urlscan.io logo urlscan.io
SecurityTrails logo

careersapi.moonlinetravel.com Open in urlscan Pro
13.41.130.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://careersapi.moonlinetravel.com/
Effective URL: https://careersapi.moonlinetravel.com/admin
Submission Tags: falconsandbox
Submission: On December 10 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 13.41.130.26, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is careersapi.moonlinetravel.com.
TLS certificate: Issued by E6 on December 6th 2024. Valid for: 3 months.
This is the only time careersapi.moonlinetravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 13.41.130.26 16509 (AMAZON-02)
23 2
Apex Domain
Subdomains		 Transfer
24 moonlinetravel.com
careersapi.moonlinetravel.com
3 MB
23 1
Domain Requested by
24 careersapi.moonlinetravel.com 1 redirects careersapi.moonlinetravel.com
23 1

This site contains no links.

Subject Issuer Validity Valid
careers.moonlinetravel.com
E6		 2024-12-06 -
2025-03-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://careersapi.moonlinetravel.com/admin
Frame ID: 92199558B2A33DD65E2F33C971277887
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Strapi Admin

Page URL History Show full URLs

  1. https://careersapi.moonlinetravel.com/ HTTP 302
    https://careersapi.moonlinetravel.com/admin Page URL

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2745 kB
Transfer

2729 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://careersapi.moonlinetravel.com/ HTTP 302
    https://careersapi.moonlinetravel.com/admin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request admin
careersapi.moonlinetravel.com/
Redirect Chain
  • https://careersapi.moonlinetravel.com/
  • https://careersapi.moonlinetravel.com/admin
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
5e0943d621e167b9453aa39479e9122c2578bd57e1823b685180e4cba6a4510a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Dec 2024 10:22:30 GMT
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Origin
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Strapi <strapi.io>

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Connection
keep-alive
Content-Length
43
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Dec 2024 10:22:30 GMT
Location
/admin
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Strapi <strapi.io>
strapi-DVfC4IQP.js
careersapi.moonlinetravel.com/admin/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
c2e627194c51f3d7ddcba30a899e701d59f4cc9bca7b42b2caee8d8c938c80a1
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer
https://careersapi.moonlinetravel.com/admin

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:30 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
2568578
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
project-type
careersapi.moonlinetravel.com/admin/ 		75 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/project-type
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
bc732721b1267aab7f40b25e075ec95323549b2e3cf2d71c948fdedc31f9d7ad
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

authorization
Bearer
Referer
https://careersapi.moonlinetravel.com/admin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:30 GMT
Content-Type
application/json; charset=utf-8
Vary
Origin
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
Content-Length
75
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
favicon.ico
careersapi.moonlinetravel.com/ 		497 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
28467c1136874518aed0f61fba90a29ae71273ec5187140c9bb625562c118398
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://careersapi.moonlinetravel.com/admin

