2022 09:02:20 GMT
server: nginx/1.11.10
etag: W/"62359c1c-d8c71"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L9AqpJH8yanQoV2YUlfPfKSP7tW8fHGBBppAwubRtJ_kvxfNuc6vYA==
expires: Mon, 18 Apr 2022 09:15:39 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 9523 51 KB
24 KB 47ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVfKMaAAAAAKq3Ij5HyLSv5trC-xta99cwfLGV&co=aHR0cHM6Ly93d3cuaGFsZm1vb24uY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=hz0f1425z5m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 22:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 22:39:35 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 9523 360 KB
142 KB 50ms
10ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 06:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 06:59:53 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9523 2 KB
2 KB 15ms
6ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 101082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 30 Mar 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9523 15 KB
15 KB 14ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 157927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9523 15 KB
15 KB 14ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 130224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9523 102 B
134 B 17ms
16ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVfKMaAAAAAKq3Ij5HyLSv5trC-xta99cwfLGV&co=aHR0cHM6Ly93d3cuaGFsZm1vb24uY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=hz0f1425z5m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 07:10:12 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 salamander_large.png
www.halfmoon.com/images/layout/footer/ 5 KB
5 KB 36ms
35ms Image
image/png 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/layout/footer/salamander_large.png

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/components/footer/css/footer_after.css?v=hoskhzdmvwrbn1ro6fgiy73dzld5qflul7jn5ozcm6q1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24c180557ed9acd3c69262a531e8ef76a23524ae10c1a6c9b3909bcc8c0e9646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/components/footer/css/footer_after.css?v=hoskhzdmvwrbn1ro6fgiy73dzld5qflul7jn5ozcm6q1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51856
content-length: 4825
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:09:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8066196651eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObT%2ByyeUU5%2FsPpL3j5kh0R2hsVMQnxooZNxrJhqLAMglhO%2BhlWeP%2FM5GhJLfSgxPG2235JlarIDthAvkmzsgfR4ELSoH%2Bj2W8swnC9udRKuA21%2FauHttCqz3%2FrUTXuf9zBcBhKn5iwuALxWOIhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f4c9080f82-MXP

GET
H2 200 logo-legend.png
www.halfmoon.com/images/layout/footer/ 94 KB
95 KB 35ms
34ms Image
image/png 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/layout/footer/logo-legend.png

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1effa5f217fe0a85478180e650abf4c2c2c25ee4fed55a69438892a41be635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17520
content-length: 96656
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:09:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8066196651eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYVXQ78HSokyLy%2FtGjkkh75N0zuf5%2FvnPUDg90dgyxZi8yF0HfhYJY%2BVzFDKq7ruxLsFdld3sJ9o4L9%2FWz460hhYA069Xvr4249LZoBhGnyTgwKtvl76KPhSFa5b4twgfsYSRGn7iAJBaGbMSso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f519990f82-MXP

GET
H2 200 logo-iprefer.png
www.halfmoon.com/images/layout/footer/ 2 KB
2 KB 34ms
33ms Image
image/png 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/layout/footer/logo-iprefer.png

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e547d421ecf841b7ffeba227c8bc6d70fda367e133e5f6b8477929e11b39db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17521
content-length: 2252
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:09:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8066196651eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ80NqcP8PB1mtGjLeltaY6vmvkdnMPY%2FZB6uQLOT3u8PKyPwtbBk3vOBx3ggX5JxillTWK%2FP3NGai1tYIP7ihhiQAGYarkfSQS9NxEmP%2BLfR17KMoha%2FiSHZnZsnNSrbRdWPGW3nMmY%2Bl7CeeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f5199f0f82-MXP

GET
H2 200 HealthSecurity-LOGO_Black.png
www.halfmoon.com/images/layout/footer/ 118 KB
118 KB 52ms
51ms Image
image/png 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/layout/footer/HealthSecurity-LOGO_Black.png

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf920989157a941f44ba6e85d0cdfff82308eeebc85edffe123b0584b445fa82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17521
content-length: 120324
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Jan 2022 17:27:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bbe386b94711d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8VpeKFmQ8UBUJcOpAdG5WdhlOtmnnxX3hCYQ7IdUNB2gu5%2F9SvYQmGkOXqsoJ1bQr36aUDIOQDLo5M560w5y8Oh6%2BiZwhlPzUwv5K%2B6tWONOtR69Lp2qrJHhHJbevbgTHEV2nrvIBywFFfOfl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f519a10f82-MXP

