Submitted URL: http://donate.marssociety.org/
Effective URL: https://app.moonclerk.com/pay/cpqwtqsun85
Submission: On April 25 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 3.220.57.224, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.moonclerk.com. The Cisco Umbrella rank of the primary domain is 866779.
TLS certificate: Issued by R3 on March 11th 2022. Valid for: 3 months.
This is the only time app.moonclerk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 64.90.44.250 26347 (DREAMHOST-AS)
1 3.220.57.224 14618 (AMAZON-AES)
4 52.222.232.78 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 108.138.7.103 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.217.194.16 16509 (AMAZON-02)
12 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:224... 16509 (AMAZON-02)
1 34.210.34.248 16509 (AMAZON-02)
31 10
Apex Domain
Subdomains
Transfer
19 stripe.com
js.stripe.com — Cisco Umbrella Rank: 964
q.stripe.com — Cisco Umbrella Rank: 6249
r.stripe.com — Cisco Umbrella Rank: 4301
m.stripe.com — Cisco Umbrella Rank: 910
243 KB
4 cloudfront.net
d2l7e0y6ygya2s.cloudfront.net
301 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1019
18 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 marssociety.org
donate.marssociety.org
361 B
1 amazonaws.com
s3.amazonaws.com
12 KB
1 lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 9367
161 KB
1 moonclerk.com
app.moonclerk.com — Cisco Umbrella Rank: 866779
10 KB
31 8
Domain Requested by
9 r.stripe.com js.stripe.com
6 js.stripe.com d2l7e0y6ygya2s.cloudfront.net
js.stripe.com
4 d2l7e0y6ygya2s.cloudfront.net app.moonclerk.com
3 q.stripe.com app.moonclerk.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google-analytics.com app.moonclerk.com
www.google-analytics.com
2 donate.marssociety.org 2 redirects
1 m.stripe.com m.stripe.network
1 s3.amazonaws.com app.moonclerk.com
1 cdn.lr-ingest.io d2l7e0y6ygya2s.cloudfront.net
1 app.moonclerk.com
31 11

This site contains links to these domains. Also see Links.

Domain
www.moonclerk.com
Subject Issuer Validity Valid
app.moonclerk.com
R3
2022-03-11 -
2022-06-09
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-04-19 -
2022-08-05
4 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-11 -
2022-07-04
3 months crt.sh
s3.amazonaws.com
Amazon
2022-04-01 -
2023-03-30
a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-11 -
2022-06-09
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-11 -
2022-08-03
4 months crt.sh

This page contains 4 frames:

Primary Page: https://app.moonclerk.com/pay/cpqwtqsun85
Frame ID: 817163D0BDBB4D43825E6FFE2E9E88A0
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-75c950b812febf79765f3ace67040085.html
Frame ID: B4AC8270557D4A2FD7F40689D329E26C
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Frame ID: 0319D5DA43FF451300E143EBD857A58C
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 71F0C74AB622D6FE677FC6BE3EF9D44A
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Donate to The Mars Society

Page URL History Show full URLs

  1. http://donate.marssociety.org/ HTTP 301
    https://donate.marssociety.org/ HTTP 301
    https://app.moonclerk.com/pay/cpqwtqsun85 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io

Page Statistics

31
Requests

97 %
HTTPS

30 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

764 kB
Transfer

3329 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://donate.marssociety.org/ HTTP 301
    https://donate.marssociety.org/ HTTP 301
    https://app.moonclerk.com/pay/cpqwtqsun85 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request cpqwtqsun85
app.moonclerk.com/pay/
Redirect Chain
  • http://donate.marssociety.org/
  • https://donate.marssociety.org/
  • https://app.moonclerk.com/pay/cpqwtqsun85
8 KB
10 KB
Document
General
Full URL
https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-57-224.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
efe71e63540834be4a93d976d4b0517d25328139d164ef7e559f600a1c228505
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://app.optimizely.com 'self'
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Security-Policy
frame-ancestors https://app.optimizely.com 'self'
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Apr 2022 08:42:09 GMT
Etag
W/"efe71e63540834be4a93d976d4b0517d"
Expires
-1
Link
<https://d2l7e0y6ygya2s.cloudfront.net/assets/theme_v1-f7f345f03239fb7af667c1c34cf87e49cb3da2cbff6230e393732311f097d212.css>; rel=preload; as=style; nopush,<https://d2l7e0y6ygya2s.cloudfront.net/packs/js/checkouts-3168171708d3696d8bc0.js>; rel=preload; as=script; nopush
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Strict-Transport-Security
max-age=3600; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
e4cdc9c9-519c-41bf-93ff-d7f19514c04d
X-Runtime
0.027959
X-Xss-Protection
1; mode=block

