bookingscancun.moonpalace.com Open in urlscan Pro
51.254.62.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bookingscancun.moonpalace.com/
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2020, 7:24:37 pm UTC)

Summary HTTP 111 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 35 domains to perform 111 HTTP transactions. The main IP is 51.254.62.70, located in Germany and belongs to OVH, FR. The main domain is bookingscancun.moonpalace.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 13th 2020. Valid for: 3 months.

This is the only time bookingscancun.moonpalace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	51.254.62.70 51.254.62.70	16276 (OVH) (OVH)
14	13.224.197.143 13.224.197.143	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	51.254.62.77 51.254.62.77	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:3::393 2a04:4e42:3::393	54113 (FASTLY) (FASTLY)
8	51.254.62.68 51.254.62.68	16276 (OVH) (OVH)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
3 7	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	147.135.10.37 147.135.10.37	16276 (OVH) (OVH)
18	104.20.39.138 104.20.39.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST)
3 4	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.100.69 147.75.100.69	54825 (PACKET) (PACKET)
1 7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	147.75.100.245 147.75.100.245	54825 (PACKET) (PACKET)
1 5	52.214.152.253 52.214.152.253	16509 (AMAZON-02) (AMAZON-02)
1 1	68.232.35.198 68.232.35.198	15133 (EDGECAST) (EDGECAST)
3	2.18.234.194 2.18.234.194	16625 (AKAMAI-AS) (AKAMAI-AS)
5 7	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.99.16.81 192.99.16.81	16276 (OVH) (OVH)
2	3.122.197.63 3.122.197.63	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1 1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:fc05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.19.38.125 2.19.38.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
111	37

2 51.254.62.70 (Germany)

ASN16276 (OVH, FR)

bookingscancun.moonpalace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.224.197.143 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-143.fra2.r.cloudfront.net

d2jtzd336hs8un.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.254.62.77 (Germany)

ASN16276 (OVH, FR)

cloud.seekda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.seekda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:3::393 (Ascension Island)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.254.62.68 (Germany)

ASN16276 (OVH, FR)

hbe-api.kognitiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apm-server.seekda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.10.37 (Reston, United States) 2 redirects

ASN16276 (OVH, FR)
PTR: kurento.acquire.io

s.tagove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.20.39.138 (United States)

ASN13335 (CLOUDFLARENET, US)

s.acquire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.acquire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (London, United Kingdom)

ASN15133 (EDGECAST, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9a (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.69 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.245 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.214.152.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.198 (United States) 1 redirects

ASN15133 (EDGECAST, US)

www.jscache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.194 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-194.deploy.static.akamaitechnologies.com

www.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tripadvisor.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.22.38 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f38.1e100.net

6696502.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.99.16.81 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: us-127.sociomantic.net

us-sonar.sociomantic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.197.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-197-63.eu-central-1.compute.amazonaws.com

ads.sonataplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.62 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:fc05 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.38.125 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-125.deploy.static.akamaitechnologies.com

static.tacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	acquire.io s.acquire.io media.acquire.io	294 KB
14	cloudfront.net d2jtzd336hs8un.cloudfront.net	1 MB
12	doubleclick.net 9 redirects stats.g.doubleclick.net 6696502.fls.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	4 KB
7	facebook.com 1 redirects www.facebook.com	1 KB
7	google-analytics.com 3 redirects www.google-analytics.com	38 KB
6	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	12 KB
6	seekda.com cloud.seekda.com static.seekda.com apm-server.seekda.com	28 KB
5	hubspot.com api.hubspot.com track.hubspot.com forms.hubspot.com	2 KB
5	google.com 3 redirects www.google.com adservice.google.com	1 KB
4	kognitiv.com hbe-api.kognitiv.com	10 KB
4	cloudinary.com res.cloudinary.com	412 KB
4	gstatic.com fonts.gstatic.com	85 KB
3	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	sociomantic.com us-sonar.sociomantic.com	11 KB
3	sojern.com beacon.sojern.com pixel.sojern.com	2 KB
3	google.de www.google.de	696 B
3	facebook.net connect.facebook.net	256 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	79 KB
2	tacdn.com static.tacdn.com	11 KB
2	sonataplatform.com ads.sonataplatform.com	2 KB
2	tripadvisor.com www.tripadvisor.com	6 KB
2	tagove.com 2 redirects s.tagove.com	192 B
2	googletagmanager.com www.googletagmanager.com	69 KB
2	moonpalace.com bookingscancun.moonpalace.com	46 KB
1	hsforms.com forms.hsforms.com	496 B
1	hsleadflows.net js.hsleadflows.net	61 KB
1	hscollectedforms.net js.hscollectedforms.net	22 KB
1	hs-analytics.net js.hs-analytics.net	26 KB
1	usemessages.com js.usemessages.com	15 KB
1	tripadvisor.co www.tripadvisor.co	3 KB
1	hs-scripts.com js.hs-scripts.com	1017 B
1	jscache.com 1 redirects www.jscache.com	559 B
1	atdmt.com cx.atdmt.com	432 B
1	googleapis.com fonts.googleapis.com	630 B
1	polyfill.io cdn.polyfill.io	607 B
111	35

	Domain	Requested by
14	d2jtzd336hs8un.cloudfront.net	bookingscancun.moonpalace.com d2jtzd336hs8un.cloudfront.net
12	s.acquire.io	bookingscancun.moonpalace.com d2jtzd336hs8un.cloudfront.net s.acquire.io
7	www.facebook.com	1 redirects bookingscancun.moonpalace.com
7	www.google-analytics.com	3 redirects www.googletagmanager.com www.google-analytics.com
6	media.acquire.io	s.acquire.io
5	ad.doubleclick.net	4 redirects www.googletagmanager.com
5	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
4	apm-server.seekda.com	d2jtzd336hs8un.cloudfront.net bookingscancun.moonpalace.com
4	stats.g.doubleclick.net	3 redirects
4	hbe-api.kognitiv.com	d2jtzd336hs8un.cloudfront.net bookingscancun.moonpalace.com
4	res.cloudinary.com	bookingscancun.moonpalace.com
4	fonts.gstatic.com	bookingscancun.moonpalace.com
3	us-sonar.sociomantic.com	bookingscancun.moonpalace.com us-sonar.sociomantic.com
3	www.google.de	bookingscancun.moonpalace.com
3	www.google.com	3 redirects
3	connect.facebook.net	bookingscancun.moonpalace.com connect.facebook.net
2	static.tacdn.com	www.tripadvisor.com
2	track.hubspot.com
2	api.hubspot.com	d2jtzd336hs8un.cloudfront.net
2	pixel.sojern.com
2	adservice.google.com
2	secure.adnxs.com	1 redirects
2	ads.sonataplatform.com
2	6696502.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.tripadvisor.com	www.tripadvisor.com
2	s.tagove.com	2 redirects
2	www.googletagmanager.com	bookingscancun.moonpalace.com www.googletagmanager.com
2	bookingscancun.moonpalace.com
1	forms.hsforms.com
1	forms.hubspot.com	d2jtzd336hs8un.cloudfront.net
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	ib.adnxs.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	www.tripadvisor.co
1	js.hs-scripts.com	www.googletagmanager.com
1	beacon.sojern.com	bookingscancun.moonpalace.com
1	www.jscache.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	cx.atdmt.com	bookingscancun.moonpalace.com
1	script.hotjar.com	static.hotjar.com
1	tags.crwdcntrl.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.seekda.com	cloud.seekda.com
1	fonts.googleapis.com	bookingscancun.moonpalace.com
1	cloud.seekda.com	bookingscancun.moonpalace.com
1	cdn.polyfill.io	bookingscancun.moonpalace.com
111	49

This site contains links to these domains. Also see Links.

Domain
www.tripadvisor.co

Subject Issuer	Validity	Valid
bookingscancun.moonpalace.com Let's Encrypt Authority X3	`2020-02-13` - `2020-05-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
www.kognitiv.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-02` - `2021-12-01`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2018-07-01` - `2020-06-22`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
ssl368249.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-28` - `2020-06-05`	6 months	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2019-03-15` - `2021-04-07`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
www.tripadvisor.com DigiCert SHA2 Extended Validation Server CA	`2019-03-21` - `2020-04-30`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.sojern.com DigiCert SHA2 High Assurance Server CA	`2018-12-11` - `2020-12-10`	2 years	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
*.sociomantic.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-08` - `2021-04-07`	a year	crt.sh
*.sonataplatform.com Amazon	`2019-09-13` - `2020-10-13`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
ssl817703.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
ssl803673.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
ssl817706.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
static.tacdn.com GlobalSign RSA OV SSL CA 2018	`2019-12-17` - `2021-02-12`	a year	crt.sh
ssl431287.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-01` - `2020-07-09`	6 months	crt.sh

This page contains 9 frames:

Primary Page: https://bookingscancun.moonpalace.com/
Frame ID: 57BF4043BEF6FB0974B04A5AADA47299
Requests: 98 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 49E7970B75ABB603CB065B7558805534
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: 1C51662CB257D8A1386A7616F9656DC4
Requests: 1 HTTP requests in this frame

Frame: https://6696502.fls.doubleclick.net/activityi;dc_pre=CL7i46ek1OcCFRbluwgdJtUI4w;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263;u48=2020-03-11;u50=BE;~oref=https%3A%2F%2Fbookingscancun.moonpalace.com%2F
Frame ID: DC45FD38B7DBCD21740287A866457525
Requests: 1 HTTP requests in this frame

Frame: https://s.acquire.io/cookie.html
Frame ID: 94655B95714E971F46ABF3BB0E1B5D1A
Requests: 1 HTTP requests in this frame

Frame: https://media.acquire.io/be477/new_chat_LB.png
Frame ID: 76DAFAF1CA6C5964435344AD5321B182
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=12310/rand=190924597/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: D0B4669968945CAE18DD1573FCF10CB2
Requests: 1 HTTP requests in this frame

Frame: https://us-sonar.sociomantic.com/html/2010-07-01/usrm?aid=17274252526003358638&fpc=8294680130527053756&v=adv2.09&hs=true
Frame ID: 5A919936898839053E76C1A184701BBF
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=12310/rand=159317375/act=pageType%3A%20viewOffers_Moon%20Palace%20Cancun/geo=countryCode%3A%20BE_Moon%20Palace%20Cancun/geo=city%3A%20BE_Moon%20Palace%20Cancun/seg=arrivalDate%3A%202020-03-11_Moon%20Palace%20Cancun/seg=month%3A%20marzo_Moon%20Palace%20Cancun/seg=departureDate%3A%202020-03-16_Moon%20Palace%20Cancun/seg=creationDate%3A%202020-2-15_Moon%20Palace%20Cancun/seg=nights%3A%205_Moon%20Palace%20Cancun/seg=leadTime%3A%2026_Moon%20Palace%20Cancun/int=hotelName%3A%20Moon%20Palace%20Cancun_Moon%20Palace%20Cancun/int=roomCode%3A%20undefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined_Moon%20Palace%20Cancun/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/genp=currency%3A%20EUR_Moon%20Palace%20Cancun/genp=priceMode%3A%20-_Moon%20Palace%20Cancun/genp=hotelTotal%3A%20undefined_Moon%20Palace%20Cancun/rt=ifr
Frame ID: 458AE867FE272A5767220556B1BC18C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

111
Requests

100 %
HTTPS

50 %
IPv6

35
Domains

49
Subdomains

37
IPs

8
Countries

2538 kB
Transfer

7907 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tripadvisor.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://s.tagove.com/a-be477/init.js HTTP 301
https://s.acquire.io/a-be477/init.js

Request Chain 31

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=627218117&t=pageview&_s=1&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&ul=en-us&de=UTF-8&dt=Moon%20Palace%20Cancun&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=38460425&gjid=1846001042&cid=1858962785.1581794661&tid=UA-85687310-18&_gid=689265375.1581794661&_r=1&gtm=2wg250MP484HX&z=1357461524 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_gid=689265375.1581794661&gjid=1846001042&_v=j81&z=1357461524 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_v=j81&z=1357461524 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_v=j81&z=1357461524&slf_rd=1&random=2719488259