GET
H2 200 activities-003.jpg
www.halfmoon.com/images/content/tile/ 519 KB
520 KB 50ms
50ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-003.jpg?0837022459898257

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93209f87d8d6cc58641400f613ad4271446aa61a7d1ac1648a036bcceefdbde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16336
content-length: 531772
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsTsO4PRk2grAPoXoxyYGaFzPwFCTgjaMqE08647MCC8sL4P8%2BCLR2%2FY785z%2BVoMNezXgvoJrq560un0V%2BwZxH17iD3U9JLyY5NyEHC0IkYtYsrcQrToPHALzsHqzJquJ%2BT%2B%2FRp9eEEz1swVqaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f519a40f82-MXP
cf-bgj: h2pri

GET
H2 200 activities-004.jpg
www.halfmoon.com/images/content/tile/ 395 KB
396 KB 49ms
48ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-004.jpg?09386087984557392

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afa43ffd21a6c3b38852e4e500addc903ae6fd7e6e9ff09551133dd7d6e7d3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16335
content-length: 404585
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l53ReOatqXITXQW0uoE5SAXbRH9JG2BlF1njW39VJe03eDBESVgUQgKcSjqFKcIiS2n02Fe58y9ftNqb6TXiAl%2BMB8yoXJrDd13WZIYF1M0%2Fv4DI4oXdfTNIqtcN8BlFzjLLMJW9p48BFO6QTX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f519a60f82-MXP
cf-bgj: h2pri

GET
H2 200 activities-005.jpg
www.halfmoon.com/images/content/tile/ 567 KB
568 KB 33ms
33ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-005.jpg?06228147202040444

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49aa75e95f213898605688052b7e2d0327f602b288385a69af4974a8bd1e9cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16335
content-length: 580543
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQwQ2LbTDL4X%2FzDk68DvoySATT3qRkMoyml0LMMZH3fDxWppSsADjZ5WQpAr0JCai9lOjyp9Y7hEsecyoXQsdWK23yXifDbTdJK3GEHU1sEv5HTlnd2k%2B2SUtWJYHwTfFvWF1qY8QQRRHgr3BeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f519a80f82-MXP
cf-bgj: h2pri

GET
H2 200 half-moon-interim--7184.jpg
www.halfmoon.com/images/content/tile/ 101 KB
101 KB 49ms
48ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/half-moon-interim--7184.jpg?0459772172139723

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829ab8c4767b1eea23e27c198b774adc8ee342377f0ee11cd900dd3557dbe0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16335
content-length: 103413
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Mar 2020 19:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a93c5589ebf3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edn6nnNNU%2BzMu7kED3nuXxtoZEYkFOwIfE29MohF8HJtY4iyqZqW9NTUOYyop4XxyhnwRvgbXVlHdEkZQMV0PUsES%2Bukdmkq%2BnTuFgSyu%2FuwsSa2KsdRlDETcQ6fFoPqz9AUK9aZe6dp67tRpYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f519aa0f82-MXP
cf-bgj: h2pri

GET
H2 200 activities-008.jpg
www.halfmoon.com/images/content/tile/ 747 KB
749 KB 47ms
47ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-008.jpg?0696653618766073

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7f82f73dbad92202a4be25987ba9960272a3ff695d7ee3fa07555b2d862a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16335
content-length: 765328
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGZchkZVNmDhhUVaTWaJ5uabr%2FmsD9c1jH3BTsQ%2FKDGCUef9TOUXWaPYuJ6GFWuwSnF%2BaOOtGX6NdOf3xJLWu1brqpvsUZVuLhWgFCawv8qLoeXVPwUl%2BCz5fVO%2Fwe4t3PFExmJqCe%2B1D7DD3xA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f519ab0f82-MXP
cf-bgj: h2pri

GET
H2 200 close.png
www.halfmoon.com/images/layout/icons/ 2 KB
2 KB 28ms
28ms Image
image/png 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/layout/icons/close.png