Redirect headers

content-length
249
content-type
text/html; charset=iso-8859-1
date
Mon, 25 Apr 2022 08:42:10 GMT
location
https://app.moonclerk.com/pay/cpqwtqsun85
server
Apache
theme_v1-f7f345f03239fb7af667c1c34cf87e49cb3da2cbff6230e393732311f097d212.css
d2l7e0y6ygya2s.cloudfront.net/assets/
102 KB
18 KB
Stylesheet
General
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/assets/theme_v1-f7f345f03239fb7af667c1c34cf87e49cb3da2cbff6230e393732311f097d212.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-78.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
df60f36c658ce4dd28d66d5adc1a9cdbd856990df980a48f0d8a570f8348a465
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600; includeSubDomains
Via
1.1 vegur, 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
Last-Modified
Tue, 21 Dec 2021 20:27:15 GMT
Server
Cowboy
Age
5285
Date
Mon, 25 Apr 2022 08:27:24 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P4
Content-Encoding
gzip
Content-Length
17855
X-Amz-Cf-Id
9iJ87vDps8yavUqBa8q37_0hcWNYlgCczz_thAbdxfQ_2rM1Ei9iVg==
checkouts-3168171708d3696d8bc0.js
d2l7e0y6ygya2s.cloudfront.net/packs/js/
966 KB
277 KB
Script
General
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/packs/js/checkouts-3168171708d3696d8bc0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-78.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
c03170337c3e7e70a7a755467682aa1a4a11d7b918dc3fe0c0d39748eb140eea
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600; includeSubDomains
Via
1.1 vegur, 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 Apr 2022 18:07:42 GMT
Server
Cowboy
Age
15559
Date
Mon, 25 Apr 2022 04:22:50 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P4
Content-Encoding
gzip
Content-Length
283571
X-Amz-Cf-Id
5cTzzMWe_7nMifykTUp5E3yHBsPCYD96LiHnkOJ_w5P_78vk1JmDpw==
logger-1.min.js
cdn.lr-ingest.io/
777 KB
161 KB
Script
General
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: d2l7e0y6ygya2s.cloudfront.net
URL: https://d2l7e0y6ygya2s.cloudfront.net/packs/js/checkouts-3168171708d3696d8bc0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b46df8830558abf2dad253e7205175e81ba423ab0433a9a82ff77c0a2b8dbca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 08:42:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
169
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31556926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19180-FRA
last-modified
Fri, 22 Apr 2022 19:35:30 GMT
server
cloudflare
x-timer
S1650656132.956100,VS0,VE336
etag
W/"bed9a441fa1c5cfddb1e3da82ede0f3b150891674d56daa79594fa6f39bdfe12"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJFh%2Fe8gVIrdHSpvUheA0KCyWhQuh%2FvP6oZkW%2B8Sw%2FMZ7QECLvHWwNGgoz3QltIIdTyaJ7nZFFMU27TGnYcIOHu6tyrfSOlVwOTdyLRLRWXML9%2BtkiW%2F%2FbKtqusgBD%2BLz8%2BWJcKnCzN9SXjt4zFw"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7015c8aa08a590dc-FRA
x-cache-hits
1
v3
js.stripe.com/
297 KB
78 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: d2l7e0y6ygya2s.cloudfront.net
URL: https://d2l7e0y6ygya2s.cloudfront.net/packs/js/checkouts-3168171708d3696d8bc0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
396f26b4b27f1ea50f587d40722491546b5fbc1d7bfb4c8479d83183370b141f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
17
x-cache
Hit from cloudfront
date
Mon, 25 Apr 2022 08:41:54 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Fri, 22 Apr 2022 18:09:42 GMT
server
Cloudfront
etag
W/"fc3e646e0a1fc74eefbff5ebb5f83249"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
timing-allow-origin
*
x-amz-cf-id
eiZVNv4-qWn5CwmX-IAAPZ-qB0ozI9vvP-_QDT6dTAYWVIisNs0muw==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1499
date
Mon, 25 Apr 2022 08:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 25 Apr 2022 10:17:11 GMT