Request Chain 38

https://www.facebook.com/tr/?id=628382487258338&ev=PageView&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794661554&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581794661525.2124562336&it=1581794661494&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=13700664438784386561&f=AYxTI1rt4F8tbX2Cnrfft0bV9rgwQAzppWadLE-pEWiTJmbMYcMTibA2nq3PfokPsy41nnsJfruVCZmZfUQCmFsj&id=628382487258338&l=3&v=0

Request Chain 42

https://s.tagove.com/main.js HTTP 301
https://s.acquire.io/main.js

Request Chain 46

https://bcp.crwdcntrl.net/5/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr

Request Chain 48

https://www.jscache.com/wejs?wtype=selfserveprop&uniq=890&locationId=219163&lang=en_undefined&rating=true&nreviews=2&writereviewlink=false&popIdx=true&iswide=false&border=true&display_version=2 HTTP 301
https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=890&locationId=219163&lang=en_undefined&rating=true&nreviews=2&writereviewlink=false&popIdx=true&iswide=false&border=true&display_version=2

Request Chain 49

https://6696502.fls.doubleclick.net/activityi;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263;u48=2020-03-11;u50=BE;~oref=https%3A%2F%2Fbookingscancun.moonpalace.com%2F HTTP 302
https://6696502.fls.doubleclick.net/activityi;dc_pre=CL7i46ek1OcCFRbluwgdJtUI4w;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263;u48=2020-03-11;u50=BE;~oref=https%3A%2F%2Fbookingscancun.moonpalace.com%2F

Request Chain 58

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&gjid=741826934&_gid=689265375.1581794661&_u=aGDAgEAB~&z=779365118 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&_v=j81&z=779365118 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&_v=j81&z=779365118&slf_rd=1&random=3820139611

Request Chain 63

https://secure.adnxs.com/seg?add=20564478&t=1&gtmcb=653514014 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20564478%26t%3D1%26gtmcb%3D653514014

Request Chain 73

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=627218117&t=event&ni=0&cu=EUR&_s=1&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&ul=en-us&de=UTF-8&dt=Moon%20Palace%20Cancun&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ECommerce&ea=Impressions&_u=aGHACEALB~&jid=1133678723&gjid=446681094&cid=1858962785.1581794661&tid=UA-85687310-2&_gid=689265375.1581794661&_r=1&gtm=2wg250MP484HX&cd2=BE&cd11=2020-03-11&cd12=2020-03-16&cd13=viewOffers&cd15=26&cd16=2&cd17=0&cd18=2&cd19=5&il1pi1id=S001263&il1pi1nm=Moon%20Palace%20Cancun&il1pi1cd2=BE&il1pi1cd11=2020-03-11&il1pi1cd12=2020-03-16&il1pi1cd13=searchBoxInit&il1pi1cd15=26&il1pi1cd16=2&il1pi1cd17=0&il1pi1cd18=2&il1pi1cd19=5&z=650541630 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_gid=689265375.1581794661&gjid=446681094&_v=j81&z=650541630 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_v=j81&z=650541630 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_v=j81&z=650541630&slf_rd=1&random=1234614016

Request Chain 74

https://ad.doubleclick.net/ddm/activity/src=4832335;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4832335;dc_pre=CO6O7qek1OcCFZKVdwoddHsL9A;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CO6O7qek1OcCFZKVdwoddHsL9A;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=sojern__adx_open_bidder_seat&google_hm=Zq7tSn9kVA6E7SolVcuIIQ&google_cm&google_sc&sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&sjrn_ula=792651349 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&sjrn_ula=792651349&google_gid=CAESEGbX7UAmohcnWTNtHr0Bn1g&google_cver=1

Request Chain 76

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&id=$UID HTTP 302
https://pixel.sojern.com/idsync/apn?sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&id=7632282858554554918

Request Chain 77

https://ad.doubleclick.net/ddm/activity/src=4832335;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4832335;dc_pre=CNuP7qek1OcCFVoFiwodeCsDNA;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CNuP7qek1OcCFVoFiwodeCsDNA;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Request Chain 91

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=627218117&t=pageview&_s=1&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&ul=en-us&de=UTF-8&dt=Moon%20Palace%20Cancun&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGHACUALB~&jid=989054364&gjid=457758725&cid=1858962785.1581794661&tid=UA-155677253-1&_gid=689265375.1581794661&_r=1&gtm=2ou250&z=2048701774 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-155677253-1&cid=1858962785.1581794661&jid=989054364&_gid=689265375.1581794661&gjid=457758725&_v=j81&z=2048701774

111 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bookingscancun.moonpalace.com/ 196 KB
39 KB 363ms
255ms Document
text/html 51.254.62.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://bookingscancun.moonpalace.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.70 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

302041b9b2747d7f9dfb18e35d677d9ae27059ad1a07a2061a5daf5e525a69bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Host: bookingscancun.moonpalace.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Sat, 15 Feb 2020 19:24:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
ETag: W/"30ee2-gHeO54YRIeZ3zj/bTopIQf/dxtA"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

GET
H2 200 webpack-838b392324e3598684b5.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/runtime/ 1 KB
1 KB 142ms
97ms Script
application/javascript 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/runtime/webpack-838b392324e3598684b5.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 17 Sep 2019 13:38:25 GMT
content-encoding: gzip
age: 13067156
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2019 17:15:15 GMT
x-frame-options: SAMEORIGIN
etag: W/"5c9bafa3-5ce"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: HkmFj_Vsoy1cULo38V56m2IAT00nWHHLjQfaO0DMoPRoCXCz1DQuHQ==

GET
H2 200 commons.a33aa4d5bdfeebe3d334.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/ 2 MB
484 KB 113ms
68ms Script
application/javascript 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/chunks/commons.a33aa4d5bdfeebe3d334.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

50b950f2ad267e0e26e3deeb2f3e56b55c8d1541bcea842235b685daaf66f411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 18:40:33 GMT
content-encoding: gzip
age: 348228
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Tue, 11 Feb 2020 18:37:56 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e42f484-1ae431"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gf-RwDdenhzmm5B4NQQ2B7Dj_6LLVRYWiKPzLBf5NkeOqsERtS_ULg==

GET
H2 200 main-a83dcf51e6ad438a076a.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/runtime/ 15 KB
6 KB 139ms
94ms Script
application/javascript 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/runtime/main-a83dcf51e6ad438a076a.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

0850399b7ff25de33fec4f33a9ce53a08829f80519fe84963c9c7f236eca738e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Jan 2020 02:33:44 GMT
content-encoding: gzip
age: 3171037
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Fri, 06 Dec 2019 18:09:46 GMT
x-frame-options: SAMEORIGIN
etag: W/"5dea996a-3d10"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: GD33JMBQzab_jK2FhYMReqeBH4MennSnLqSJvs8waeCyykjJfWPS-A==

GET
H2 200 styles.aa556c16603f590645df.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/ 86 B
537 B 142ms
97ms Script
application/javascript 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/chunks/styles.aa556c16603f590645df.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

ca59dd4386f3324ad7413bdc73c10d844bc0c28fe1170b4a6beda11c8b14f486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 06 Feb 2020 08:17:39 GMT
content-encoding: gzip
age: 817602
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2019 15:18:11 GMT
x-frame-options: SAMEORIGIN
etag: W/"5cebffb3-56"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: op51YY09_BckegKQNV9JneTk8ZoT92wxerwNVhsrYd3QOBt2FhHNfQ==

GET
H2 200 semantic.min.css
d2jtzd336hs8un.cloudfront.net/static/ 614 KB
101 KB 69ms
26ms Stylesheet
text/css 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/semantic.min.css?checksum=5f99d090bfef57b452eb516e05430565

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

fb32146b22a6e7cdd5457a025ef35f88250f65971da3bde15d82aef631c63a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 12:35:47 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
last-modified: Wed, 12 Jun 2019 15:10:24 GMT
age: 24514
etag: W/"5d0115e0-996e3"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000
access-control-allow-origin: *
x-amz-cf-id: kS1fcwO6bgZa71TM8RDH2UbnMYHbU51SalKIpqK77oKTaVbTdcgx6w==
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)

GET
H2 200 icons.css
d2jtzd336hs8un.cloudfront.net/static/ 19 KB
4 KB 141ms
98ms Stylesheet
text/css 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

b0a30bcf035ffe41d39eda71670849b0cf0f1b7bfbaceda519f2676b3dbe8164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 19:49:51 GMT
age: 18215
x-frame-options: SAMEORIGIN
etag: "5c6b0c5f-4a0a"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
date: Sat, 15 Feb 2020 14:20:46 GMT
x-amz-cf-pop: FRA2-C1
access-control-allow-origin: *
x-amz-cf-id: WuK6gMGO4p0iW4-jU6xGxWrghvE6jgI5rGXLILzxWlV0jk9dhfWQMg==
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)

GET
H2 200 icons-extended.css
d2jtzd336hs8un.cloudfront.net/static/ 9 KB
2 KB 101ms
58ms Stylesheet
text/css 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/icons-extended.css?checksum=c68829aa4263885cfc63b20639cec261

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

25941065c411f81473eb4e447130945ba13cab3b87bab7920e404b442eec7300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 19:49:51 GMT
age: 23184
x-frame-options: SAMEORIGIN
etag: "5c6b0c5f-250b"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
date: Sat, 15 Feb 2020 12:57:57 GMT
x-amz-cf-pop: FRA2-C1
access-control-allow-origin: *
x-amz-cf-id: EojsEZVOndoig7fYcXBfy-mqprnWqSM_aBgRXZ-dd12vLLjL79IBIg==
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)

GET
H2 200 styles.bd4f6453.chunk.css
d2jtzd336hs8un.cloudfront.net/_next/static/css/ 183 KB
31 KB 104ms
61ms Stylesheet
text/css 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/css/styles.bd4f6453.chunk.css

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

42034e972610a048ced9b5a34666245d29a3a48dce8f8a0a5bc8051c7c03f339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 07 Feb 2020 17:44:33 GMT
content-encoding: gzip
age: 697188
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Mon, 03 Feb 2020 23:32:12 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e38ad7c-2da59"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Qx_DBC_I96nFVivMqVncprjme3VIeYEOMAEdFD95lPZLQbUSFszL8Q==

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
607 B 27ms
11ms Script
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.Intl.~locale.en,Intl.~locale.ar,Intl.~locale.be,Intl.~locale.bg,Intl.~locale.ca,Intl.~locale.cs,Intl.~locale.da,Intl.~locale.de,Intl.~locale.el,Intl.~locale.es,Intl.~locale.et,Intl.~locale.fi,Intl.~locale.fr,Intl.~locale.ga,Intl.~locale.hi,Intl.~locale.hr,Intl.~locale.hu,Intl.~locale.id,Intl.~locale.is,Intl.~locale.it,Intl.~locale.he,Intl.~locale.ja,Intl.~locale.ko,Intl.~locale.lt,Intl.~locale.lv,Intl.~locale.mk,Intl.~locale.ms,Intl.~locale.mt,Intl.~locale.nb,Intl.~locale.nl,Intl.~locale.pl,Intl.~locale.pt,Intl.~locale.ro,Intl.~locale.ru,Intl.~locale.sk,Intl.~locale.sl,Intl.~locale.sq,Intl.~locale.sr,Intl.~locale.sv,Intl.~locale.th,Intl.~locale.tr,Intl.~locale.uk,Intl.~locale.vi,Intl.~locale.zh