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/css/auto-bundles/pages/interior/grid-expand.css?v=t8kjgz9ihe5kdsk6y-iahl5cxnctubyv4v5rlggsask1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc812e21115b9a53b53ba220eda9091912398afe0d19839c55fd784a6631b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/css/auto-bundles/pages/interior/grid-expand.css?v=t8kjgz9ihe5kdsk6y-iahl5cxnctubyv4v5rlggsask1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17519
content-length: 1789
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8085236051eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSCw%2FIRkkiNqDebae8rGPa044HxRX1G0epRE8cMVxJLHXmrnqatwir%2BdbJNebYfwOFc0R7YssR59zfE8hutn4Rgj1PCfUVhrBjSm0Lkrur7vOx8VWyaGKFf0jUKvg%2Fb5kywBoGQMyC2p5GLBa64%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95f60b670f82-MXP

GET
H2 200 ae.js Show response
ws.audioeye.com/ 1020 B
842 B 443ms
6ms Script
application/javascript 99.86.7.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.audioeye.com/ae.js
Requested by: Host: www.halfmoon.com
URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-51.fra6.r.cloudfront.net
Software: /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-tags
date: Thu, 24 Mar 2022 06:48:59 GMT
content-encoding: gzip
surrogate-keys
age: 1275
etag: "c5f5d23dbd841fb0868078e4bfbbd713"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: suZLwamI7uyXZUTbBJ5lCFqxp7LKCxAJSyQVFGxLqvddCREcl0Vmyg==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2407323886204618&ev=Microdata&dl=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022%23family-adventures&rl=&if=false&ts=1648105814049&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Activities%20%7C%20Half%20Moon%20%7C%20Jamaica%20Luxury%20Hotel%22%2C%22meta%3Adescription%22%3A%22Luxurious%20hotel%20accommodation%20suites%20and%20villas%20steps%20from%20the%20Jamaican%20beach.%20An%20abundance%20of%20space%20and%20comfort%20for%20your%20relaxation.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1648105812507.1371280203&it=1648105812278&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 24 Mar 2022 07:10:13 GMT

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
12 KB 243ms
184ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.halfmoon.com
Requested by: Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8ca28dadf4545499926eb3a6088f67730b0a7a45bdef6615ff2a894bd7d4f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-tags: www.halfmoon.com
date: Thu, 24 Mar 2022 07:10:14 GMT
content-encoding: gzip
surrogate-keys: www.halfmoon.com
cf-cache-status: HIT
server: cloudflare
etag: "a194ad31193fa9da85f334d56341e89b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 6f0d95f9b9c3cc36-ZRH

GET
H2 200 activities-006.jpg
www.halfmoon.com/images/content/tile/ 519 KB
520 KB 1467ms
1467ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-006.jpg?07345508997026988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3241b43fab08311d114231aa4be23e59cbc032a12f2dbcee396d5c063b3ef10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 531498
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6z0SdL1iTg09keFdKO9IWlpRnf00zCmPF5eHaUszmlNO7mN90tnM0%2BeMJvw60q28o1TARzLXGFoYeP6q8%2B5t717tqConrn8szP%2FEw0ocRDwBEhlXqfEDc9gXtj7MpDWuXYARCzJiZBe0MvLeP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95fafc120f82-MXP

GET
H2 200 activities-001.jpg
www.halfmoon.com/images/content/tile/ 874 KB
875 KB 1518ms
1518ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-001.jpg?05640703739525388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60fa16cd2fcf7d9bda3a7d8cb1c9f896c687bfb0b52c053120febaeb9cf6efcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 894541
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hUbrKT8cgQlTfF98tSS5wBez5wmG%2Bvi9qXlm8Xq3VtjH4bExRVMoky8NBSsHx0Azu4hwj0XKoCjwque86xmxRk3WLF%2FaZm52hiiZ9A11Ra%2FKRSWKngE%2BeVOlCX7aVV4R57RzrPcNO7inr9KXJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95fafc140f82-MXP

GET
H2 200 activities-002.jpg
www.halfmoon.com/images/content/tile/ 753 KB
754 KB 1507ms
1506ms Image
image/jpeg 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.halfmoon.com/images/content/tile/activities-002.jpg?07929751408048025

