www.moonreading.com Open in urlscan Pro
104.26.0.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://shorturl.at/zQVZ9
Effective URL:
https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Submission: On January 22 via manual (January 22nd 2024, 10:56:46 pm UTC) from IN — Scanned from AT

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 35 HTTP transactions. The main IP is 104.26.0.66, located in and belongs to CLOUDFLARENET, US. The main domain is www.moonreading.com. The Cisco Umbrella rank of the primary domain is 669450.
TLS certificate: Issued by GTS CA 1P5 on December 13th 2023. Valid for: 3 months.

This is the only time www.moonreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.69.88 172.67.69.88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.26.9.129 104.26.9.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.33.20.147 52.33.20.147	16509 (AMAZON-02) (AMAZON-02)
1 15	104.26.0.66 104.26.0.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	104.16.56.101 104.16.56.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
2	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
3	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
1	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
35	13

1 172.67.69.88 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.9.129 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.20.147 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-20-147.us-west-2.compute.amazonaws.com

0d79dii8ljuk5u7jolxdjq2j3v.hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.26.0.66 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.moonreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.google.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	moonreading.com 1 redirects www.moonreading.com — Cisco Umbrella Rank: 669450	444 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	873 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	238 KB
3	google.at www.google.at — Cisco Umbrella Rank: 23723	669 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	68 KB
2	shorturl.at 2 redirects shorturl.at — Cisco Umbrella Rank: 81535 www.shorturl.at — Cisco Umbrella Rank: 91454	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	34 KB
1	clickbank.net 1 redirects 0d79dii8ljuk5u7jolxdjq2j3v.hop.clickbank.net	657 B
35	12

	Domain	Requested by
15	www.moonreading.com	1 redirects www.moonreading.com ajax.googleapis.com static.cloudflareinsights.com
4	www.googletagmanager.com	www.moonreading.com www.googletagmanager.com
3	www.google.at	www.moonreading.com
2	www.google.com	www.moonreading.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.moonreading.com connect.facebook.net
1	www.facebook.com	www.moonreading.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	www.moonreading.com
1	ajax.googleapis.com	www.moonreading.com
1	0d79dii8ljuk5u7jolxdjq2j3v.hop.clickbank.net	1 redirects
1	www.shorturl.at	1 redirects
1	shorturl.at	1 redirects
35	15

This site contains no links.

Subject Issuer	Validity	Valid
moonreading.com GTS CA 1P5	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.at GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Frame ID: 3C4689F1C9A5FABBA3EFEB9281A5AC8D
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Request Your FREE Moon Reading!

Page URL History Show full URLs

https://shorturl.at/zQVZ9 HTTP 301
https://www.shorturl.at/zQVZ9 HTTP 302
https://0d79dii8ljuk5u7jolxdjq2j3v.hop.clickbank.net/ HTTP 307
https://www.moonreading.com/start/?hop=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2 HTTP 302
https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

13
IPs

3
Countries

815 kB
Transfer

1814 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://shorturl.at/zQVZ9 HTTP 301
https://www.shorturl.at/zQVZ9 HTTP 302
https://0d79dii8ljuk5u7jolxdjq2j3v.hop.clickbank.net/ HTTP 307
https://www.moonreading.com/start/?hop=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2 HTTP 302
https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.moonreading.com/start/1/
Redirect Chain

https://shorturl.at/zQVZ9
https://www.shorturl.at/zQVZ9
https://0d79dii8ljuk5u7jolxdjq2j3v.hop.clickbank.net/
https://www.moonreading.com/start/?hop=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