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 4548218
normalized-user-agent: chrome/74.0.0
detected-user-agent: Chrome/74.0.3729
status: 200
date: Sat, 15 Feb 2020 19:24:20 GMT
request_came_from_shield: HHN
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=6
content-length: 126
referrer-policy: origin-when-cross-origin
etag: W/"7e-Lg1mQtlDtrujPBTtidtsoNmOeEQ"
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 69549e60-3d6e-0136-cbf5-0050568253f2.js Show response
cloud.seekda.com/w/w-tracking-api/group:BookingFlow/ 18 KB
7 KB 150ms
63ms Script
text/javascript 51.254.62.77
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js
Requested by: Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.77 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.8.1 + Phusion Passenger 5.0.24 / Phusion Passenger Enterprise 5.0.24
Resource Hash: 1f2e2d3cc86f8c6d3f8b336116caf6759c0f8709c2939e73a1dad0f39a71171b

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Runtime: 0.033452
Date: Sat, 15 Feb 2020 19:24:21 GMT
Content-Encoding: gzip
Server: nginx/1.8.1 + Phusion Passenger 5.0.24
X-Powered-By: Phusion Passenger Enterprise 5.0.24
ETag: W/"41a1cbfe24d40b5fc11d9c27e72b07df"
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 6e8aaffb4f1c914887e060618ce5894e
X-Rack-Cache: miss
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 index.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/ 320 KB
83 KB 34ms
28ms Script
application/javascript 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/index.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

3af7c402bc8384fca2f386721a93b548cd653afd75ff03c94159d853b988234b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 18:40:33 GMT
content-encoding: gzip
age: 348228
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Tue, 11 Feb 2020 18:38:55 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e42f4bf-5017c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: pKya-rA31pqBmRTfJFBiGzU_wb_fi2H5innRXri5ho3ESkH7gfZ6bg==

GET
H2 200 _app.js Show response
d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/ 63 KB
15 KB 36ms
30ms Script
application/javascript 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/_app.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

7b87291587957c928ca4ed4a8dc0c97fe937b0876e386c126cb0cc8c8c0e9d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 18:40:33 GMT
content-encoding: gzip
age: 348228
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Tue, 11 Feb 2020 18:37:56 GMT
x-frame-options: SAMEORIGIN
etag: W/"5e42f484-fac8"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: SQGOpSFsRMNhZW7-z7KhbcNlD1FgyFTurq1C3ie1520DJAsbGBHj4g==

GET
H2 200 elastic-apm-js-base.umd.min.js Show response
d2jtzd336hs8un.cloudfront.net/static/scripts/ 64 KB
18 KB 134ms
96ms Script
application/javascript 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

638edab9dc8582110d373f1db5fe53d2993dc03de261e8bcadc5e860775cf60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 13:06:53 GMT
age: 51277
x-frame-options: SAMEORIGIN
etag: "5c62c4ed-101b2"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
date: Sat, 15 Feb 2020 05:09:44 GMT
x-amz-cf-pop: FRA2-C1
access-control-allow-origin: *
x-amz-cf-id: Zr_T8n-Hx82V2-i3nZ0ipgsXs8uFxHNewQe_hBUsaCNFBBFezt3L7A==
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 3 KB
630 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 19:24:21 GMT
server: ESF
date: Sat, 15 Feb 2020 19:24:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Feb 2020 19:24:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
41 KB 28ms
17ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79773fe8150334555a1953c200e5f40a67ddbd93f5cb9214c3921c6c2d2ba062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41420
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Feb 2020 19:24:21 GMT

GET
H2 200 bf-icons-extended.ttf
d2jtzd336hs8un.cloudfront.net/static/ 92 KB
92 KB 67ms
23ms Font
application/octet-stream 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/bf-icons-extended.ttf

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

fd15c1d08eecfa3bebd1c8a1e28836de2f04036509f7ee65e1945cc0decd725d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://d2jtzd336hs8un.cloudfront.net/static/icons-extended.css?checksum=c68829aa4263885cfc63b20639cec261
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:59:17 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 18 Feb 2019 19:50:08 GMT
age: 41104
etag: "5c6b0c70-16eac"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-length: 93868
x-amz-cf-id: ULtewBjQSQNVNpwUBp5FmLnndEiqjyBffyMWdhjIDvX5Iy6MVxDDzg==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v17/ 26 KB
18 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0e.ttf

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2020338
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18276
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jan 2021 10:12:03 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3dd7835a67a74da51d59fce90e3c24f8dbe7acbab1e25406efc502c35326381

Request headers

Origin: https://bookingscancun.moonpalace.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 46 KB
24 KB 11ms
11ms Font
font/ttf 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2483615
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24632
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:47:02 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Jan 2021 01:30:46 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v14/ 45 KB
24 KB 9ms
9ms Font
font/ttf 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 23:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 936377
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:21 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 23:18:04 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
fonts.gstatic.com/s/opensans/v17/ 28 KB
19 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhs.ttf

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1444478
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19068
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:56 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jan 2021 02:09:43 GMT

GET
H/1.1 200
OK tracking-api.min.js Show response
static.seekda.com/widgets/tracking-api/js/ 68 KB
20 KB 120ms
34ms Script
application/javascript 51.254.62.77
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.seekda.com/widgets/tracking-api/js/tracking-api.min.js?R697cb92d440ac30cd0de608f72d1322ce43775c0
Requested by: Host: cloud.seekda.com
URL: https://cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.77 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7a80e9f85c96eb45ddca8f776e4bfd4083082a2526a9a88f8b4e54d02a590a99

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 19:24:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Feb 2020 15:48:45 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1116e-59e3aacabba14-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, max-age=1000000000, public
Accept-Ranges: bytes
Content-Length: 20460
Expires: Sun, 14 Feb 2021 19:24:21 GMT

GET
H2 200 mpc-1440x360.jpg
res.cloudinary.com/seekda/image/upload/v1541652561/production/S001263/ 354 KB
354 KB 21ms
7ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/seekda/image/upload/v1541652561/production/S001263/mpc-1440x360.jpg

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

553a8909a860351f45b20f4af374225ca7fecc3eccef674f406e99c3b7c3d6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
last-modified: Thu, 08 Nov 2018 04:49:22 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "8c2a8b5c2e12140235007c0054dfbab2"
strict-transport-security: max-age=604800
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cloudinary;dur=115;start=2020-02-10T20:45:24.780Z,fastly;dur=0;total=1;start=2020-02-15T19:24:21.392Z;desc=HIT,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 362053

GET
H2 200 logo_moon.png
res.cloudinary.com/seekda/image/upload/v1541652558/production/S001263/ 4 KB
4 KB 21ms
7ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/seekda/image/upload/v1541652558/production/S001263/logo_moon.png

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e9f31d61eee95a3d6d37051d7b73306573a370c3bf1118fdc37bb84371dd042a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
last-modified: Thu, 08 Nov 2018 04:49:19 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "a83cd5f4630a7712f65b8b2739f40390"
strict-transport-security: max-age=604800
content-type: image/png
status: 200
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cloudinary;dur=54;start=2020-01-01T11:10:15.230Z,fastly;dur=0;total=1;start=2020-02-15T19:24:21.392Z;desc=HIT,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 3747

OPTIONS
H/1.1 200
OK offers Show response
hbe-api.kognitiv.com/ 0
422 B 126ms
33ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hbe-api.kognitiv.com/offers
Requested by: Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.68 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscancun.moonpalace.com
Referer: https://bookingscancun.moonpalace.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 15 Feb 2020 19:24:21 GMT
Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Vary: Origin
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Status: 200 OK
Cache-control: private
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Access-Control-Allow-Headers: content-type

GET
H2 200 hotjar-630323.js Show response
static.hotjar.com/c/ 84 KB
8 KB 58ms
19ms Script
application/javascript 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-630323.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress1

Software

Resource Hash

5318d9787d97afa58f1fd7c37de9e23f2f0e94985cf5fd35d448dd0e5e5389b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 273
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 8204
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/1d305d8a88650088ce569f8f01cc51e3
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.081
accept-ranges: bytes
section-io-id: 2f3fe4d1fd670bd3e31404fcabb4a23b
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3049
date: Sat, 15 Feb 2020 18:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sat, 15 Feb 2020 20:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 21ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: vj+58e68AZ0QpQC0A8Glfb/IvXnczhoOtjYAygokSffY9QXQW5WZTcKY7epxDqXzn5BS4Kgb0oHfmm5sWADncw==
x-fb-trip-id: 1850256238
date: Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

init.js Show response
s.acquire.io/a-be477/
Redirect Chain

https://s.tagove.com/a-be477/init.js
https://s.acquire.io/a-be477/init.js

7 KB
3 KB

101ms
55ms

Script
application/javascript

104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/a-be477/init.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0ba4e53e0f817a7314b9289e04dab9fec63db5813dc35b04d8ffe55847402aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373010
x-powered-by: Express
status: 200
strict-transport-security: max-age=15552000; preload
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=5184000
cf-polished: origSize=12613
cf-ray: 5659a95c48e6c833-AMS
expires: Sat, 11 Apr 2020 11:47:31 GMT

Redirect headers

status: 301
date: Sat, 15 Feb 2020 19:24:21 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 194
location: https://s.acquire.io/a-be477/init.js
content-type: text/html

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12310/ 38 KB
11 KB 75ms
19ms Script
application/javascript 93.184.220.113
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12310/cc.js?ns=_cc12310
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.113 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B86) /
Resource Hash: 35f15b99034de36c4b2cf42148015fb2df33be155e760ac8462063d016af7692

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 16:55:22 GMT
server: ECS (amb/6B86)
age: 84079
etag: "5e20957a-97cd+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 11238
expires: Sun, 16 Feb 2020 19:24:21 GMT

GET
H2 200 bf-icons.ttf
d2jtzd336hs8un.cloudfront.net/static/ 153 KB
153 KB 25ms
25ms Font
application/octet-stream 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/bf-icons.ttf

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

6004f0b7111e09c8acdae325b3e75d38f965d89d6321df8811dabaf44d76d5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 18 Feb 2019 19:50:08 GMT
age: 2658
etag: "5c6b0c70-26218"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
date: Sat, 15 Feb 2020 19:24:18 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 156184
x-amz-cf-id: GMWMTmj-IwaCSQtENgmBJ_WzUl0wu9w8q_3FGzVyLnfNw8u2Wm9aAw==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=627218117&t=pageview&_s=1&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&ul=en-us&de=UTF-8&dt=Moon%20Palace%20Cancun&sd=24-bit&sr=1600x120...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_gid=689265375.1581794661&gjid=1846001042&_v=j81&z=1357461524
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_v=j81&z=1357461524
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_v=j81&z=1357461524&slf_rd=1&random=2719488259

42 B
478 B

33ms
21ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_v=j81&z=1357461524&slf_rd=1&random=2719488259

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-18&cid=1858962785.1581794661&jid=38460425&_v=j81&z=1357461524&slf_rd=1&random=2719488259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 619328291734643 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/619328291734643?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b511408e6cb8502874647efb81db15d83192cae63a4ac87461d781a2470c8148

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114947
x-xss-protection: 0
pragma: public
x-fb-debug: 6XMiQohitK/qUhkxoPL9j7wpFWJll/bPsgKVvFT/eJ8eKox/9uxh/wcqEAe8BZ+C+fDWYHWHyg1f0cwViTjAXw==
x-fb-trip-id: 1850256238
date: Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.a6ee02de5873aa236440.js Show response
script.hotjar.com/ 401 KB
70 KB 65ms
22ms Script
application/javascript 147.75.100.69
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.a6ee02de5873aa236440.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-630323.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress16
Software: /
Resource Hash: 58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
content-encoding: br
content-type: application/javascript
age: 192009
status: 200
section-io-cache: Hit
content-length: 71483
last-modified: Thu, 13 Feb 2020 14:00:36 GMT
etag: "a29cc766b3eae227e61b1b428741bb6c"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.090
accept-ranges: bytes
section-io-id: 05a03400be096b816749a685ac4b9df4
section-origin-responded: true

POST
H/1.1 200
OK offers Show response
hbe-api.kognitiv.com/ 117 KB
8 KB 799ms
799ms XHR
application/json 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hbe-api.kognitiv.com/offers
Requested by: Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.68 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 50f3c26808094bcf2c19a83248c7538612c5751d41e6bbb0609f7e1d6fb55519