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2c795b456b2eb5ddc409bdd599f774c23c8f6e0bd2c2629545a2dbbd1b5923b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 771310
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0ef8a5f51eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjtDf6d0vP%2BN4lXlujqdaNddo1xva%2FnhEp20H6B307OeUkaIf22OyMROkmakyqQSbkwzi9I%2BXWUPcfmWLgV5%2Bod8dU5TXV%2BKhUDQZuoQXmGyeMKFFiToHtk4EHKKoIhi1eADHYZENxI1Lfp1mQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95fafc160f82-MXP

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/scripts/ 57 KB
14 KB 74ms
41ms Script
text/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/scripts/loader.js?d=www.halfmoon.com&lang=en&cb=fc8000c
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.halfmoon.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64aefd2e3789dd1e3a2492c56436b174018149a3c9eb55b2cf7b840a78c8744

Request headers

Referer: https://www.halfmoon.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:14 GMT
content-encoding: gzip
surrogate-key: prod www.halfmoon.com fc8000c
last-modified: Wed, 23 Mar 2022 21:52:09 GMT
server: cloudflare
age: 4913
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
accept-ranges: bytes
cf-ray: 6f0d95fb5d720219-ZRH
cf-cache-status: HIT
content-length: 13709

GET
H2 200 jquery.bundle.js Show response
wsv3cdn.audioeye.com/build/ 96 KB
33 KB 26ms
26ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/build/jquery.bundle.js?cb=fc8000c
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?d=www.halfmoon.com&lang=en&cb=fc8000c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a242933d71a6e3af981a4ef4d00a3326c39b250b91d40cc9ce6bd26a28ca44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 21:07:00 GMT
server: cloudflare
age: 135469
etag: "17e63-5da84871a4a28-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000, public
accept-ranges: bytes
cf-ray: 6f0d95fbaba2cc36-ZRH
content-length: 33853

GET
H2 200 startup.bundle.js Show response
wsv3cdn.audioeye.com/build/ 566 KB
158 KB 24ms
24ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/build/startup.bundle.js?cb=fc8000c
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?d=www.halfmoon.com&lang=en&cb=fc8000c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e5158f124d0688d9f466b16d99643dd9798e826079c2a058052f561919b999

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 21:07:34 GMT
server: cloudflare
age: 135467
etag: "8d73d-5da84891f3947-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000, public
cf-ray: 6f0d95fc4c47cc36-ZRH

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/frame/ Frame 5112 1 KB
765 B 26ms
26ms Document
text/html 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/build/startup.bundle.js?cb=fc8000c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fc432edf7cd8a6df1278ad9efa2b4be36077b90a0bfaea968ab7f105ed0e22

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/

Response headers

date: Thu, 24 Mar 2022 07:10:14 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=365000000, immutable
vary: Accept-Encoding
last-modified: Tue, 22 Mar 2022 19:22:29 GMT
cf-cache-status: HIT
age: 128837
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f0d95fd1d48cc36-ZRH
content-encoding: gzip

POST
H2 200 send
analytics.audioeye.com/air/v0/ 44 B
403 B 524ms
477ms Ping
application/json 99.86.7.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/build/startup.bundle.js?cb=fc8000c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-95.fra6.r.cloudfront.net
Software: /
Resource Hash: 264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986

Request headers

Referer: https://www.halfmoon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Mar 2022 07:10:15 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 0461a288-920f-4f84-a90f-10a68cd9560d
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-623c1956-5624ee7d05df4c5c4747db30
x-amz-apigw-id: PejlnFPzPHcFwzw=
content-length: 44
x-amz-cf-id: NhAhqklSw0yILMNLsG2NGc1cwc8Wevw7qnPboXdd_xIfqIvgnlGiUg==

GET
H2 200 fontello.woff2
www.halfmoon.com/css/fontello/font/ 11 KB
12 KB 31ms
30ms Font
font/woff2 2606:4700:20::681a:215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halfmoon.com/css/fontello/font/fontello.woff2?65857982

Requested by

Host: www.halfmoon.com
URL: https://www.halfmoon.com/css/fontello/css/fontello.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