5 KB
2 KB

202ms
201ms

Document
text/html

104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e266b0d5714269d2a2f34bfc78ff43357f1f4066cec8458b3b40b0c0431d79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 849b64404a595b43-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 22:56:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKInTma54myxJPsdXRYYa6jbRxtspjWNDxA6qx1aB5dut9VktIf96UaIy2E6bZbwcAoo%2F%2BefvI86m7gSracKMGQ7lCkx%2Bs4oGf%2FR%2FqLaOTbLmIm%2Fy3rPDq5VIoGnuTiSXJwdVbk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 849b643f09855b43-VIE
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 22:56:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThpXzygOgE0CiH9CuSijxFI9g0HNBOko9y5yH5oHpFZbI56GMiCXc3mN25%2BdOOGOyKaGeK9xqh%2BSA0E2IKMq5KoubWwDuQ5EVzrDT2G4xlf7R0ZNXOn5eOqZ0hihvmDkTnFqerE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2
www.moonreading.com/css/ 18 KB
18 KB 43ms
31ms Font
application/octet-stream 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2

Request headers

Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Origin: https://www.moonreading.com
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: "636e45f5-4600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nszvEjlXqwe5Tl1vq4hiUYQtCyWX%2F%2F%2BF%2F9wlUoKXwWxopDnsCpnG9DZvLZXe0jKu%2BNPG%2FAk7cyANMmEkG0VYmZ7jPU07%2Biz6iV3w2UMkwJfNbuvlI1gKNESZ31JchMQVOu%2FiqK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 849b6441bb325b43-VIE
content-length: 17920

GET
H2 200 o-0OIpQlx3QUlC5A4PNr4ARCQ_mu72Bi.woff2
www.moonreading.com/css/ 11 KB
12 KB 37ms
27ms Font
application/octet-stream 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/o-0OIpQlx3QUlC5A4PNr4ARCQ_mu72Bi.woff2
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da2704436d0c1ca2f39c174776fc1ae4e434d25aade210c27f025f74edb421ff

Request headers

Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Origin: https://www.moonreading.com
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: "636e45f5-2d58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yy0VxgBWg5yf0C2lwtWwRNYh3qKXl4Vs1iRADQ%2BaX2SnNFDZd4%2Fvk%2Brd8WwPX%2B8VvxxNvJvZbBcyBKhhHRiaz%2BF0byXr4bQPRH5SurWXGt%2BaN0io5%2FA7wyUKGTJU5CaoKWZOGTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 849b6441bb335b43-VIE
content-length: 11608

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
www.moonreading.com/css/ 13 KB
13 KB 64ms
54ms Font
application/octet-stream 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Origin: https://www.moonreading.com
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5317
etag: "636e45f5-3234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5xhbLY5c5uyAsMBDUCUqCYWa27okHkVa0MbnDgQg3oLryzbnwhbgCg1xhQaNXHm1nzCu3eUFWet2deSPC29CZx6YnHBWjbFcEyAhOgSi9s9XUfxETRyQ5ESD4k9CEZwjZM4dVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 849b6441bb345b43-VIE
content-length: 12852

GET
H2 200 o-0NIpQlx3QUlC5A4PNjOhBVZNyBx2pqPA.woff2
www.moonreading.com/css/ 13 KB
13 KB 58ms
49ms Font
application/octet-stream 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/o-0NIpQlx3QUlC5A4PNjOhBVZNyBx2pqPA.woff2
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3111ebf7a54a08878f3b239dee2e463db0eb24cced9223b9f0dc9550f0e79b

Request headers

Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Origin: https://www.moonreading.com
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: "636e45f5-32dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSm%2F8mXUwEOcgr6k01bqt8ihvrqZo%2FXAaTy2Op0%2FsRAK9SzWa2nbd6GYNmbcmVF%2FPJ%2BfcKzUJdJ7OscrRmo1WBetUiLtOwsys6xEqZIHqeCNXwnpY6WwPBXzaeWH6IGMk2tLjJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 849b6441bb365b43-VIE
content-length: 13020

GET
H2 200 fonts.css
www.moonreading.com/css/ 2 KB
717 B 33ms
25ms Stylesheet
text/css 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/fonts.css
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f8d13d8ef94d15f330e66652cdcfebf1da212212d70f5ddafbd73ef10ace37