Request headers

Accept: application/json, text/plain, */*
Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sat, 15 Feb 2020 19:24:22 GMT
Content-Encoding: gzip
Status: 200 OK
ETag: W/"1d42a-BcVBE6frvzDJA3OComsD83Qa77o"
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked

GET
H2 200 628382487258338 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/628382487258338?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efc571bd1d583f32b914081b6884b4d9876cda7f0b1a21cf54092111efd9269c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114948
x-xss-protection: 0
pragma: public
x-fb-debug: x+lxMS5cFh8Opj4pNCDM0BzDqqX2ls1vnpzRZptR4oZPfCwri1f82nH22OUMjqnLW0jVkMpOPIJCT9QLb7AxYA==
x-fb-trip-id: 1850256238
date: Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
349 B 21ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619328291734643&ev=PageView&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794661526&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581794661525.2124562336&it=1581794661494&coo=false&rqm=GET

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 19:24:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
201 B 21ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619328291734643&ev=ViewContent&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794661527&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581794661525.2124562336&it=1581794661494&coo=false&rqm=GET

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 19:24:21 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=628382487258338&ev=PageView&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794661554&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581...
https://cx.atdmt.com/?c=13700664438784386561&f=AYxTI1rt4F8tbX2Cnrfft0bV9rgwQAzppWadLE-pEWiTJmbMYcMTibA2nq3PfokPsy41nnsJfruVCZmZfUQCmFsj&id=628382487258338&l=3&v=0

42 B
432 B

52ms
40ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=13700664438784386561&f=AYxTI1rt4F8tbX2Cnrfft0bV9rgwQAzppWadLE-pEWiTJmbMYcMTibA2nq3PfokPsy41nnsJfruVCZmZfUQCmFsj&id=628382487258338&l=3&v=0
Requested by: Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-24=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:21 GMT, Sat, 15 Feb 2020 19:24:21 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=13700664438784386561&f=AYxTI1rt4F8tbX2Cnrfft0bV9rgwQAzppWadLE-pEWiTJmbMYcMTibA2nq3PfokPsy41nnsJfruVCZmZfUQCmFsj&id=628382487258338&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-24=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 49E7 0
0 60ms
19ms Document
text/html 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-630323.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://bookingscancun.moonpalace.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscancun.moonpalace.com/

Response headers

status: 200
date: Sat, 15 Feb 2020 19:24:21 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.082
section-origin-responded: true
age: 1493284
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: ba7d83d7bef277499d6d7624ca99c523

GET
H2 200 frontend Show response
s.acquire.io/a-be477/init/ 54 KB
20 KB 338ms
295ms XHR
application/json 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/a-be477/init/frontend

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

eeff6473ac9e40f8c431cb3a40d423d92c5d4bde8f6bc6e846ef05d361d1d6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bookingscancun.moonpalace.com
cache-control: no-cache
strict-transport-security: max-age=15552000; preload
cf-ray: 5659a95ce915bddc-AMS

GET
H2 200 jshash Show response
s.acquire.io/ 91 B
579 B 146ms
103ms XHR
application/json 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/jshash?type=frontend

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d76eab2ff2b7e77df5fa335321cfd91e686b0e6f8bb229b7fae1f8deebf7ac8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Express
status: 200
vary: Accept-Encoding
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bookingscancun.moonpalace.com
cache-control: no-cache
cf-ray: 5659a95ce918bddc-AMS
access-control-allow-headers: X-Requested-With

GET
H2

200

main.js Show response
s.acquire.io/
Redirect Chain

https://s.tagove.com/main.js
https://s.acquire.io/main.js

51 B
206 B

44ms
43ms

Script
application/javascript

104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/main.js

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecbea42fe84a1122cc5bd7cf6a724913ea242970fe999cb7ec34a3ae623f4570

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6968
cf-polished: origSize=52
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Sat, 29 Dec 2018 08:59:21 GMT
server: cloudflare
etag: W/"5c273769-34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5659a95d4b84c833-AMS
cf-bgj: minify

Redirect headers

status: 301
date: Sat, 15 Feb 2020 19:24:21 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 194
location: https://s.acquire.io/main.js
content-type: text/html

OPTIONS
H/1.1 200
OK events Show response
apm-server.seekda.com/intake/v2/rum/ 0
418 B 122ms
30ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscancun.moonpalace.com
Referer: https://bookingscancun.moonpalace.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 15 Feb 2020 19:24:22 GMT
X-Content-Type-Options: nosniff
Vary: Origin
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Headers: Content-Type, Content-Encoding, Accept
Content-Length: 0

GET
H2 200 frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 555 KB
173 KB 43ms
38ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/a-be477/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d9709cf5f304c960a35d2ddaa2a29f1208208aa0bb9bc94dc33df84333c4e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 139737
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:57 GMT
server: cloudflare
etag: W/"5e462245-8aac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659a95d9c51c833-AMS
expires: Mon, 24 Feb 2020 04:35:25 GMT

POST
H/1.1 202
Accepted events Show response
apm-server.seekda.com/intake/v2/rum/ 0
228 B 34ms
34ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Requested by

Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-ndjson

Response headers

Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Date: Sat, 15 Feb 2020 19:24:22 GMT
X-Content-Type-Options: nosniff
Content-Length: 0
Strict-Transport-Security: max-age=31536000;

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/ Frame 1C51
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr

0
0

75ms
74ms

Document
text/html

52.214.152.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12310/cc.js?ns=_cc12310
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.152.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://bookingscancun.moonpalace.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscancun.moonpalace.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 15 Feb 2020 19:24:22 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;SameSite=None;Secure _cc_id=5333ea59c7ca7beb103c1f9d9c1403ce;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMDU2Nk5NNLVMNk9ONE9KTTI0ME42TLNMsUw2NAEyUxmAIM7DNY0BDrg3t32SYZyWwPCfkZHh8vM7sjD2uaOHmGHsXRuecsPYD6b2MMLYl049YoOxDy%2BewwJjH%2FpiCWOeOakOY15AUrF%2F%2BVG4TQDymzh6";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCI83BNY4ABZgbWNh8Qg60mF0SxNvcCSQBL1AQw";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
Vary: Accept-Encoding
X-Server: 10.45.10.167
Content-Length: 703
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Sat, 15 Feb 2020 19:24:22 GMT
Expires: 0
Location: https://bcp.crwdcntrl.net/5/ct=y/c=12310/rand=766226964/pv=y/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
X-Server: 10.45.18.182
Content-Length: 0
Connection: keep-alive

GET
H2 200 icons.woff
d2jtzd336hs8un.cloudfront.net/static/themes/default/assets/fonts/ 49 KB
50 KB 23ms
23ms Font
application/font-woff 13.224.197.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2jtzd336hs8un.cloudfront.net/static/themes/default/assets/fonts/icons.woff

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/_next/static/1GUnnCyF6HaSpvGicWfQh/pages/index.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.197.143 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-197-143.fra2.r.cloudfront.net

Software

Resource Hash

95b6a4840f8711ecab427bc236eb86098db7e5c782bafb139c8c30805aa5ffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://d2jtzd336hs8un.cloudfront.net/static/semantic.min.css?checksum=5f99d090bfef57b452eb516e05430565
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:09:27 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 14:12:22 GMT
age: 44095
etag: "5aec6a46-c55c"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/font-woff
status: 200
accept-ranges: bytes
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-length: 50524
x-amz-cf-id: djUVUGAHrXKaXXgXqktYSzlGuYYIYSe88bDVBRbfOFf0ab9G9qbpdQ==

GET
H2

200

wejs Show response
www.tripadvisor.com/
Redirect Chain

https://www.jscache.com/wejs?wtype=selfserveprop&uniq=890&locationId=219163&lang=en_undefined&rating=true&nreviews=2&writereviewlink=false&popIdx=true&iswide=false&border=true&display_version=2
https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=890&locationId=219163&lang=en_undefined&rating=true&nreviews=2&writereviewlink=false&popIdx=true&iswide=false&border=true&display_version=2

344 B
743 B

171ms
170ms

Script
application/x-javascript

2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=890&locationId=219163&lang=en_undefined&rating=true&nreviews=2&writereviewlink=false&popIdx=true&iswide=false&border=true&display_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.194 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2f73d4079c6b4570313d4437495bc035fb93b048661d923fac4d3266f1d820cc

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
server: Apache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
status: 200
cache-control: no-cache,no-store,must-revalidate
content-type: application/x-javascript;charset=UTF-8
content-length: 278
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
server: Apache
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
location: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=890&locationId=219163&lang=en_undefined&rating=true&nreviews=2&writereviewlink=false&popIdx=true&iswide=false&border=true&display_version=2
content-type: text/plain; charset=utf-8
status: 301
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-length: 0
expires: 0

GET
H2

200

activityi;dc_pre=CL7i46ek1OcCFRbluwgdJtUI4w;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263;u...
6696502.fls.doubleclick.net/ Frame DC45
Redirect Chain

https://6696502.fls.doubleclick.net/activityi;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263...
https://6696502.fls.doubleclick.net/activityi;dc_pre=CL7i46ek1OcCFRbluwgdJtUI4w;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u3...

0
0

39ms
38ms

Document
text/html

172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6696502.fls.doubleclick.net/activityi;dc_pre=CL7i46ek1OcCFRbluwgdJtUI4w;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263;u48=2020-03-11;u50=BE;~oref=https%3A%2F%2Fbookingscancun.moonpalace.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6696502.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CL7i46ek1OcCFRbluwgdJtUI4w;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263;u48=2020-03-11;u50=BE;~oref=https%3A%2F%2Fbookingscancun.moonpalace.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://bookingscancun.moonpalace.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 15 Feb 2020 19:24:22 GMT
expires: Sat, 15 Feb 2020 19:24:22 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 391
x-xss-protection: 0
set-cookie: IDE=AHWqTUmS1L-ji36hCwvlyh3ER0vRZMXz51ydYI3jKlI4siVB5GWmXq2GOBEaPg_K; expires=Thu, 11-Mar-2021 19:24:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 15 Feb 2020 19:24:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6696502.fls.doubleclick.net/activityi;dc_pre=CL7i46ek1OcCFRbluwgdJtUI4w;src=6696502;type=motor0;cat=mpc_k0;ord=8993415598711;gtm=2wg250;auiddc=337692530.1581794661;u27=EUR;u28=2020-03-16;u34=en;u37=2;u38=0;u39=2;u40=S001263;u48=2020-03-11;u50=BE;~oref=https%3A%2F%2Fbookingscancun.moonpalace.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 15-Feb-2020 19:39:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 18:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2139
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Sat, 15 Feb 2020 19:48:43 GMT

GET
H2 200 B11310321.150590727;ORD=1445364483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/adj/N478809.197812NSO.CODESRV/ 11 B
625 B 86ms
41ms Script
text/javascript 172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N478809.197812NSO.CODESRV/B11310321.150590727;ORD=1445364483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 150 Show response
beacon.sojern.com/pixel/cp/ 3 KB
1 KB 64ms
25ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/150?f_v=cp_v3_js&p_v=1&hpid=PRMOON&pt=SEARCH&hd1=2020-03-11&hd2=2020-03-16&tad=2&tch=0&hr=1&hpr=Moon%20Palace%20Cancun&hn1=BE&l=en&et=hs
Requested by: Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 9f95d8bbfcb1e261b587b74c89ecc6ee9d3150ae2916f11cf50f7a7d14d9649d

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: application/javascript
alt-svc: clear
content-length: 710
via: 1.1 google

GET
H2 200 2284186.js Show response
js.hs-scripts.com/ 2 KB
1017 B 42ms
25ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2284186.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b39c88f79981a53899ac26efbb100db23983dd2e3bdc6980f18418b43fb370e