414bb589f166e6710ac14287ac8aa20bfe1dbc0aa48a6aa7481f01d75475144c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.halfmoon.com/css/fontello/css/fontello.css
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51860
content-length: 11744
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Feb 2020 16:08:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8020564251eed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNctA7kXCkaRt7ch7whM%2FldGD%2FRaUTSsfkp1SNEUeRZ0G9618wBKmGa2fM%2F8ArywU6JgNZSLZE7hJEKKEjpsMWM4YlF5xZjmxtP%2B1O9WJr1EHhpNHZddTpaX8cbZLyYK26x6tjR6kVl5DLh%2BKhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6f0d95fd4ffa0f82-MXP

GET
H2 200 40d70e9f16f35eba868b3f7629d7bdf4.ttf
wsv3cdn.audioeye.com/build/ 2 KB
1 KB 21ms
21ms Font
font/ttf 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/build/40d70e9f16f35eba868b3f7629d7bdf4.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5a37ea48fe09f4567aa23356a9fb81104a2a317cc6cb2c8db33a7bed701f23

Request headers

Referer: https://www.halfmoon.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 07:10:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 20:48:49 GMT
server: cloudflare
age: 68910
etag: "8f4-5da844607ae40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=63072000, public
accept-ranges: bytes
cf-ray: 6f0d95fd885e0219-ZRH
content-length: 1347