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 27 Nov 2022 19:36:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: W/"6383bc38-736"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy8o0gao3sgkdshKvJkZa%2FEeuLbgGlxmqmcuP9hlfQ2g7%2BDXYjYsrWMMgGX3S7dXtOOF0S1WgHdJiYQaTsdMh7JOxYG3cLkPsgRGgLsT2GaFu1Rq2tlX%2BsH0AQJB8AU947pSkE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 849b6441bb2e5b43-VIE

GET
H2 200 bootstrap-reboot.min.css
www.moonreading.com/css/ 4 KB
2 KB 33ms
26ms Stylesheet
text/css 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/bootstrap-reboot.min.css
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 740458b82de9774c1affb4781e4b7fb11db37cb1c281b9d5010dac3f084d7b40

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 Sep 2019 11:00:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 360
etag: W/"5d723c50-fb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfFCR6XCp3iOtiUTjVGv5Om6fWfrNzY8m2S0CJ0i%2F47Z%2BazlUjj5Y%2Fexz2tdmCUEgHIq9hdmPgnCsywUY5TgTc0T6%2Bim2XuHqH%2FdCYJyvCZh2c4%2F03HTshqX2XtIQ8tU%2FYMFlhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 849b6441bb2f5b43-VIE

GET
H2 200 icons.css
www.moonreading.com/css/ 490 KB
334 KB 67ms
61ms Stylesheet
text/css 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/icons.css
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350fcad4d719ea33ce8bd0000d6ffa994ffd6c44915deb51a9a92e73d66e4dd0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Mar 2022 20:04:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: W/"624214b7-7a6a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqUCTsZWnkASJnDEl22gw9RqcJoyPLKGSg2m8g9OZHSAzmGCvOqxhFVXmBg8A7KzlewLSUGrN56MSR9CJ6hAsf44VovnTnw3DacspUf8iZXWS%2FtDVM6YZlelso3G6f5oZtSBtVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 849b6441bb305b43-VIE

GET
H2 200 clean.css
www.moonreading.com/css/ 11 KB
3 KB 65ms
59ms Stylesheet
text/css 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/css/clean.css
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff5ee8f150404794b05e0e63cf3fb3eedef25a8b6e5a947589bfaf5422c4ba9d

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 27 Nov 2022 20:42:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: W/"6383cbab-2a6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKYZze8%2B%2FmnXtAZUM035G6fpP67euYOD%2FjOdspqLr0m%2FH4v1X%2F09%2Be6CruqrSNwEyz7FLHMFj5CRSOqqIC0cUOm7Oq9%2FtrXa98LEGlz53A2J0%2FrggIBVoapOA9zmKMOr5cTROTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 849b6441bb315b43-VIE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 115ms
44ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146859082-1

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4eec1e263f93356d02a8fec22d2843707302f80e6b83c35a5f8261d55eaababf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 22:56:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 144ms
74ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-590897327

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e56553f1a7d95e11c46cbba2473d62333d12aeacf0c576ef046ca5c085d69f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 22:56:41 GMT

GET
H2 200 moon-reading-text-logo.png
www.moonreading.com/img/ 37 KB
37 KB 86ms
81ms Image
image/png 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moonreading.com/img/moon-reading-text-logo.png
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b112019e9548e12c74669aef363de97bc2d9760aa5c76ecd9dd826fa55b639b5

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 20:11:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: "60ba88dd-93e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ljNAkZV3G0eJgbwOX8MbV8VJv%2Ft2aAL1hLnRXz7gSmpOw%2FQWZ7Y6JlrjsnynFSCSBFkRbTWDBJjDYzOOOCXkjdIfkukx3qCd6yTF0QhBHYRmck3pXXSgMG21YK24Xrg%2BYbTlJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 849b6441bb375b43-VIE
content-length: 37864

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 112ms
33ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:27:36 GMT