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4
cf-polished: origSize=1825
status: 200
access-control-max-age: 3600
cf-bgj: minify
server: cloudflare
x-trace: 2BA6D780A305A5377D60D86157979E66BE8CB2EEE3000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://bookingsjamaica.moonpalace.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5659a961098d64c1-FRA
expires: Sat, 15 Feb 2020 19:25:22 GMT

GET
H2 200 moonpalacecancun-mx Show response
us-sonar.sociomantic.com/js/2010-07-01/adpan/ 33 KB
10 KB 453ms
112ms Script
application/javascript 192.99.16.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://us-sonar.sociomantic.com/js/2010-07-01/adpan/moonpalacecancun-mx
Requested by: Host: bookingscancun.moonpalace.com
URL: https://bookingscancun.moonpalace.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.99.16.81 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: us-127.sociomantic.net
Software: nginx /
Resource Hash: 99fdcf2a8fcaa96bc3b45ff37260612e9cb4c2be20614e08198f32e123d3455c

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
last-modified: Tue, 31 Dec 2019 04:38:01 GMT
server: nginx
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
cache-control: must-revalidate
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155677253-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP484HX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbe4fc7decb16f7e730640380e9c04ec36fa8100382245f00d22a57f1e79e815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28497
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Feb 2020 19:24:22 GMT

GET
H/1.1 200
OK noimage.jpg
bookingscancun.moonpalace.com/static/ 7 KB
7 KB 42ms
42ms Image
image/jpeg 51.254.62.70
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bookingscancun.moonpalace.com/static/noimage.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.70 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a7a7aac38152bf60bb768780deb951b121ac3ee54eb0028e7aeee5fab8b331b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 15 Feb 2020 19:24:22 GMT
Last-Modified: Fri, 11 May 2018 19:22:12 GMT
X-Frame-Options: SAMEORIGIN
ETag: "5af5ed64-1c69"
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7273

GET
H2 200 collect
www.google-analytics.com/ 35 B
133 B 7ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=627218117&t=pageview&_s=1&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&ul=en-us&de=UTF-8&dt=Moon%20Palace%20Cancun&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAB~&jid=2103944515&gjid=741826934&cid=1858962785.1581794661&tid=UA-85687310-2&_gid=689265375.1581794661&gtm=2wg250MP484HX&z=182859070

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 01:04:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1361982
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&gjid=741826934&_gid=689265375.1581794661&_u=aGDAgEAB~&z=779365118
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&_v=j81&z=779365118
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&_v=j81&z=779365118&slf_rd=1&random=3820139611

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&_v=j81&z=779365118&slf_rd=1&random=3820139611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=2103944515&_v=j81&z=779365118&slf_rd=1&random=3820139611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 150_logo-11900-2.png
www.tripadvisor.co/img/cdsi/img2/branding/ 2 KB
3 KB 202ms
150ms Image
image/png 2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.co/img/cdsi/img2/branding/150_logo-11900-2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.194 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0170ac187ee3fb6bd4f2b84c6e49a54cab9700d7773e2e1423dc01b4fc562f95

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-type: image/png
server: Apache
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
status: 200
cache-control: private, max-age=43200
timing-allow-origin: https://www.tripadvisor.com
content-length: 2349
expires: Sun, 16 Feb 2020 07:24:22 GMT

GET
H2 200 5d922ab634fc1d002b66a4ef
ads.sonataplatform.com/pixel/script/conversion/permanence/ 1 KB
1 KB 67ms
22ms Image
text/javascript 3.122.197.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.sonataplatform.com/pixel/script/conversion/permanence/5d922ab634fc1d002b66a4ef?gtmcb=691175077

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.197.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-197-63.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
access-control-allow-origin: *
etag: W/"548-8JfyetAGJb8fcJbRglJ1XzW0lgk"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript; charset=utf-8
status: 200
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With

GET
H2 200 5d95016fe040aa0040456177
ads.sonataplatform.com/pixel/attribution/ 67 B
451 B 67ms
22ms Image
image/png 3.122.197.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.sonataplatform.com/pixel/attribution/5d95016fe040aa0040456177?gtmcb=1488819064

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.197.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-197-63.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
last-modified: Thu, 30 Jan 2020 16:17:12 GMT
access-control-allow-origin: *
etag: W/"43-16ff73dfb40"
access-control-allow-methods: GET
content-type: image/png
status: 200
cache-control: public, max-age=0
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 67

GET
H/1.1 200
OK b=75480737
bcp.crwdcntrl.net/5/c=12293/ 49 B
800 B 68ms
67ms Image
image/gif 52.214.152.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=12293/b=75480737?gtmcb=1900611504
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.152.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 19:24:22 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.0.8
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=20564478&t=1&gtmcb=653514014
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20564478%26t%3D1%26gtmcb%3D653514014

0
1 KB

25ms
25ms

Image
application/javascript

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20564478%26t%3D1%26gtmcb%3D653514014

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 19:24:24 GMT
AN-X-Request-Uuid: f71888be-84f3-46ec-8bb9-0badc2abe6a5
Content-Type: application/javascript; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.116; 185.210.217.116; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.115:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 19:24:24 GMT
AN-X-Request-Uuid: e05fc38c-5e60-4112-a157-206e727118b2
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20564478%26t%3D1%26gtmcb%3D653514014
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.116; 185.210.217.116; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.207:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619328291734643&ev=Search&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794662547&cd[content_type]=hotel&cd[checkout_date]=2020-03-16&cd[departureDate]=2020-03-16&cd[checkin_date]=2020-03-11&cd[arrivalDate]=2020-03-11&cd[num_infants]=0&cd[infants]=0&cd[currency]=EUR&cd[content_ids]=PRMOON&cd[city]=Moon%20Palace%20Cancun&cd[region]=CUN&cd[num_children]=0&cd[childrens]=0&cd[roomNights]=5&cd[num_teens]=0&cd[teens]=0&cd[num_adults]=2&cd[adults]=2&cd[leadTime]=26&cd[creationDate]=2020-2-15&cd[hotel]=PRMOON&cd[country]=BE&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1581794661525.2124562336&it=1581794661494&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT, Sat, 15 Feb 2020 19:24:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 19:24:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=628382487258338&ev=Search&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794662547&cd[content_type]=hotel&cd[checkout_date]=2020-03-16&cd[departureDate]=2020-03-16&cd[checkin_date]=2020-03-11&cd[arrivalDate]=2020-03-11&cd[num_infants]=0&cd[infants]=0&cd[currency]=EUR&cd[content_ids]=PRMOON&cd[city]=Moon%20Palace%20Cancun&cd[region]=CUN&cd[num_children]=0&cd[childrens]=0&cd[roomNights]=5&cd[num_teens]=0&cd[teens]=0&cd[num_adults]=2&cd[adults]=2&cd[leadTime]=26&cd[creationDate]=2020-2-15&cd[hotel]=PRMOON&cd[country]=BE&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581794661525.2124562336&it=1581794661494&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT, Sat, 15 Feb 2020 19:24:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 19:24:22 GMT

OPTIONS
H/1.1 200
OK offers-overview Show response
hbe-api.kognitiv.com/channels/ibe/properties/S001263/ 0
423 B 31ms
31ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hbe-api.kognitiv.com/channels/ibe/properties/S001263/offers-overview
Requested by: Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.68 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscancun.moonpalace.com
Referer: https://bookingscancun.moonpalace.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 15 Feb 2020 19:24:22 GMT
Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Vary: Origin
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Status: 200 OK
Cache-control: private
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Access-Control-Allow-Headers: content-type

GET
H2 200 13.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 331 KB
56 KB 34ms
34ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/13.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f277a42a1d0bd45b4a21ae64c53163a9e34baa781e502f407d9ab948b0d6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 139690
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:17 GMT
server: cloudflare
etag: W/"5e46221d-52c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659a9618fd4c833-AMS
expires: Mon, 24 Feb 2020 04:36:12 GMT

GET
H2 200 MP_Habitaciones_Ropas0069.jpg
res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/S001263/ 32 KB
32 KB 7ms
7ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/S001263/MP_Habitaciones_Ropas0069.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

469831a339cc34ae09b390e8a532ec0fd68136627d2c4b221fe7e59d7140a457

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
strict-transport-security: max-age=604800
status: 200
content-disposition: inline; filename="MP_Habitaciones_Ropas0069.webp"
server-timing: cloudinary;dur=66;start=2020-02-01T19:14:36.478Z,fastly;dur=0;total=1;start=2020-02-15T19:24:22.733Z;desc=HIT,rtt;dur=5
content-length: 32462
last-modified: Fri, 15 Jun 2018 14:43:51 GMT
server: Cloudinary
etag: "1e9a88074320741301e254e73aaca23f"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Superior_Deluxe_Garden_View_01.jpg
res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/S001263/ 21 KB
22 KB 7ms
7ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/S001263/Superior_Deluxe_Garden_View_01.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5fd1eb1c7691e033c9e3783dbde03e00376d9f9eb49cbb79bbb18c0a920683cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
strict-transport-security: max-age=604800
status: 200
content-disposition: inline; filename="Superior_Deluxe_Garden_View_01.webp"
server-timing: cloudinary;dur=79;start=2020-02-07T11:12:34.914Z,fastly;dur=0;total=1;start=2020-02-15T19:24:22.733Z;desc=HIT,rtt;dur=5
content-length: 21984
last-modified: Fri, 11 May 2018 19:37:22 GMT
server: Cloudinary
etag: "348702dc444cd6510a8b9a2aac1e0c5a"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing,Vary
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H/1.1 200
OK events Show response
apm-server.seekda.com/intake/v2/rum/ 0
418 B 30ms
30ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://bookingscancun.moonpalace.com
Referer: https://bookingscancun.moonpalace.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 15 Feb 2020 19:24:22 GMT
X-Content-Type-Options: nosniff
Vary: Origin
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 3600
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Headers: Content-Type, Content-Encoding, Accept
Content-Length: 0

POST
H/1.1 200
OK offers-overview Show response
hbe-api.kognitiv.com/channels/ibe/properties/S001263/ 280 B
615 B 316ms
316ms XHR
application/json 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hbe-api.kognitiv.com/channels/ibe/properties/S001263/offers-overview
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.62.68 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e9bfe9da2ce7fa958a4a717d3d7b01b32e9dd9b7b7322788efd302875e465df1

Request headers

Accept: application/json, text/plain, */*
Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Sat, 15 Feb 2020 19:24:23 GMT
Content-Encoding: gzip
Status: 200 OK
ETag: W/"118-RY5VOHSlWqpEIRK8ABxePSVJktU"
Vary: Accept-Encoding, Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 cookie.html
s.acquire.io/ Frame 9465 0
0 70ms
70ms Document
text/html 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/cookie.html

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: s.acquire.io
:scheme: https
:path: /cookie.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://bookingscancun.moonpalace.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscancun.moonpalace.com/

Response headers

status: 200
date: Sat, 15 Feb 2020 19:24:22 GMT
content-type: text/html
set-cookie: __cfduid=d41b6dc8f82797db4022fbdbc3517eec01581794662; expires=Mon, 16-Mar-20 19:24:22 GMT; path=/; domain=.acquire.io; HttpOnly; SameSite=Lax; Secure
cf-ray: 5659a96239e5c833-AMS
cache-control: max-age=1209600, public, max-age=1209600
expires: Sat, 29 Feb 2020 19:24:22 GMT
last-modified: Mon, 27 May 2019 13:18:00 GMT
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
server: cloudflare
content-encoding: gzip

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=627218117&t=event&ni=0&cu=EUR&_s=1&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&ul=en-us&de=UTF-8&dt=Moon%20Palace%20Cancun&sd=24-bit&sr...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_gid=689265375.1581794661&gjid=446681094&_v=j81&z=650541630
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_v=j81&z=650541630
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_v=j81&z=650541630&slf_rd=1&random=1234614016

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_v=j81&z=650541630&slf_rd=1&random=1234614016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85687310-2&cid=1858962785.1581794661&jid=1133678723&_v=j81&z=650541630&slf_rd=1&random=1234614016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=4832335;dc_pre=CO6O7qek1OcCFZKVdwoddHsL9A;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4832335;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17=;u19=PRMOON;u20=Moon+Palace+Canc...
https://ad.doubleclick.net/ddm/activity/src=4832335;dc_pre=CO6O7qek1OcCFZKVdwoddHsL9A;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u1...
https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CO6O7qek1OcCFZKVdwoddHsL9A;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17...