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:30 GMT
Content-Type
image/x-icon
Vary
Origin
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Cache-Control
public, max-age=86400
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
Content-Length
497
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-GB-8ipWI3xp-DgJhISI_.js
careersapi.moonlinetravel.com/admin/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-GB-8ipWI3xp-DgJhISI_.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
27559afa9f8f4d4f0fa0136a9b5ddb19ac7e42cf40bdfa1cc7842d6fbf6443bf
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
51496
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-DKV44jRb-uFwL9e-v.js
careersapi.moonlinetravel.com/admin/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-DKV44jRb-uFwL9e-v.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
d160a7eceb85d86c3b6f43c3c238c861b94e1fc5a0d709b0754ea18aa11606e6
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
20815
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-jBwb53yg-BAGRoFxU.js
careersapi.moonlinetravel.com/admin/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-jBwb53yg-BAGRoFxU.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
50d97333cbd8933fac4ced9b4624e9ddb327b3fd01f0a62f2a763ab35dbee778
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
14719
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-DF4KtAAC-CR7OrT1O.js
careersapi.moonlinetravel.com/admin/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-DF4KtAAC-CR7OrT1O.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
d216f84cc20d0f6939d36e75a89983d6fbe050dc88892190448a928ab10c4459
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
1498
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-oDx2Gnre-Cd_QVvi3.js
careersapi.moonlinetravel.com/admin/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-oDx2Gnre-Cd_QVvi3.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
368b3de674089ed6c8d56b92febe0080eeda818b347e5e94d4d9ff76f5e2a20c
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
7584
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-D0yVZFqf-vRALKLWA.js
careersapi.moonlinetravel.com/admin/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-D0yVZFqf-vRALKLWA.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
dd14c1eb25e54117358992ec32d452e45441408b75bae6c630d171c05d9a62ea
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
6305
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-BYRZFDBV-DMgn594O.js
careersapi.moonlinetravel.com/admin/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-BYRZFDBV-DMgn594O.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
a1499e1df88e86d4687dc45f75b9d8197cd58f5a21f089ba4e24839a84baef83
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
5951
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-D9ZrQAV6-BJTP_S4a.js
careersapi.moonlinetravel.com/admin/ 		519 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-D9ZrQAV6-BJTP_S4a.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
ec63c8777ee00884e910d596bbaad708660069b91a0534139d7f7eb26d12ce00
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
519
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-DqzxMgb_-L4zHduTI.js
careersapi.moonlinetravel.com/admin/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-DqzxMgb_-L4zHduTI.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
f4ae7f3b7762799a169d34e9b2fe69b0876dea4157c9d360043f97d07f9f854e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
1405
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
en-DOHtPf-2-BskX9ENk.js
careersapi.moonlinetravel.com/admin/ 		5 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/en-DOHtPf-2-BskX9ENk.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
a78c4870b7d969a125ae72cf8dcb7ca580e8ba0771a1faff5b3a4c8cd7d8a700
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
5623
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
AuthenticatedLayout-WfWtk2vt-CJyNaQhj.js
careersapi.moonlinetravel.com/admin/ 		57 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/AuthenticatedLayout-WfWtk2vt-CJyNaQhj.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
6cbbba517aa6e29bdd8085a489d39ed44855bb5c0b1909e2cbba7a7c66225af5
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
57864
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
lt-BXbsGEBU.js
careersapi.moonlinetravel.com/admin/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/lt-BXbsGEBU.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
7bdcf28fd21cf6e16a91c2950aca7439942765cdd8ecd0d3ce943ee28ff3c5a7
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
8322
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
Ornaments-jAwgQeK0-BSEQCt7V.js
careersapi.moonlinetravel.com/admin/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/Ornaments-jAwgQeK0-BSEQCt7V.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
0fe4734f60ec3deb5f04b4353dd35a7d8e66e00c284ca5e9c60200919e8fc637
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
5066
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
users-a4KTyEyc-MOwOr-tf.js
careersapi.moonlinetravel.com/admin/ 		384 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/users-a4KTyEyc-MOwOr-tf.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
c86b1fb362abaabfdbe812275c915ae01d3e08efaf2c7ab531a8f36812b5dd5d
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
384
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
PrivateRoute-S4Lol0B9-D6OZZlMk.js
careersapi.moonlinetravel.com/admin/ 		297 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/PrivateRoute-S4Lol0B9-D6OZZlMk.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
0dfb6b4b50fa070f256b18e73f45dd2dfa471dda8a8088d74f7a57bcba4beb60
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
297
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
useOnce-GJ2Ta2mZ-ePeaP-73.js
careersapi.moonlinetravel.com/admin/ 		90 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/useOnce-GJ2Ta2mZ-ePeaP-73.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
c77e64f3a719e0833804f2d9ba89a251ca065f611f102852f4937002bfed44f8
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
90
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
HomePage-oz8OSt1B-BLEwP0-g.js
careersapi.moonlinetravel.com/admin/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/HomePage-oz8OSt1B-BLEwP0-g.js
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
e1aa738006be9d4abdb01c35551f3016819f8dd87d2deab1e35cb0533e1cee15
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://careersapi.moonlinetravel.com
Referer