GET
H2 200 jstz-1.0.4.min.js Show response
www.moonreading.com/js/ 5 KB
2 KB 26ms
26ms Script
application/javascript 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/js/jstz-1.0.4.min.js
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a3913cedd5f32c17fb626fdac5363feec1ab3921dde24b3d9831d15a5f643a

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Sep 2021 16:47:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5318
etag: W/"6151f58e-153a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhH%2BlCy4OVgKKbskN91kNg4isAXRtjpwtfpJ9E5MvOIxyIN5VAMIJHo9i2y%2BByszWS%2BpFTf0yTlukFKNH0QhUuGjyQtbdHzrlljA8K8UiG657c52WEftSHxiVvgMNbxrZFSV%2Bww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 849b64424b7e5b43-VIE

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 103ms
54ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.moonreading.com/
Origin: https://www.moonreading.com
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 849b6442cece5ad1-VIE

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 100ms
32ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 22:56:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57022
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: W1+rkF+5xzwtn9f91vYSL/yRkQOuxaGRz33+V3EPLoARp6gTDZcTFsAAg5brnjOmjNhNYdvRh2fbKKUdwtkyDQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bg-wavewhite.png
www.moonreading.com/img/ 5 KB
6 KB 25ms
25ms Image
image/png 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moonreading.com/img/bg-wavewhite.png
Requested by: Host: www.moonreading.com
URL: https://www.moonreading.com/css/clean.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ab94d9925615e97339029f1c4da28da9fe02b0f1ec2fdbdd7ecfcd3fb5d3da

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/css/clean.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Jan 2022 05:20:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5317
etag: "61dbc225-1586"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y014tKqNBHSMJklfP61SQznWPJsS1oP7K4CZoqmfqRWYfpNEWUOqCLBcGyayfcQcfkCQ6etTR%2B2T60uLeKC1TsAhEjR0xdNZMRn7uSoDg35qFmZQXT9f9%2FspjWJOkMim5hTq8dM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 849b64428ba05b43-VIE
content-length: 5510

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a8ce5b286b8b496fc5a53dd7f79d0997e9824b42dd09845f51fa46639eb9e05

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dab6ca3b3115fdecc999002ec24b58998188e9e9f918a23381c3b792d3200285

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ea0b5bba3082b47c67218902ba97700794e630f25e447cdbc1f1d9a28fef18

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf1853147a600d09627b2dc616de31ba3ca102132ee9c1d7accdc38373568e81

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c5d9f161af2e81a8c3acb6cd7c243cedf3b5972cc5b1c69fe24e910237ac63f

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24640fce95ecd552bb65c814c014c263219b791c3ed4d07f2859e06cfb9f37c2

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82e046c78a232c4393282b9ac889b5649f8ae8fb517292d2ffe0cc6d1f2112cf

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7863ca884c13df5c9ed9148b6a47fb650fce353dcbd80240268b4dda038ead12

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86ae6d967dc368f880d930d3c7001a144e1f245c42f8903460de5f0ce482dca5

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5078dae11387edd912befec1b919bbebdefc3c6e0234aff044d9502a644fa802

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0cee047ecde5c397b2e001c79635122d98881f8ac8213441cb83c4aa9397c7d

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 873e9f1fce1c730d26f881686d73216c9a3d59554116772b1a7892f8595496f9

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 timezone.php Show response
www.moonreading.com/_api/ 13 B
470 B 207ms
206ms XHR
text/html 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moonreading.com/_api/timezone.php?timezone=Europe/Berlin
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f0b5e419f71f7bf5badd9e9a6287c0be5046d1479ab1b6a4e7f8ff7a20d9c8

Request headers

Accept: */*
Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
X-Requested-With: XMLHttpRequest
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NK%2Bqig4%2FG7%2Fn4CpHrDNHNw9K%2FHr8nQ%2Bf4rHtX5neM0Y27H%2FdvRQaOw%2B60lu99QWFQL9%2F5b5oAf2WDnEIHtYG8heR3HrKjRqytH8PGy558f0M3mxhu7%2BYrWQLUI7KYEnsb2bWxNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 849b6442abbf5b43-VIE
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 2523922164511192 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 258ms
258ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2523922164511192?v=2.9.142&r=stable&domain=www.moonreading.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