Mars_Society_logo.png
s3.amazonaws.com/moonclerk-production/themes/logos/000/006/197/medium/
11 KB
12 KB
Image
General
Full URL
https://s3.amazonaws.com/moonclerk-production/themes/logos/000/006/197/medium/Mars_Society_logo.png?1454968602
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.194.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
617a53dcaa9649c713af0b7d4f044acbe8b2670d3eae79143b3e52752053ef9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 08:42:12 GMT
Last-Modified
Mon, 08 Feb 2016 21:56:44 GMT
Server
AmazonS3
x-amz-request-id
HEE68HXYJTR3PZ1K
ETag
"be5148c150d21c95151bfa2643ba96d0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11500
x-amz-id-2
ijR9i/PljyPTiarOExY0mDFNqhT8QPm5slzYHv647HRKSixx9l+fe9fGkfbQ4/S93gL8z65TzP0=
lock@2x-7ff4f094.png
d2l7e0y6ygya2s.cloudfront.net/packs/media/images/
1 KB
2 KB
Image
General
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/packs/media/images/lock@2x-7ff4f094.png
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-78.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
2e06e8c07348e99801a2ea6b10462675cc031c03883b757674a613f734462745
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600; includeSubDomains
Via
1.1 vegur, 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 Apr 2022 18:07:42 GMT
Server
Cowboy
Age
21479
Date
Mon, 25 Apr 2022 02:44:11 GMT
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P4
Content-Length
1289
X-Amz-Cf-Id
Y9bO8XDebXzPemAOfBl6qXk3O495EgHCWQkrw3LaWVzsIp_SKOeXfQ==
powered-logo@2x-0f7bb416.png
d2l7e0y6ygya2s.cloudfront.net/packs/media/images/
3 KB
4 KB
Image
General
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/packs/media/images/powered-logo@2x-0f7bb416.png
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-78.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
9f8fde81da9960472ac62db27aed23d13465b873e1b487a34573b156ab455c25
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600; includeSubDomains
Via
1.1 vegur, 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 Apr 2022 18:07:42 GMT
Server
Cowboy
Age
12507
Date
Mon, 25 Apr 2022 05:13:43 GMT
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P4
Content-Length
3511
X-Amz-Cf-Id
-dQyUSDY2_ImuYtlEcXj3x7ZoaDZH7diPfm7yB6fmi0wfwIOCO8HDg==
5c8ca0cd-597a-43e7-bee6-15406378e2b9
https://app.moonclerk.com/
436 KB
0
Other
General
Full URL
blob:https://app.moonclerk.com/5c8ca0cd-597a-43e7-bee6-15406378e2b9
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5a6a92ce7c885c903f4223c24f844a4f5a110b41636ea0d58eec1676eb4b9ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Length
446968
controller-75c950b812febf79765f3ace67040085.html
js.stripe.com/v3/ Frame B4AC
349 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/controller-75c950b812febf79765f3ace67040085.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cb50fb302dfc114e7a8b300867491ba15169fcb4ca084119ab7fdabd7af7d0fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.moonclerk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
43
cache-control
max-age=60
content-length
349
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 08:41:35 GMT
etag
"75c950b812febf79765f3ace67040085"
last-modified
Fri, 22 Apr 2022 17:21:09 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-id
AAe36b0kaVsYPAAHszlIVjItKvJASfVOEflx0eJVWDhjx-ZA10harA==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
www.google-analytics.com/j/
2 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2036067690&t=pageview&_s=1&dl=https%3A%2F%2Fapp.moonclerk.com%2Fpay%2Fcpqwtqsun85&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Mars%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=41475565&gjid=522630856&cid=1171742189.1650876131&tid=UA-24578308-5&_gid=167668379.1650876131&_r=1&_slc=1&z=577150805