42 B
109 B

272ms
272ms

Image
image/gif

2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CO6O7qek1OcCFZKVdwoddHsL9A;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CO6O7qek1OcCFZKVdwoddHsL9A;type=sales;cat=1031_00r;qty=1;cost=0;u1=;u2=;u3=;u4=2020-03-11;u5=2020-03-16;u9=;u10=;u11=BE;u12=1;u13=;u16=;u17=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sojern__adx_open_bidder_seat&google_hm=Zq7tSn9kVA6E7SolVcuIIQ&google_cm&google_sc&sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FF...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&sjrn_ula=792651349&google_gid=CAESEGbX7UAmohcnWTNtHr0Bn1g&google_cver=1

42 B
299 B

26ms
25ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&sjrn_ula=792651349&google_gid=CAESEGbX7UAmohcnWTNtHr0Bn1g&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
server: HTTP server (unknown)
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&sjrn_ula=792651349&google_gid=CAESEGbX7UAmohcnWTNtHr0Bn1g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&id=$UID
https://pixel.sojern.com/idsync/apn?sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&id=7632282858554554918

42 B
281 B

26ms
26ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&id=7632282858554554918
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.244.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 19:24:24 GMT
AN-X-Request-Uuid: ead502d1-a836-4743-8922-3c3ea8f83c0b
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://pixel.sojern.com/idsync/apn?sjrn_id=DfX4-M3PBVo6qYWnfYdNmXbs6oU91eiaGly_u3cqLx01bt7oy-LXA26DgN1FFehy&id=7632282858554554918
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.116; 185.210.217.116; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.229:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

src=4832335;dc_pre=CNuP7qek1OcCFVoFiwodeCsDNA;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4832335;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa...
https://ad.doubleclick.net/ddm/activity/src=4832335;dc_pre=CNuP7qek1OcCFVoFiwodeCsDNA;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag...
https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CNuP7qek1OcCFVoFiwodeCsDNA;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_...

42 B
109 B

272ms
271ms

Image
image/gif

2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CNuP7qek1OcCFVoFiwodeCsDNA;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=4832335;dc_pre=CNuP7qek1OcCFVoFiwodeCsDNA;type=sales;cat=1031_01;qty=1;cost=0;u1=;u10=;u11=BE;u16=;u19=PRMOON;u20=Moon+Palace+Cancun;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 66.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 439 B
397 B 38ms
38ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/66.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7266287380057ccde528022ec92dfc5ac86791f30a1267fe3b77ea9441144d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 137163
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:22 GMT
server: cloudflare
etag: W/"5e462222-1b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659a9627a83c833-AMS
expires: Mon, 24 Feb 2020 05:18:19 GMT

GET
H2 200 60.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 1 KB
593 B 47ms
47ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/60.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4db85527c3283b14b9b89fceda3392c43f6c289fcbef60e4e306a85507425e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 137163
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:22 GMT
server: cloudflare
etag: W/"5e462222-4aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659a9627a93c833-AMS
expires: Mon, 24 Feb 2020 05:18:19 GMT

POST
H/1.1 202
Accepted events Show response
apm-server.seekda.com/intake/v2/rum/ 0
228 B 47ms
46ms XHR
text/plain 51.254.62.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-server.seekda.com/intake/v2/rum/events

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.254.62.68 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-ndjson

Response headers

Access-Control-Allow-Origin: https://bookingscancun.moonpalace.com
Date: Sat, 15 Feb 2020 19:24:22 GMT
X-Content-Type-Options: nosniff
Content-Length: 0
Strict-Transport-Security: max-age=31536000;

GET
H2 200 new_chat_LB.png
media.acquire.io/be477/ Frame 76DA 3 KB
4 KB 87ms
34ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_LB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e41b897b2018e5ba2c01ec39256a5fad1030826b28c9a539c9b5d19fd6af20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373009
cf-polished: origFmt=png, origSize=5765
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_LB.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3550
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:45 GMT
server: cloudflare
etag: 0x8D79F3C12559E1C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 4a08ecae-601e-00dc-622d-dfe445000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659a9631c74c833-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_MP.png
media.acquire.io/be477/ Frame 76DA 3 KB
3 KB 92ms
39ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_MP.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c21c645dec6e9f3dce4f7fe7c4ceb25ebe572625b1c8ad09c5274c2fbe986fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373009
cf-polished: origFmt=png, origSize=5632
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_MP.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3058
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1245BBC2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: f3cb74c2-801e-007c-4cac-dd2b23000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659a9631c69c833-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_PR.png
media.acquire.io/be477/ Frame 76DA 3 KB
3 KB 88ms
36ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_PR.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b84922cc94f5d93337babc2da0649a8409156c927cb00d2d529be959dcd225a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 19:24:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373009
cf-polished: origFmt=png, origSize=5572
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_PR.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3180
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1243230C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 10245a08-201e-0071-1df5-dcc42f000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659a9631c71c833-AMS
cf-bgj: imgq:100

GET
H/1.1 200
OK Cookie set rt=ifr
bcp.crwdcntrl.net/5/c=12310/rand=190924597/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/ Frame D0B4 0
0 51ms
51ms Document
text/html 52.214.152.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12310/rand=190924597/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12310/cc.js?ns=_cc12310
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.152.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://bookingscancun.moonpalace.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _cc_dc=1; _cc_id=5333ea59c7ca7beb103c1f9d9c1403ce; _cc_aud="ABR4nGNgYGCI83BNY4ABZgbWNh8Qg60mF0SxNvcCSQBL1AQw"; _cc_cc="ACZ4nGNQMDU2Nk5NNLVMNk9ONE9KTTI0ME42TLNMsUw2NAEyUxmAIM7DNY0BDngW%2Fv2nzNiawPCfkZFhc9snGcZpEPauDU%2B5mSDiUJEzJ9VRBS4snsOCKnLu6CFmVJEHU3sYUUUuP78jiypyGMOcQ18sUQUunXrEhiqyf%2FlRNGMA9eJQJw%3D%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscancun.moonpalace.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 15 Feb 2020 19:24:22 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_id=5333ea59c7ca7beb103c1f9d9c1403ce;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMDU2Nk5NNLVMNk9ONE9KTTI0ME42TLNMsUw2NAEyUxmAIM7DNY0BDng2t32SYZyWwPCfkZFh4d9%2FyoytEPauDU%2B5mSBsqOyZk%2BqoAhcWz2FBFTl39BAzqsiDqT2MqCKXn9%2BRRRU5jGHOoS%2BWqAKXTj1iQxXZv%2FwomjEA8Q5QJw%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
Vary: Accept-Encoding
X-Server: 10.45.24.88
Content-Length: 159
Connection: keep-alive

GET
H2 200 WidgetEmbed-selfserveprop Show response
www.tripadvisor.com/ 16 KB
5 KB 334ms
334ms Script
text/javascript 2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripadvisor.com/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=219163&display_version=2&uniq=890&rating=true&lang=en_undefined&nreviews=2&writereviewlink=false
Requested by: Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=890&locationId=219163&lang=en_undefined&rating=true&nreviews=2&writereviewlink=false&popIdx=true&iswide=false&border=true&display_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.194 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11b94550c64e7fc9aae9ee2c3f1b83db6f6d6b58a856fe3283a45ada95455e03

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: gzip
server: Apache
timing-allow-origin: https://www.tripadvisor.com
vary: User-Agent,Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
status: 200
cache-control: no-cache,no-store,must-revalidate
content-type: text/javascript;charset=UTF-8
content-length: 4012
expires: 0

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 60 KB
15 KB 35ms
20ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2284186.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d384100a69b392d9cba10d45e1c690eb8f1c95f12e02c6f37e70134c7146b5d5

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
via: 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 572
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
x-amz-version-id: Tb4qAH57zXvyA3b9KJOjnGdnqNJTFAL5
last-modified: Fri, 14 Feb 2020 06:02:04 GMT
server: cloudflare
etag: W/"d982215a7d1d61f9afcd465f816412ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-pop: IAD89-C3
cf-ray: 5659a9635a4316f2-FRA
x-amz-cf-id: AMgsHWRdXLcPTuKWzj0BajFMmARKu5AaPiySvxSAXnJbdfMjwLpUqQ==

GET
H2 200 2284186.js Show response
js.hs-analytics.net/analytics/1581794400000/ 75 KB
26 KB 39ms
15ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1581794400000/2284186.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2284186.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8220d75e59bdef847d1594f75d61a5cbdb5d01d0623d2ecb3783cc55a104c3

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 224
status: 200
x-amz-request-id: 468D9363571B09DC
x-amz-id-2: cmwsMrMCteq28/4woGJWi1shqr1wjXawLGWMT1qcTuer32IoP1O13nL3/fq0xQ/ZWFidSQ/JT0Y=
last-modified: Tue, 04 Feb 2020 21:35:30 GMT
server: cloudflare
etag: W/"dc5f8a439f40f135edb6747823c51c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 5659a9636a5e64a3-FRA
expires: Sat, 15 Feb 2020 19:25:38 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 85 KB
22 KB 369ms
353ms Script
application/javascript 2606:4700::6811:80ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2284186.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e60d7b974a8cab1175a66ead4311275e66a6ecebc6792cbfb629be175fdd6813

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C1
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: gzip
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Feb 2020 01:04:12 GMT
server: cloudflare
etag: W/"b1e83f125c062e320df0331e7bc91321"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: sXyBMpNUSpLocmoaYov_ithAv7lz0TC3
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
cf-ray: 5659a9635f94178e-FRA
x-amz-cf-id: hXtyOo1uWIiqi6QweS16foMapOxRFLzLJrvOgSZt_zGWwlFHsbCVCw==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 377 KB
61 KB 144ms
124ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2284186.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfaff2f5d6e94657e0f881332caa67965b9cf78bd3b56767d48eaf23647633d

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
via: 1.1 fb41e17254dfd781519e95cedd257827.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD89-C3
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Tue, 11 Feb 2020 02:42:32 GMT
server: cloudflare
etag: W/"5a4b3524feb30251503c1dd69d357e81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: 8UWSQh6JvjVvPe4AFvrC5AfctgtqAmWA
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
cf-ray: 5659a9636a09dfbb-FRA
x-amz-cf-id: AFCK0k9OpHmo8sHm7yNSSiq8tQ3NDVoe1dDvyxumtvC6qy6BI0tnEg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155677253-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3050
date: Sat, 15 Feb 2020 18:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sat, 15 Feb 2020 20:33:32 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=627218117&t=pageview&_s=1&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&ul=en-us&de=UTF-8&dt=Moon%20Palace%20Cancun&sd=24-bit&sr=1600x120...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-155677253-1&cid=1858962785.1581794661&jid=989054364&_gid=689265375.1581794661&gjid=457758725&_v=j81&z=2048701774

35 B
136 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-155677253-1&cid=1858962785.1581794661&jid=989054364&_gid=689265375.1581794661&gjid=457758725&_v=j81&z=2048701774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sat, 15 Feb 2020 19:24:22 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-155677253-1&cid=1858962785.1581794661&jid=989054364&_gid=689265375.1581794661&gjid=457758725&_v=j81&z=2048701774
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 23 B
695 B 123ms
111ms XHR
text/plain 2606:4700::6810:fc05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2284186&conversations-embed=static-1.5930&mobile=false&messagesUtk=d9d0184c85c74373ad3694d4b4b5614f&traceId=d9d0184c85c74373ad3694d4b4b5614f

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5f27d5e5d92a7499b2c01025e9d8f6c78effa35afbe71156159a221be6cece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: GET
Origin: https://bookingscancun.moonpalace.com
Referer: https://bookingscancun.moonpalace.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-hubspot-messages-uri