214ca470882a81667e62ce9e6217e893bce5aa3d95defbf3bbd6efb83d6ce7d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 22:56:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: n/QX1fa5CLqC/eMKnZRHaOcxN9UijDq5XVmV0dGfe48TqmgCs2yRrYn6QNTo10dRYsZOu0rosrYcuSSmmpIc/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 js
www.googletagmanager.com/gtag/ 0
0 40ms
39ms Script
text/html 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-FE7FSZWY65&l=dataLayer&cx=c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146859082-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f8.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 106ms
33ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146859082-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4112
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jan 2024 23:48:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
96 KB 49ms
49ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H802VRJEV8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146859082-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4c9c7b2901a6459cac890fe62e1a0d80c048ddc24df4d36104aeb8cb27a02576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 22:56:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590897327/ 3 KB
2 KB 146ms
70ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590897327/?random=1705964201555&cv=11&fst=1705964201555&bg=ffffff&guid=ON&async=1&gtm=45be41h0v895203738&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Dlekhvin21%26hopId%3D7e909859-fd8a-4753-8511-a5a96adf79c2&hn=www.googleadservices.com&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&auid=1577163897.1705964202&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-590897327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1fe7ee92ea9fe706ad526e54fa1c634c8aed7fe4ea74c24a9a1c298d243df568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 142ms
47ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je41h0v895586847&_p=1705964201343&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1441803334.1705964202&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1705964201&sct=1&seg=0&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Dlekhvin21%26hopId%3D7e909859-fd8a-4753-8511-a5a96adf79c2&dt=Request%20Your%20FREE%20Moon%20Reading!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H802VRJEV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moonreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 140ms
40ms Ping
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H802VRJEV8&cid=1441803334.1705964202&gtm=45je41h0v895586847&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H802VRJEV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moonreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.at/ads/ 42 B
107 B 132ms
45ms Image
image/gif 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.at/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H802VRJEV8&cid=1441803334.1705964202&gtm=45je41h0v895586847&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1603143635

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 40ms
39ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=622770285&t=pageview&_s=1&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Dlekhvin21%26hopId%3D7e909859-fd8a-4753-8511-a5a96adf79c2&ul=en-us&de=UTF-8&dt=Request%20Your%20FREE%20Moon%20Reading!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=385954046&gjid=752401213&cid=1441803334.1705964202&tid=UA-146859082-1&_gid=1216072740.1705964202&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1460761427

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moonreading.com/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moonreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/590897327/ 42 B
455 B 115ms
42ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590897327/?random=1705964201555&cv=11&fst=1705960800000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v895203738&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Dlekhvin21%26hopId%3D7e909859-fd8a-4753-8511-a5a96adf79c2&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf__Ueu7anGN5vRDDzdxuQzgkD6VK1-gw&random=470327579&rmt_tld=0&ipr=y

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.at/pagead/1p-user-list/590897327/ 42 B
455 B 75ms
44ms Image
image/gif 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.at/pagead/1p-user-list/590897327/?random=1705964201555&cv=11&fst=1705960800000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v895203738&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Dlekhvin21%26hopId%3D7e909859-fd8a-4753-8511-a5a96adf79c2&frm=0&tiba=Request%20Your%20FREE%20Moon%20Reading!&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf__Ueu7anGN5vRDDzdxuQzgkD6VK1-gw&random=470327579&rmt_tld=1&ipr=y

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 73ms
39ms XHR
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146859082-1&cid=1441803334.1705964202&jid=385954046&gjid=752401213&_gid=1216072740.1705964202&_u=YADAAUAAAAAAACAAI~&z=1276692719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