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.moonclerk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 08:42:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.moonclerk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame B4AC
0
346 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 25 Apr 2022 08:42:11 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
2
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
shared-a1f9287129906a08f74cfbaaf2a881f7.js
js.stripe.com/v3/fingerprinted/js/ Frame B4AC
211 KB
58 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-75c950b812febf79765f3ace67040085.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f70a2992d77a9f93de8de761df6e2b416bdd9fe80f935855248c04d313090fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-75c950b812febf79765f3ace67040085.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
35
x-cache
Hit from cloudfront
date
Mon, 25 Apr 2022 08:41:35 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Fri, 22 Apr 2022 17:21:12 GMT
server
Cloudfront
etag
W/"1a44a909d2dcaccc45dfa3d650c4c754"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
timing-allow-origin
*
x-amz-cf-id
nf2Q9ngVuaW8qI14nCYd0yvzF_b_zGQo35lDAubnCQXZZfEPztX4iQ==
controller-9669ee8d1c5aa0090d315dde6a5608c4.js
js.stripe.com/v3/fingerprinted/js/ Frame B4AC
378 KB
101 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-9669ee8d1c5aa0090d315dde6a5608c4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-75c950b812febf79765f3ace67040085.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
12bb9615318d365ea9bf647aeebc8847d751761b4365b16b1ece2f43a01cdd77
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-75c950b812febf79765f3ace67040085.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
41
x-cache
Hit from cloudfront
date
Mon, 25 Apr 2022 08:41:35 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Fri, 22 Apr 2022 17:21:18 GMT
server
Cloudfront
etag
W/"d009b8894021dafc256ec1125b6cc28a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
timing-allow-origin
*
x-amz-cf-id
9LLBXnS_yYCH6rcVYFDMyjU9GMw-Nd6En0MPSFzsptHz6lxGSa8Clg==
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame B4AC
0
128 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
m-outer-23335cd0c833d03926d94e8fb5cb0381.html
js.stripe.com/v3/ Frame 0319
240 B
979 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.moonclerk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2129
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 08:06:45 GMT
etag
"23335cd0c833d03926d94e8fb5cb0381"
last-modified
Tue, 05 Apr 2022 17:50:14 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-id
j7eTdB75g4e0Rs4nIt4GJAUlKQ7b4Z7OJ7lrpTz6bPWBru22Bw7WFg==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
0
r.stripe.com/ Frame B4AC
0
127 B
XHR
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a1f9287129906a08f74cfbaaf2a881f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 25 Apr 2022 08:42:11 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
csp-report
q.stripe.com/ Frame 0319
0
347 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 25 Apr 2022 08:42:11 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
js.stripe.com/v3/fingerprinted/js/ Frame 0319
1 KB
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-103.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
11
x-cache
Hit from cloudfront
date
Mon, 25 Apr 2022 08:42:00 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Tue, 05 Apr 2022 17:50:29 GMT
server
Cloudfront
etag
W/"d0c7e21ec457b6a134a496f107c3ca93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
timing-allow-origin
*
x-amz-cf-id
9tt5FInivV7CRgbuBmgqqIWvkAVvkfDvq4l4zmXFxa1nJkG-2luPjg==
inner.html
m.stripe.network/ Frame 71F0
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