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 23
allow: HEAD,GET,OPTIONS,PUT
server: cloudflare
x-trace: 2B1DEB56BAF8DE05893E5CD29949960EFB384447A5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bookingscancun.moonpalace.com
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5659a963b919e003-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
494 B 39ms
23ms Image
image/gif 2606:4700::6810:fc05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=2284186&pu=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&t=Moon+Palace+Cancun&cts=1581794663018&i=paso_motor_mpc%3D1&vi=5196b815ca1b791e370ad01b68619146&nc=true&u=142510957.5196b815ca1b791e370ad01b68619146.1581794663015.1581794663015.1581794663015.1&b=142510957.1.1581794663016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5659a963fe9c1756-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
104 B 40ms
24ms Image
image/gif 2606:4700::6810:fc05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=2284186&pu=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&t=Moon+Palace+Cancun&cts=1581794663019&i=paso_motor_mpc%3D1&vi=5196b815ca1b791e370ad01b68619146&nc=true&u=142510957.5196b815ca1b791e370ad01b68619146.1581794663015.1581794663015.1581794663015.1&b=142510957.1.1581794663016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5659a963fe9f1756-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2 200 view Show response
us-sonar.sociomantic.com/js/2010-07-01/action/ 202 B
818 B 108ms
108ms Script
application/javascript 192.99.16.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://us-sonar.sociomantic.com/js/2010-07-01/action/view?aid=moonpalacecancun-mx&po=%7B%22products%22%3A%5B%7B%22identifier%22%3A%22S001263%22%7D%5D%7D&v=adv2.09&rid=r009152849169119626
Requested by: Host: us-sonar.sociomantic.com
URL: https://us-sonar.sociomantic.com/js/2010-07-01/adpan/moonpalacecancun-mx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.99.16.81 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: us-127.sociomantic.net
Software: nginx /
Resource Hash: 0a6af349c5d5af94d775b1528b18b0609ae2f765e97c57d55d049f6e69cb253b

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: gzip
last-modified: Sat, 15 Feb 2020 19:24:23 GMT
server: nginx
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=619328291734643&ev=Microdata&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794663035&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Moon%20Palace%20Cancun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=3&o=30&fbp=fb.1.1581794661525.2124562336&it=1581794661494&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT, Sat, 15 Feb 2020 19:24:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 19:24:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=628382487258338&ev=Microdata&dl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F&rl=&if=false&ts=1581794663056&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Moon%20Palace%20Cancun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1581794661525.2124562336&it=1581794661494&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT, Sat, 15 Feb 2020 19:24:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 15 Feb 2020 19:24:23 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 272 B
394 B 122ms
122ms XHR
application/json 2606:4700::6810:fc05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166b6807b770f319f83142398990541c638f2f76007ed1cec8cd2b0bc71ddee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
X-HubSpot-Messages-Uri: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 213
server: cloudflare
x-trace: 2B2D4D00ACFC07C18067A5BB1407F91C78B0B39648000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bookingscancun.moonpalace.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5659a9648b36e003-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 usrm
us-sonar.sociomantic.com/html/2010-07-01/ Frame 5A91 0
0 109ms
108ms Document
text/html 192.99.16.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://us-sonar.sociomantic.com/html/2010-07-01/usrm?aid=17274252526003358638&fpc=8294680130527053756&v=adv2.09&hs=true
Requested by: Host: us-sonar.sociomantic.com
URL: https://us-sonar.sociomantic.com/js/2010-07-01/adpan/moonpalacecancun-mx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.99.16.81 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: us-127.sociomantic.net
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: us-sonar.sociomantic.com
:scheme: https
:path: /html/2010-07-01/usrm?aid=17274252526003358638&fpc=8294680130527053756&v=adv2.09&hs=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://bookingscancun.moonpalace.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sonar=8294680130527053756; sonar-expires=1613330663; sonar_matching_us=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscancun.moonpalace.com/

Response headers

status: 200
server: nginx
date: Sat, 15 Feb 2020 19:24:23 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
last-modified: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: gzip

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
341 B 193ms
191ms XHR
application/json 2606:4700::6810:fc05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2284186&utk=5196b815ca1b791e370ad01b68619146&__hstc=142510957.5196b815ca1b791e370ad01b68619146.1581794663015.1581794663015.1581794663015.1&__hssc=142510957.1.1581794663016&currentUrl=https%3A%2F%2Fbookingscancun.moonpalace.com%2F

Requested by

Host: d2jtzd336hs8un.cloudfront.net
URL: https://d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-js-base.umd.min.js?checksum=bf5a111e4336e4daebfb5480589108c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1957a3d5780aa7376ac637268630d371d9712b61aa97f05c664d7eca4c6b8d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bookingscancun.moonpalace.com/
Origin: https://bookingscancun.moonpalace.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-ray: 5659a9653d20e003-FRA
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bookingscancun.moonpalace.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 t4b_widget_self_serve_property-v23019549212a.css
static.tacdn.com/css2/build/concat/ 33 KB
6 KB 76ms
22ms Stylesheet
text/css 2.19.38.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v23019549212a.css
Requested by: Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=219163&display_version=2&uniq=890&rating=true&lang=en_undefined&nreviews=2&writereviewlink=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.125 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-125.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 95e535d6fc3e64f7bdc159ad728e38b8121477a1f4d8d4bea017c0cf1c01a477

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: gzip
last-modified: Mon, 03 Feb 2020 10:57:36 GMT
server: Apache
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=30496158
accept-ranges: bytes
timing-allow-origin: *
content-length: 6285
expires: Tue, 02 Feb 2021 18:33:41 GMT

GET
H2 200 cdswidgets_m-c-v22480917520a.js Show response
static.tacdn.com/js3/build/concat/widget/ 15 KB
5 KB 78ms
23ms Script
application/x-javascript 2.19.38.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js
Requested by: Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=219163&display_version=2&uniq=890&rating=true&lang=en_undefined&nreviews=2&writereviewlink=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.125 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-125.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e94e0140ad5ee0dd772ad05d9ba5cc4cf3e2a1f5d420ea5cb783edbdbdda9f10

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: gzip
last-modified: Tue, 15 Oct 2019 09:31:44 GMT
server: Apache
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20939417
accept-ranges: bytes
timing-allow-origin: https://www.tripadvisor.com
content-length: 4656
expires: Thu, 15 Oct 2020 03:54:40 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
496 B 125ms
106ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B14D34E0EB4C77CBBD1842864A2E62FB21D987E32000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5659a9660f371f2d-FRA
content-length: 35

GET
H/1.1 200
OK Cookie set rt=ifr
bcp.crwdcntrl.net/5/c=12310/rand=159317375/act=pageType%3A%20viewOffers_Moon%20Palace%20Cancun/geo=countryCode%3A%20BE_Moon%20Palace%20Cancun/geo=city%3A%20BE_Moon%20Palace%20Cancun/seg=arrivalDate... Frame 458A 0
0 45ms
44ms Document
text/html 52.214.152.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12310/rand=159317375/act=pageType%3A%20viewOffers_Moon%20Palace%20Cancun/geo=countryCode%3A%20BE_Moon%20Palace%20Cancun/geo=city%3A%20BE_Moon%20Palace%20Cancun/seg=arrivalDate%3A%202020-03-11_Moon%20Palace%20Cancun/seg=month%3A%20marzo_Moon%20Palace%20Cancun/seg=departureDate%3A%202020-03-16_Moon%20Palace%20Cancun/seg=creationDate%3A%202020-2-15_Moon%20Palace%20Cancun/seg=nights%3A%205_Moon%20Palace%20Cancun/seg=leadTime%3A%2026_Moon%20Palace%20Cancun/int=hotelName%3A%20Moon%20Palace%20Cancun_Moon%20Palace%20Cancun/int=roomCode%3A%20undefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined%2Cundefined_Moon%20Palace%20Cancun/int=%23OpR%2381979%23bookingscancun.moonpalace%20%3A%20Total%20Site%20Traffic/genp=currency%3A%20EUR_Moon%20Palace%20Cancun/genp=priceMode%3A%20-_Moon%20Palace%20Cancun/genp=hotelTotal%3A%20undefined_Moon%20Palace%20Cancun/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12310/cc.js?ns=_cc12310
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.152.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-152-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://bookingscancun.moonpalace.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _cc_dc=1; _cc_id=5333ea59c7ca7beb103c1f9d9c1403ce; _cc_aud="ABR4nGNgYGCI83BNY4ABZgbWNh8Qg60mF0SxNvcCSQBL1AQw"; _cc_cc="ACZ4nGNQMDU2Nk5NNLVMNk9ONE9KTTI0ME42TLNMsUw2NAEyUxmAIM7DNY0BDng2t32SYZyWwPCfkZFh4d9%2FyoytEPauDU%2B5mSBsqOyZk%2BqoAhcWz2FBFTl39BAzqsiDqT2MqCKXn9%2BRRRU5jGHOoS%2BWqAKXTj1iQxXZv%2FwomjEA8Q5QJw%3D%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://bookingscancun.moonpalace.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 15 Feb 2020 19:24:23 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_id=5333ea59c7ca7beb103c1f9d9c1403ce;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMDU2Nk5NNLVMNk9ONE9KTTI0ME42TLNMsUw2NAEyUxmAIM7DNf0%2FEPAzwIDIo4a%2FiozTEhj%2BMzIy3Edi30Zi35hwUgnG3tz2SQbGfv37D1zN6SONyjD2pbkT4OrfPGmAsxf%2B%2FafM2Aph79rwlJsJwobKnjmpjipwYfEcFlSRc0cPMaOKPJjaw4gqcvn5HVlUkcMY5hz6YokqcOnUIzZUkf3Lj6IZAwDkQHeN";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCI83BNZ4ABZgbWNh8Qg60mF0SxNvcCSQBL9AQx";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 11-Nov-2020 19:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
Vary: Accept-Encoding
X-Server: 10.45.24.88
Content-Length: 159
Connection: keep-alive

GET
H2 200 17.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 51 KB
15 KB 49ms
49ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/17.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c03962d551d9a86909c6fca2a2fcdc141302bccf46f7ef3ff93e3ec8b69bd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 139737
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:19 GMT
server: cloudflare
etag: W/"5e46221f-cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659a968dc17c833-AMS
expires: Mon, 24 Feb 2020 04:35:26 GMT

GET
H2 200 loading-main.gif
s.acquire.io/asset/ Frame 76DA 3 KB
3 KB 44ms
43ms Image
image/gif 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.acquire.io/asset/loading-main.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c070cc0bb1207c7c7e9d482e830fdf62dd9a771b97472dd2aab0bb08848bcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 19:24:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2401
cf-polished: origSize=21696, status=webp_bigger
status: 200
last-modified: Sat, 29 Dec 2018 08:59:21 GMT
strict-transport-security: max-age=15552000; preload
content-length: 2676
cf-bgj: imgq:100
server: cloudflare
etag: "5c273769-54c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=21600, public, max-age=21600
accept-ranges: bytes
cf-ray: 5659a968ec2bc833-AMS
expires: Sun, 16 Feb 2020 00:44:22 GMT

GET
H2 200 new_chat_LB.png
media.acquire.io/be477/ Frame 76DA 3 KB
4 KB 35ms
34ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_LB.png

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e41b897b2018e5ba2c01ec39256a5fad1030826b28c9a539c9b5d19fd6af20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 19:24:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373010
cf-polished: origFmt=png, origSize=5765
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_LB.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3550
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:45 GMT
server: cloudflare
etag: 0x8D79F3C12559E1C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 4a08ecae-601e-00dc-622d-dfe445000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659a9693d04c833-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_MP.png
media.acquire.io/be477/ Frame 76DA 3 KB
3 KB 34ms
34ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_MP.png