4fa69b310798230d616f70eed8ff34b8bb50536234ab23ea3090cce7a90d30bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moonreading.com/
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 Jan 2024 22:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moonreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 109ms
31ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2523922164511192&ev=PageView&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Dlekhvin21%26hopId%3D7e909859-fd8a-4753-8511-a5a96adf79c2&rl=&if=false&ts=1705964201803&sw=1600&sh=1200&ud[external_id]=6e9f9458abddb41182c4a4184125af8f5b41f9bbbc9ecf6085d278322e4857c3&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1705964201801.1080012097&ler=empty&it=1705964201523&coo=false&exp=d3&rqm=GET

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 22:56:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
45ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146859082-1&cid=1441803334.1705964202&jid=385954046&_u=YADAAUAAAAAAACAAI~&z=746727064

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.at/ads/ 42 B
107 B 44ms
43ms Image
image/gif 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.at/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146859082-1&cid=1441803334.1705964202&jid=385954046&_u=YADAAUAAAAAAACAAI~&z=746727064

Requested by

Host: www.moonreading.com
URL: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 rum Show response
www.moonreading.com/cdn-cgi/ 0
185 B 40ms
38ms XHR
text/plain 104.26.0.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moonreading.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.moonreading.com/start/1/?source=lekhvin21&hopId=7e909859-fd8a-4753-8511-a5a96adf79c2
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Jan 2024 22:56:41 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.moonreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 849b64461e8a5b43-VIE

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H802VRJEV8&gtm=45je41h0v895586847&_p=1705964201343&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1441803334.1705964202&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1705964201&sct=1&seg=0&dl=https%3A%2F%2Fwww.moonreading.com%2Fstart%2F1%2F%3Fsource%3Dlekhvin21%26hopId%3D7e909859-fd8a-4753-8511-a5a96adf79c2&dt=Request%20Your%20FREE%20Moon%20Reading!&en=scroll&epn.percent_scrolled=90&_et=7&tfd=7187
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H802VRJEV8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.moonreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 22:56:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.moonreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clickbank.net/	1970-01-21 02:38:20	Name: q Value: 01.AEABA320D43A248BEE8C9C5B1CDAAE0502E2E3CD1B9C9235BF5A60526BF7878D7F12D08FDAB6140A45ECF848C2D21430CC3BE42F
www.moonreading.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3cfv2i92c9rcponc6bkr4pjmqi
.moonreading.com/	1970-01-20 22:11:52	Name: moon_id Value: lekh1_bob9go9mh74i
www.moonreading.com/	1970-01-20 17:54:07	Name: __cflb Value: 02DiuGnYvcoJnk3PPA5MEV7FkyZpoCo2b8YfqJ2dEeC3n
.moonreading.com/	1970-01-20 20:02:20	Name: _gcl_au Value: 1.1.1577163897.1705964202
.moonreading.com/	1970-01-20 20:03:43	Name: timezone Value: Europe%2FBerlin
.moonreading.com/	1970-01-21 03:28:44	Name: _ga_H802VRJEV8 Value: GS1.1.1705964201.1.0.1705964201.60.0.0
.moonreading.com/	1970-01-21 03:28:44	Name: _ga Value: GA1.2.1441803334.1705964202
.moonreading.com/	1970-01-20 17:54:10	Name: _gid Value: GA1.2.1216072740.1705964202
.moonreading.com/	1970-01-20 17:52:44	Name: _gat_gtag_UA_146859082_1 Value: 1
.doubleclick.net/	1970-01-20 17:52:45	Name: test_cookie Value: CheckForPermission
.moonreading.com/	1970-01-20 20:02:20	Name: _fbp Value: fb.1.1705964201801.1080012097