268
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 08:37:44 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-id
0JHTq5qTr5bUxdQWp39FA18vzoo-u_xK0CNcl4q92meoAKwisrdPWw==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 71F0
0
120 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/cpqwtqsun85
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 25 Apr 2022 08:42:11 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.42.js
m.stripe.network/ Frame 71F0
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
209
x-cache
Hit from cloudfront
date
Mon, 25 Apr 2022 08:38:43 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
tJRQzmfYtcp4A8BWzBeOHauOVOkr69ELKncI-RCULacJK3-sRKFmjQ==
6
m.stripe.com/ Frame 71F0
156 B
522 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.34.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-34-248.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0f21a4b27815897d230eaa2c47240789530fbfab76b6afd9a0b5d5b38809a296
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 08:42:11 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| _lrMutationObserver object| __SDKCONFIG__ object| regeneratorRuntime string| GoogleAnalyticsObject function| ga function| _LRLogger boolean| _lr_loaded object| __webpackStripeJSv3Jsonp function| Stripe object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
app.moonclerk.com/ Name: _moonclerk_session
Value: pFg8aKcyiZCk8uYVI01vmwd7s5x6ULu52cebA95vgS2ZqjqWvovT0SCYXqlrpoTpX14wM%2BMXhlFbclPDdvZUK%2BQEfF30BY%2BIctm7yoHJaxTfB8YCkThNQInCF6%2B%2BfpFfgJbwdm7Ht1ue0eYSN8K0XEBF92Pbsfvp2oKlQuXFE9f%2B3LWsgSLD4e28bFqVPdUlNc%2FlazrAEresvqG1nn175IKjgup9YMt4H5O10oMar3RgT1W%2Fe0ysj53kg3II4n%2FWrHirPgmCTp%2Bw7hA0jUYZmNy7v%2F2NTvFRRyAo7dc5t3LF0ytxgm9P%2FzB1Dt1cN2ZkMPmTDNu2--OlIuaWOnyj%2FQzFm6--04k558dth4yi%2BZ%2FDvMRs6w%3D%3D
.moonclerk.com/ Name: _ga
Value: GA1.2.1171742189.1650876131
.moonclerk.com/ Name: _gid
Value: GA1.2.167668379.1650876131
.moonclerk.com/ Name: _gat
Value: 1
m.stripe.com/ Name: m
Value: eeb2a2ac-caef-4f61-862f-2862e2d54dfbe65a37
.app.moonclerk.com/ Name: __stripe_mid
Value: 0672729f-900a-4420-a082-cbea0c2df72a866eb7
.app.moonclerk.com/ Name: __stripe_sid
Value: 96a703a9-bad2-44a9-93f4-65bc8a49959473bb1e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://app.optimizely.com 'self'
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.moonclerk.com
cdn.lr-ingest.io
d2l7e0y6ygya2s.cloudfront.net
donate.marssociety.org
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
s3.amazonaws.com
www.google-analytics.com
108.138.7.103
2600:9000:224a:c400:19:7d10:bd80:93a1
2a00:1450:4001:827::200e
2a06:98c1:3121::7
3.220.57.224
34.210.34.248
52.217.194.16
52.222.232.78
54.187.119.242
64.90.44.250
0f21a4b27815897d230eaa2c47240789530fbfab76b6afd9a0b5d5b38809a296
12bb9615318d365ea9bf647aeebc8847d751761b4365b16b1ece2f43a01cdd77
2b46df8830558abf2dad253e7205175e81ba423ab0433a9a82ff77c0a2b8dbca
2e06e8c07348e99801a2ea6b10462675cc031c03883b757674a613f734462745
396f26b4b27f1ea50f587d40722491546b5fbc1d7bfb4c8479d83183370b141f
617a53dcaa9649c713af0b7d4f044acbe8b2670d3eae79143b3e52752053ef9f
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9f8fde81da9960472ac62db27aed23d13465b873e1b487a34573b156ab455c25
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
c03170337c3e7e70a7a755467682aa1a4a11d7b918dc3fe0c0d39748eb140eea
cb50fb302dfc114e7a8b300867491ba15169fcb4ca084119ab7fdabd7af7d0fb
df60f36c658ce4dd28d66d5adc1a9cdbd856990df980a48f0d8a570f8348a465
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efe71e63540834be4a93d976d4b0517d25328139d164ef7e559f600a1c228505
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5a6a92ce7c885c903f4223c24f844a4f5a110b41636ea0d58eec1676eb4b9ee
f70a2992d77a9f93de8de761df6e2b416bdd9fe80f935855248c04d313090fb6