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c21c645dec6e9f3dce4f7fe7c4ceb25ebe572625b1c8ad09c5274c2fbe986fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 19:24:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373010
cf-polished: origFmt=png, origSize=5632
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_MP.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3058
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1245BBC2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: f3cb74c2-801e-007c-4cac-dd2b23000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659a9693d05c833-AMS
cf-bgj: imgq:100

GET
H2 200 new_chat_PR.png
media.acquire.io/be477/ Frame 76DA 3 KB
3 KB 33ms
33ms Image
image/webp 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.acquire.io/be477/new_chat_PR.png

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b84922cc94f5d93337babc2da0649a8409156c927cb00d2d529be959dcd225a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Feb 2020 19:24:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373010
cf-polished: origFmt=png, origSize=5572
x-cache: HIT
status: 200
content-disposition: inline; filename="new_chat_PR.webp"
strict-transport-security: max-age=15552000; preload
content-length: 3180
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 13:07:44 GMT
server: cloudflare
etag: 0x8D79F3C1243230C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 10245a08-201e-0071-1df5-dcc42f000000
cache-control: max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5659a9693d07c833-AMS
cf-bgj: imgq:100

GET
H2 200 59.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js Show response
s.acquire.io/dist/ 13 KB
3 KB 44ms
43ms Script
application/javascript 104.20.39.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acquire.io/dist/59.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Requested by

Host: s.acquire.io
URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.39.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

539c37262ed8fcc7a9f4be94c02e544369b773448c8160230975c5606cef7eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bookingscancun.moonpalace.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 19:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 137162
status: 200
strict-transport-security: max-age=15552000; preload
last-modified: Fri, 14 Feb 2020 04:29:22 GMT
server: cloudflare
etag: W/"5e462222-338e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000, public, max-age=864000
cf-ray: 5659a969eec7c833-AMS
expires: Mon, 24 Feb 2020 05:18:22 GMT

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.moonpalace.com/	1970-01-19 15:55:53	Name: _hjid Value: 11bcf92a-78ca-4170-8442-64624c4bc067
.moonpalace.com/	1970-01-19 09:32:50	Name: _fbp Value: fb.1.1581794661525.2124562336
.bookingscancun.moonpalace.com/	1970-01-20 00:54:26	Name: _ga Value: GA1.3.1858962785.1581794661
.bookingscancun.moonpalace.com/	1970-01-19 07:23:14	Name: _gat_UA-85687310-18 Value: 1
.bookingscancun.moonpalace.com/	1970-01-19 07:24:41	Name: _gid Value: GA1.3.689265375.1581794661
.moonpalace.com/	1970-01-19 09:32:50	Name: _gcl_au Value: 1.1.337692530.1581794661

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: gtm pageLoaded [object Object]
console-api	log	(Line 1) Message: gtm searchBoxInit [object Object]
console-api	log	URL: https://s.acquire.io/main.js(Line 1) Message: Please update acquire widget code..
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	(Line 1) Message: gtm viewOffers [object Object]
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	(Line 1) Message: Lotame cargado
console-api	log	(Line 1) Message: [object Object]
console-api	error	URL: https://s.acquire.io/dist/frontend.92895544a141d1a55b5e24bc382472ee19e36ee3.bundle.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6696502.fls.doubleclick.net
ad.doubleclick.net
ads.sonataplatform.com
adservice.google.com
api.hubspot.com
apm-server.seekda.com
bcp.crwdcntrl.net
beacon.sojern.com
bookingscancun.moonpalace.com
cdn.polyfill.io
cloud.seekda.com
cm.g.doubleclick.net
connect.facebook.net
cx.atdmt.com
d2jtzd336hs8un.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
hbe-api.kognitiv.com
ib.adnxs.com
js.hs-analytics.net
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
media.acquire.io
pixel.sojern.com
res.cloudinary.com
s.acquire.io
s.tagove.com
script.hotjar.com
secure.adnxs.com
static.hotjar.com
static.seekda.com
static.tacdn.com
stats.g.doubleclick.net
tags.crwdcntrl.net
track.hubspot.com
us-sonar.sociomantic.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.jscache.com
www.tripadvisor.co
www.tripadvisor.com
104.20.39.138
107.178.244.119
13.224.197.143
147.135.10.37
147.75.100.245
147.75.100.69
147.75.102.13
172.217.21.194
172.217.22.38
192.99.16.81
2.18.234.194
2.19.38.125
2606:4700::6810:5905
2606:4700::6810:fc05
2606:4700::6811:46b0
2606:4700::6811:80ab
2606:4700::6811:d5cc
2606:4700::6811:e6cc
2606:4700::6811:edcc
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:816::2003
2a00:1450:4001:817::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
2a04:4e42:3::393
3.122.197.63
37.252.173.62
51.254.62.68
51.254.62.70
51.254.62.77
52.214.152.253
68.232.35.198
93.184.220.113
0170ac187ee3fb6bd4f2b84c6e49a54cab9700d7773e2e1423dc01b4fc562f95
03e41b897b2018e5ba2c01ec39256a5fad1030826b28c9a539c9b5d19fd6af20
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07ae7cf9c7f3bfc4bc63842bb07e5846837c0071f8d96042de9d0f4a3cc997b6
0850399b7ff25de33fec4f33a9ce53a08829f80519fe84963c9c7f236eca738e
0a6af349c5d5af94d775b1528b18b0609ae2f765e97c57d55d049f6e69cb253b
0ba4e53e0f817a7314b9289e04dab9fec63db5813dc35b04d8ffe55847402aab
0c070cc0bb1207c7c7e9d482e830fdf62dd9a771b97472dd2aab0bb08848bcd7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b94550c64e7fc9aae9ee2c3f1b83db6f6d6b58a856fe3283a45ada95455e03
166b6807b770f319f83142398990541c638f2f76007ed1cec8cd2b0bc71ddee9
1957a3d5780aa7376ac637268630d371d9712b61aa97f05c664d7eca4c6b8d3a
1c21c645dec6e9f3dce4f7fe7c4ceb25ebe572625b1c8ad09c5274c2fbe986fc
1f2e2d3cc86f8c6d3f8b336116caf6759c0f8709c2939e73a1dad0f39a71171b
25941065c411f81473eb4e447130945ba13cab3b87bab7920e404b442eec7300
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f73d4079c6b4570313d4437495bc035fb93b048661d923fac4d3266f1d820cc
302041b9b2747d7f9dfb18e35d677d9ae27059ad1a07a2061a5daf5e525a69bb
35f15b99034de36c4b2cf42148015fb2df33be155e760ac8462063d016af7692
3af7c402bc8384fca2f386721a93b548cd653afd75ff03c94159d853b988234b
3e5f27d5e5d92a7499b2c01025e9d8f6c78effa35afbe71156159a221be6cece
404ae79ad9b03e63047736ebaf77df9a759b0add1fa42e02bd6a4f362d64098e
42034e972610a048ced9b5a34666245d29a3a48dce8f8a0a5bc8051c7c03f339
469831a339cc34ae09b390e8a532ec0fd68136627d2c4b221fe7e59d7140a457
4dfaff2f5d6e94657e0f881332caa67965b9cf78bd3b56767d48eaf23647633d
50b950f2ad267e0e26e3deeb2f3e56b55c8d1541bcea842235b685daaf66f411
50f3c26808094bcf2c19a83248c7538612c5751d41e6bbb0609f7e1d6fb55519
5318d9787d97afa58f1fd7c37de9e23f2f0e94985cf5fd35d448dd0e5e5389b5
539c37262ed8fcc7a9f4be94c02e544369b773448c8160230975c5606cef7eb0
553a8909a860351f45b20f4af374225ca7fecc3eccef674f406e99c3b7c3d6d3
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9
5a8220d75e59bdef847d1594f75d61a5cbdb5d01d0623d2ecb3783cc55a104c3
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5f4db85527c3283b14b9b89fceda3392c43f6c289fcbef60e4e306a85507425e
5fd1eb1c7691e033c9e3783dbde03e00376d9f9eb49cbb79bbb18c0a920683cf
6004f0b7111e09c8acdae325b3e75d38f965d89d6321df8811dabaf44d76d5df
638edab9dc8582110d373f1db5fe53d2993dc03de261e8bcadc5e860775cf60d
63f277a42a1d0bd45b4a21ae64c53163a9e34baa781e502f407d9ab948b0d6fd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
79773fe8150334555a1953c200e5f40a67ddbd93f5cb9214c3921c6c2d2ba062
7a80e9f85c96eb45ddca8f776e4bfd4083082a2526a9a88f8b4e54d02a590a99
7b84922cc94f5d93337babc2da0649a8409156c927cb00d2d529be959dcd225a
7b87291587957c928ca4ed4a8dc0c97fe937b0876e386c126cb0cc8c8c0e9d64
7c03962d551d9a86909c6fca2a2fcdc141302bccf46f7ef3ff93e3ec8b69bd11
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
7d9709cf5f304c960a35d2ddaa2a29f1208208aa0bb9bc94dc33df84333c4e30
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
95b6a4840f8711ecab427bc236eb86098db7e5c782bafb139c8c30805aa5ffe1
95e535d6fc3e64f7bdc159ad728e38b8121477a1f4d8d4bea017c0cf1c01a477
99fdcf2a8fcaa96bc3b45ff37260612e9cb4c2be20614e08198f32e123d3455c
9b39c88f79981a53899ac26efbb100db23983dd2e3bdc6980f18418b43fb370e
9f95d8bbfcb1e261b587b74c89ecc6ee9d3150ae2916f11cf50f7a7d14d9649d
a7266287380057ccde528022ec92dfc5ac86791f30a1267fe3b77ea9441144d9
a7a7aac38152bf60bb768780deb951b121ac3ee54eb0028e7aeee5fab8b331b5
b0a30bcf035ffe41d39eda71670849b0cf0f1b7bfbaceda519f2676b3dbe8164
b3dd7835a67a74da51d59fce90e3c24f8dbe7acbab1e25406efc502c35326381
b511408e6cb8502874647efb81db15d83192cae63a4ac87461d781a2470c8148
ca59dd4386f3324ad7413bdc73c10d844bc0c28fe1170b4a6beda11c8b14f486
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d384100a69b392d9cba10d45e1c690eb8f1c95f12e02c6f37e70134c7146b5d5
d76eab2ff2b7e77df5fa335321cfd91e686b0e6f8bb229b7fae1f8deebf7ac8c
d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60d7b974a8cab1175a66ead4311275e66a6ecebc6792cbfb629be175fdd6813
e94e0140ad5ee0dd772ad05d9ba5cc4cf3e2a1f5d420ea5cb783edbdbdda9f10
e9bfe9da2ce7fa958a4a717d3d7b01b32e9dd9b7b7322788efd302875e465df1
e9f31d61eee95a3d6d37051d7b73306573a370c3bf1118fdc37bb84371dd042a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecbea42fe84a1122cc5bd7cf6a724913ea242970fe999cb7ec34a3ae623f4570
eeff6473ac9e40f8c431cb3a40d423d92c5d4bde8f6bc6e846ef05d361d1d6d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc571bd1d583f32b914081b6884b4d9876cda7f0b1a21cf54092111efd9269c
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
fb32146b22a6e7cdd5457a025ef35f88250f65971da3bde15d82aef631c63a04
fbe4fc7decb16f7e730640380e9c04ec36fa8100382245f00d22a57f1e79e815
fd15c1d08eecfa3bebd1c8a1e28836de2f04036509f7ee65e1945cc0decd725d

bookingscancun.moonpalace.com Open in urlscan Pro 51.254.62.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

111 Requests

100 %HTTPS

50 %IPv6

35 Domains

49 Subdomains

37 IPs

8 Countries

2538 kBTransfer

7907 kBSize

6 Cookies

1 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

bookingscancun.moonpalace.com Open in urlscan Pro
51.254.62.70 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

50 %
IPv6

35
Domains

49
Subdomains

37
IPs

8
Countries

2538 kB
Transfer

7907 kB
Size

6
Cookies

111 HTTP transactions
1 data transactions