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-FE7FSZWY65&l=dataLayer&cx=c Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d79dii8ljuk5u7jolxdjq2j3v.hop.clickbank.net
ajax.googleapis.com
connect.facebook.net
googleads.g.doubleclick.net
region1.analytics.google.com
shorturl.at
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.at
www.google.com
www.googletagmanager.com
www.moonreading.com
www.shorturl.at
104.16.56.101
104.26.0.66
104.26.9.129
108.177.15.154
142.250.185.227
142.250.185.68
142.250.186.106
142.250.186.130
157.240.251.35
157.240.251.9
172.217.16.142
172.217.18.8
172.67.69.88
216.239.34.36
52.33.20.147
13ea0b5bba3082b47c67218902ba97700794e630f25e447cdbc1f1d9a28fef18
1fe7ee92ea9fe706ad526e54fa1c634c8aed7fe4ea74c24a9a1c298d243df568
214ca470882a81667e62ce9e6217e893bce5aa3d95defbf3bbd6efb83d6ce7d4
24640fce95ecd552bb65c814c014c263219b791c3ed4d07f2859e06cfb9f37c2
350fcad4d719ea33ce8bd0000d6ffa994ffd6c44915deb51a9a92e73d66e4dd0
35a3913cedd5f32c17fb626fdac5363feec1ab3921dde24b3d9831d15a5f643a
39e266b0d5714269d2a2f34bfc78ff43357f1f4066cec8458b3b40b0c0431d79
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
4c9c7b2901a6459cac890fe62e1a0d80c048ddc24df4d36104aeb8cb27a02576
4eec1e263f93356d02a8fec22d2843707302f80e6b83c35a5f8261d55eaababf
4fa69b310798230d616f70eed8ff34b8bb50536234ab23ea3090cce7a90d30bc
5078dae11387edd912befec1b919bbebdefc3c6e0234aff044d9502a644fa802
546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2
55f8d13d8ef94d15f330e66652cdcfebf1da212212d70f5ddafbd73ef10ace37
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c5d9f161af2e81a8c3acb6cd7c243cedf3b5972cc5b1c69fe24e910237ac63f
740458b82de9774c1affb4781e4b7fb11db37cb1c281b9d5010dac3f084d7b40
7863ca884c13df5c9ed9148b6a47fb650fce353dcbd80240268b4dda038ead12
7a8ce5b286b8b496fc5a53dd7f79d0997e9824b42dd09845f51fa46639eb9e05
82e046c78a232c4393282b9ac889b5649f8ae8fb517292d2ffe0cc6d1f2112cf
86ae6d967dc368f880d930d3c7001a144e1f245c42f8903460de5f0ce482dca5
873e9f1fce1c730d26f881686d73216c9a3d59554116772b1a7892f8595496f9
99f0b5e419f71f7bf5badd9e9a6287c0be5046d1479ab1b6a4e7f8ff7a20d9c8
b112019e9548e12c74669aef363de97bc2d9760aa5c76ecd9dd826fa55b639b5
cf1853147a600d09627b2dc616de31ba3ca102132ee9c1d7accdc38373568e81
d0cee047ecde5c397b2e001c79635122d98881f8ac8213441cb83c4aa9397c7d
d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b
da2704436d0c1ca2f39c174776fc1ae4e434d25aade210c27f025f74edb421ff
dab6ca3b3115fdecc999002ec24b58998188e9e9f918a23381c3b792d3200285
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3111ebf7a54a08878f3b239dee2e463db0eb24cced9223b9f0dc9550f0e79b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56553f1a7d95e11c46cbba2473d62333d12aeacf0c576ef046ca5c085d69f40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ab94d9925615e97339029f1c4da28da9fe02b0f1ec2fdbdd7ecfcd3fb5d3da
ff5ee8f150404794b05e0e63cf3fb3eedef25a8b6e5a947589bfaf5422c4ba9d

www.moonreading.com Open in urlscan Pro 104.26.0.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

13 IPs

3 Countries

815 kBTransfer

1814 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.moonreading.com Open in urlscan Pro
104.26.0.66 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

13
IPs

3
Countries

815 kB
Transfer

1814 kB
Size

12
Cookies

35 HTTP transactions
12 data transactions