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Origin
Last-Modified
Sun, 17 Nov 2024 09:12:06 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cache-control
public, max-age=31536000, immutable
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
https://careersapi.moonlinetravel.com
Content-Length
30338
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
init
careersapi.moonlinetravel.com/admin/ 		104 B
1001 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/admin/init
Requested by
Host: careersapi.moonlinetravel.com
URL: https://careersapi.moonlinetravel.com/admin/strapi-DVfC4IQP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
d6fda8b66607077c22aa4d00ed9a08f02e5a36bfc055fa49cd9f5d76e310e659
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

authorization
Bearer
Referer
https://careersapi.moonlinetravel.com/admin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:31 GMT
Content-Type
application/json; charset=utf-8
Vary
Origin
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-DNS-Prefetch-Control
off
Connection
keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
Content-Length
104
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b944151a87b54b99fe96e5bee54466bd322696f6daadedbf47a8b6b8b6b8fa53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		811 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3479bdf79601f64b126ebb2abbd917562fd0fa0e15521bd7344416ab3ffc1daf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
careersapi.moonlinetravel.com/ 		497 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://careersapi.moonlinetravel.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.41.130.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-130-26.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>
Resource Hash
28467c1136874518aed0f61fba90a29ae71273ec5187140c9bb625562c118398
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://careersapi.moonlinetravel.com/admin/auth/login

Response headers

X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Date
Tue, 10 Dec 2024 10:22:30 GMT
Content-Type
image/x-icon
Vary
Origin
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Cache-Control
public, max-age=86400
X-DNS-Prefetch-Control
off
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
X-Download-Options
noopen
Access-Control-Allow-Origin
Content-Length
497
X-Powered-By
Strapi <strapi.io>
Server
nginx/1.18.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| __sc-data-styled__ string| __reactRouterVersion object| __REACT_INTL_CONTEXT__ boolean| __EMOTION_REACT_11__ object| strapi

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

careersapi.moonlinetravel.com
13.41.130.26
0dfb6b4b50fa070f256b18e73f45dd2dfa471dda8a8088d74f7a57bcba4beb60
0fe4734f60ec3deb5f04b4353dd35a7d8e66e00c284ca5e9c60200919e8fc637
27559afa9f8f4d4f0fa0136a9b5ddb19ac7e42cf40bdfa1cc7842d6fbf6443bf
28467c1136874518aed0f61fba90a29ae71273ec5187140c9bb625562c118398
3479bdf79601f64b126ebb2abbd917562fd0fa0e15521bd7344416ab3ffc1daf
368b3de674089ed6c8d56b92febe0080eeda818b347e5e94d4d9ff76f5e2a20c
50d97333cbd8933fac4ced9b4624e9ddb327b3fd01f0a62f2a763ab35dbee778
5e0943d621e167b9453aa39479e9122c2578bd57e1823b685180e4cba6a4510a
6cbbba517aa6e29bdd8085a489d39ed44855bb5c0b1909e2cbba7a7c66225af5
7bdcf28fd21cf6e16a91c2950aca7439942765cdd8ecd0d3ce943ee28ff3c5a7
a1499e1df88e86d4687dc45f75b9d8197cd58f5a21f089ba4e24839a84baef83
a78c4870b7d969a125ae72cf8dcb7ca580e8ba0771a1faff5b3a4c8cd7d8a700
b944151a87b54b99fe96e5bee54466bd322696f6daadedbf47a8b6b8b6b8fa53
bc732721b1267aab7f40b25e075ec95323549b2e3cf2d71c948fdedc31f9d7ad
c2e627194c51f3d7ddcba30a899e701d59f4cc9bca7b42b2caee8d8c938c80a1
c77e64f3a719e0833804f2d9ba89a251ca065f611f102852f4937002bfed44f8
c86b1fb362abaabfdbe812275c915ae01d3e08efaf2c7ab531a8f36812b5dd5d
d160a7eceb85d86c3b6f43c3c238c861b94e1fc5a0d709b0754ea18aa11606e6
d216f84cc20d0f6939d36e75a89983d6fbe050dc88892190448a928ab10c4459
d6fda8b66607077c22aa4d00ed9a08f02e5a36bfc055fa49cd9f5d76e310e659
dd14c1eb25e54117358992ec32d452e45441408b75bae6c630d171c05d9a62ea
e1aa738006be9d4abdb01c35551f3016819f8dd87d2deab1e35cb0533e1cee15
ec63c8777ee00884e910d596bbaad708660069b91a0534139d7f7eb26d12ce00
f4ae7f3b7762799a169d34e9b2fe69b0876dea4157c9d360043f97d07f9f854e