GET
H3 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halfmoon.com/
Origin: https://www.halfmoon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:30:14 GMT
x-content-type-options: nosniff
age: 42000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:30:14 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-E32LX9Z5E2&gtm=2oe3e0&_p=1865318219&sr=1600x1200&ul=en-us&cid=1468091987.1648105812&_s=2&dl=https%3A%2F%2Fwww.halfmoon.com%2Factivities%2Foverview%3Futm_source%3Dagr%26utm_medium%3Demail%26utm_campaign%3DAGR%2BMarch%2B2022&dt=Activities%20%7C%20Half%20Moon%20%7C%20Jamaica%20Luxury%20Hotel&sid=1648105812&sct=1&seg=0&en=scroll&_et=1643&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E32LX9Z5E2&l=HDMdataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.halfmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 07:10:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.halfmoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.halfmoon.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ponplsesp5qo4xwn4qjhupvf
.halfmoon.com/	1970-01-20 03:58:01	Name: _gcl_au Value: 1.2.1059237061.1648105812
.halfmoon.com/	1970-01-20 01:49:52	Name: _gid Value: GA1.2.492031225.1648105812
.halfmoon.com/	1970-01-20 01:48:25	Name: _dc_gtm_UA-19793638-1 Value: 1
.doubleclick.net/	1970-01-20 01:48:26	Name: test_cookie Value: CheckForPermission
.halfmoon.com/	1970-01-20 19:19:37	Name: _ga Value: GA1.1.1468091987.1648105812
www.halfmoon.com/	1970-01-20 01:49:52	Name: origin_referrer Value:
.halfmoon.com/	1970-01-20 03:58:01	Name: _fbp Value: fb.1.1648105812507.1371280203
.facebook.com/	1970-01-20 03:58:01	Name: fr Value: 077V0MhHv0QLZa63g..BiPBlU...1.0.BiPBlU.
.halfmoon.com/	1970-01-20 19:19:37	Name: _ga_E32LX9Z5E2 Value: GS1.1.1648105812.1.0.1648105813.0
www.halfmoon.com/	1970-01-20 10:34:01	Name: _aeaid Value: a0b40037-fd39-4531-9102-4e88a53886e8
www.halfmoon.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true
wsv3cdn.audioeye.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD566NW&l=HDMdataLayer(Line 73) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.halfmoon.com/activities/overview?utm_source=agr&utm_medium=email&utm_campaign=AGR+March+2022#family-adventures Message: The resource https://www.halfmoon.com/css/fontello/font/fontello.woff2?78671574 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9536303.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.audioeye.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mv2.cybersemail.com
newbooking.azds.com
stats.g.doubleclick.net
visitingmedia.com
ws.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.halfmoon.com
104.196.223.207
142.250.185.98
172.217.23.102
199.71.232.152
2001:4de0:ac18::1:a:3a
2600:9000:211e:6200:6:f816:4f40:93a1
2606:4700:20::681a:215
2606:4700::6810:135e
2606:4700::6812:184c
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
99.86.7.51
99.86.7.95
00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee
0147ab4c9ebf7cd58e2707908c2e40fd212f3ebfa6220ccc824bfe312f822fa0
051d76a1b4b7839d3d07f3f981a5c058515f96d8e5dd9847febefb73c369d83b
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0b9f04a694e6568ab1b52573a9a67cff12b9eece4b91d73efca239a83b3f4507
0e532d3d6ce8b38747b290b43e62720457869853453088af37815fa20c4aacff
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fcee19a7557d861150e82a8eeb93c517edbaf4b24137d753341c0a69eb7a0a
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18a852a12f836c425dccd9d291e640ebee8f614e6e9985d680efc88d398c51dd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
24c180557ed9acd3c69262a531e8ef76a23524ae10c1a6c9b3909bcc8c0e9646
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986
383d424e1676b09a68235666d41d29035707082c385a9973c3a70886160cdabd
3cc9395fd69a99a468a16f708cc66107efd68f88540865252df8fed4689ddc57
3dbf48f9341b47b6a59a55b03d96f43b1e20d9ac16627d88e3e60a2c7de17337
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e547d421ecf841b7ffeba227c8bc6d70fda367e133e5f6b8477929e11b39db5
3fe717b85bb71a66129b40b1a8f5a42c4df32f4bf99b394ef4810f186947936a
414bb589f166e6710ac14287ac8aa20bfe1dbc0aa48a6aa7481f01d75475144c
440510758d69cbe824dc10eca001dd0e229b80b05fed9af2c03fc5a0d204098a
44fa63bf862077a332caecc99cc1a2bc8d62eb519ac11c28aae7811fc9764d9f
46145801088a8c1eb1dbe347313a4ef70f8342d8a86e14f820c0b9f96e2a8bcb
4759ab578ed6fe173ae5ce3dade04a2ca1ae7b3460496fd068ed64931649fe22
47a242933d71a6e3af981a4ef4d00a3326c39b250b91d40cc9ce6bd26a28ca44
49aa75e95f213898605688052b7e2d0327f602b288385a69af4974a8bd1e9cb4
4eadcb4cc11ef667c7433a1c9ca01f06df8f2ab86414b4f2a81a65d82f7918e2
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
5062a49c16a303085516a530f5cdd11bd7b674d6b8871f6ce898f0c048695977
5693d3fc7e182e6415edeaf606b8d0ba0d8a6de5d3a94b64b74cf059abd211fa
56d1c655a1de297346bfa28ab425d817e6662be09206448a49e609def1e62d96
57dfb5bdb817231a2e0a50db83485e01bdbe1dc9387e605a77ff8bf31ab40599
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ca40d6d73d5ebdb3fb4af9470737047cdad6f3303f28fff5cbdc6bebb52b4b1
60fa16cd2fcf7d9bda3a7d8cb1c9f896c687bfb0b52c053120febaeb9cf6efcc
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
66437f5bb97cf3fe071e244abd91be50764ed35aa27d1619e87ec5c4bbfb8b0b
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d5a37ea48fe09f4567aa23356a9fb81104a2a317cc6cb2c8db33a7bed701f23
770d3b50d2f72b120bbc7e98106e137aaddcd1eee66533950180a3a38686c885
7ee94be67b0d3cce9d60ea8df8d1b7939e749595045028754cc64d86d63a6fbc
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
829ab8c4767b1eea23e27c198b774adc8ee342377f0ee11cd900dd3557dbe0c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8673e0b3b16f1203b0c6a1f9faad2bd6a1b0ba22e3edd1d5e9793c872918d25f
8680da0adfcd426795f9a320117419621828e5e7c998deb3c25b76214786af60
8acb8c7b1d7f3e06f9fd20482b4ebd8dc702823a514ce4871f4d79d673f9eb4a
8d8ca28dadf4545499926eb3a6088f67730b0a7a45bdef6615ff2a894bd7d4f8
8e03dc84ac616def6d8f3dceea45f2da3cd74037b5d5826876d0db1d02a4f81a
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93209f87d8d6cc58641400f613ad4271446aa61a7d1ac1648a036bcceefdbde4
98199a0576079a88bcdb636285e74f96b853fe6d312e8912d338d8dccb87a75b
9b845025a8fbc2f294b7c6208c1395cddcaf5bbdf78eae6ee8d2062854c72927
9be52e44aa1e93d142d6d9c4adbd9e6bb02906f80bc7add85058571c63723319
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
9e6269c938005688eece15020c0ecfacf889e1e3b7e678d0cfd2112a7a5138c6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4bb5c6add55df86dba1c70cf4ac8dda6918e9857a7cf517af0ecc5daded4e75
a86f73a4968e8df219a6c1f63f4f362beec8e468f0ac44bdd36203146d7ff5ae
ab9f1d8457a3acd52a21122015a816b82bc95063849d3519552d79d63b5c97a3
ad7f82f73dbad92202a4be25987ba9960272a3ff695d7ee3fa07555b2d862a72
ade618d03acc91f678f87842b7fc2de7b6cf6ed3445a1f6f07662aa8e1833e0a
ae9f201b84f424051bbb1adef5909ba018b7ca1aeca252c9c0c66117ae3e79dd
af9327bd949eb7b8f898c2ef4d94a6c95bae78fc9fd4d26a2a20e21d72d2d1a2
afa43ffd21a6c3b38852e4e500addc903ae6fd7e6e9ff09551133dd7d6e7d3c0
b1effa5f217fe0a85478180e650abf4c2c2c25ee4fed55a69438892a41be635e
b3241b43fab08311d114231aa4be23e59cbc032a12f2dbcee396d5c063b3ef10
b68983ea7a3432edb08d0ad608fc0ea814cefe377b7096c6f819d14ac32abe1a
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
ba390e683765c31b081fc5560d9a1123aab3bb3d8c498c82680e8d8f2d48ce4d
bc2b439626948a7482666daa68ec7e4ea9f759ca79161eb286c3f7772fb30571
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc90dfb3fc3e2bc870cd2de2937468a14fe82f6a20c4d6ca07705c5bba4c0569
cf52d661241800a5932063e3ce01c02378ac2c3e801d469a570e81a4394f0296
cf920989157a941f44ba6e85d0cdfff82308eeebc85edffe123b0584b445fa82
d05aa43ec8a4119e839d06c53249a096ae8b0effb4242b394fe5d23881eb168e
d1d47b847691922a81a7cc8c91af501050e0ece16bbf05839fff0476cdad1a43
d21af859c496b67ecbedbdbabf6d8e77e89e72ffeaff4e4ee7e4f0833b2ee33f
d64aefd2e3789dd1e3a2492c56436b174018149a3c9eb55b2cf7b840a78c8744
dbdc29c5b6d0e1dd13d4651dd431fc8210d27407c85796e3686053c877884909
dcc812e21115b9a53b53ba220eda9091912398afe0d19839c55fd784a6631b41
e0e5158f124d0688d9f466b16d99643dd9798e826079c2a058052f561919b999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc3138cf14309975c2bf5cec4339e8dddd5855e81f40894800d02db82a0b7e
e8fc432edf7cd8a6df1278ad9efa2b4be36077b90a0bfaea968ab7f105ed0e22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c795b456b2eb5ddc409bdd599f774c23c8f6e0bd2c2629545a2dbbd1b5923b
f57b96ba26242313a6ab74d37cf4ecf60f380b25e94fadc3bde3ad5a22c99c9a
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f9aa44836e01eb2c58892c95625aae47b42c34142152a76e7f5316e6997e4719
f9f1227ed37f31943cb6d13281c376af009c32a209268067f29bcdf671ddf8c8

www.halfmoon.com Open in urlscan Pro 2606:4700:20::681a:215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

100 %HTTPS

75 %IPv6

17 Domains

24 Subdomains

24 IPs

4 Countries

11865 kBTransfer

18782 kBSize

13 Cookies

15 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.halfmoon.com Open in urlscan Pro
2606:4700:20::681a:215 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

100 %
HTTPS

75 %
IPv6

17
Domains

24
Subdomains

24
IPs

4
Countries

11865 kB
Transfer

18782 kB
Size

13
Cookies

108 HTTP transactions
1 data transactions