urlscan.io logo urlscan.io
SecurityTrails logo

app.moonclerk.com Open in urlscan Pro
52.200.34.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.payment.chronicwellnessnutrition.com/
Effective URL: https://app.moonclerk.com/pay/3wa975gk2r96
Submission: On January 09 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 12 HTTP transactions. The main IP is 52.200.34.95, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.moonclerk.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 14th 2020. Valid for: 3 months.
This is the only time app.moonclerk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.241.218.220 46606 (UNIFIEDLA...)
1 52.200.34.95 14618 (AMAZON-AES)
4 65.9.71.141 16509 (AMAZON-02)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
3 13.224.94.17 16509 (AMAZON-02)
2 52.217.41.158 16509 (AMAZON-02)
12 6
1    162.241.218.220 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5594.bluehost.com
www.payment.chronicwellnessnutrition.com
1    52.200.34.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-34-95.compute-1.amazonaws.com
app.moonclerk.com
4    65.9.71.141 (Seattle, United States)

ASN16509 (AMAZON-02, US)
d2l7e0y6ygya2s.cloudfront.net
1    2606:4700:e0::ac40:6402 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-ingest.io
3    13.224.94.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-17.zrh50.r.cloudfront.net
js.stripe.com
2    52.217.41.158 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Domain Requested by
4 d2l7e0y6ygya2s.cloudfront.net app.moonclerk.com
3 js.stripe.com d2l7e0y6ygya2s.cloudfront.net
js.stripe.com
2 s3.amazonaws.com app.moonclerk.com
1 cdn.lr-ingest.io d2l7e0y6ygya2s.cloudfront.net
1 app.moonclerk.com
1 www.payment.chronicwellnessnutrition.com 1 redirects
12 6

This site contains links to these domains. Also see Links.

Domain
chronicwellnessnutrition.com
www.moonclerk.com
Subject Issuer Validity Valid
app.moonclerk.com
Let's Encrypt Authority X3		 2020-11-14 -
2021-02-12		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-10 -
2021-07-10		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-09-22 -
2021-02-03		 4 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://app.moonclerk.com/pay/3wa975gk2r96
Frame ID: 518D1C8F0876D7313865BB2174D62AAE
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-08e761bf4ec0a4c23398ce76edb5408b.html
Frame ID: DA5CC6CCFE335BFB4B462AC80A73EA98
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-d9e5e2bfda26c81fe55a41963856c287.html
Frame ID: 2BEBA46E10B38597B62C2C408884E555
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.payment.chronicwellnessnutrition.com/ HTTP 301
    https://app.moonclerk.com/pay/3wa975gk2r96 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i

Page Statistics

12
Requests

92 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

413 kB
Transfer

1943 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.payment.chronicwellnessnutrition.com/ HTTP 301
    https://app.moonclerk.com/pay/3wa975gk2r96 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 3wa975gk2r96
app.moonclerk.com/pay/
Redirect Chain
  • https://www.payment.chronicwellnessnutrition.com/
  • https://app.moonclerk.com/pay/3wa975gk2r96
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-34-95.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
7d3f1ccf5499465f638ea93b3efb760de3f72d4de1a09cc0753bb50a4d64e08f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://app.optimizely.com 'self'
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
app.moonclerk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Cowboy
Date
Sat, 09 Jan 2021 00:46:25 GMT
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Content-Security-Policy
frame-ancestors https://app.optimizely.com 'self'
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
-1
Etag
W/"7d3f1ccf5499465f638ea93b3efb760d"
Set-Cookie
_moonclerk_session=bUFBMGtPSmFFWVFRNmR1cFhxWTZwUmd2UFYvbWlzaDJ0WHRsZHZoeUtmR3BoRElyaGZVY2xWOU44Z0NJVVpYK1V0blpydk9Dc0d3YTVqVGtmemNwMW5TNW9obVB4UGV4aDJSVEQzYWFXdG4rTDFFeVg4YzlEallRNmtFbzRNWUtNQVF4UjBsd3ZTWVpwZVM2a3o0QWRldWRPdGQrK2p1TG9pcGxGV3BPSlExSVRjRUdGOWRjdXRlMFBYdEMwN3RjLS04ZkVzZTN5dThCZFlkZFpjcmpmMVNRPT0%3D--1ad1b043bd184ab79e2aa14564c612db64fda6fa; path=/; secure; HttpOnly
X-Request-Id
8e326a2e-3e90-4cc5-a41a-92ae0c747149
X-Runtime
0.128025
Vary
Accept-Encoding
Content-Encoding
gzip
Strict-Transport-Security
max-age=3600; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 vegur

Redirect headers

date
Sat, 09 Jan 2021 00:46:25 GMT
server
Apache
location
https://app.moonclerk.com/pay/3wa975gk2r96
cache-control
max-age=300
expires
Sat, 09 Jan 2021 00:51:25 GMT
content-length
250
content-type
text/html; charset=iso-8859-1
checkouts_v2-2adcc7bd7be437925a6d1bbfe816809d93aeb8be88cab9a63402850b7e6beced.css
d2l7e0y6ygya2s.cloudfront.net/assets/ 		106 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/assets/checkouts_v2-2adcc7bd7be437925a6d1bbfe816809d93aeb8be88cab9a63402850b7e6beced.css
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.141 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
15ad3be71d4833ce8fa4f50cedbdcd4c98101b19d870156bde59d2f7f7c555ea
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 08 Jan 2021 10:29:22 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 06 Jan 2021 15:25:12 GMT
Server
Cowboy
Age
51424
Vary
Accept-Encoding
Strict-Transport-Security
max-age=3600; includeSubDomains
Content-Type
text/css
Via
1.1 vegur, 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA56-C1
Content-Length
18764
X-Amz-Cf-Id
v6iiNAKShpk5XIsLKwwEq5CgYi4lDmbfF0ed0k6Pipeiq1TcermuKw==
checkout-v3-6c9dd6e4b6bbcfdfb552.js
d2l7e0y6ygya2s.cloudfront.net/packs/js/ 		500 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/packs/js/checkout-v3-6c9dd6e4b6bbcfdfb552.js
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.141 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
0be884852e85419ed2a1adae0ea55069bc603880802b8472c024f4e95bae6fd5
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600; includeSubDomains
Via
1.1 vegur, 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 06 Jan 2021 15:27:26 GMT
Server
Cowboy
Age
54266
Date
Fri, 08 Jan 2021 09:42:00 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
no-transform
X-Amz-Cf-Pop
FRA56-C1
Content-Encoding
gzip
Content-Length
142376
X-Amz-Cf-Id
N6jh5AN16k7DGTsORck1tfjC0nwLIOhXZkDMG59QStFqXqMc7IXLdg==
logger-1.min.js
cdn.lr-ingest.io/ 		632 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: d2l7e0y6ygya2s.cloudfront.net
URL: https://d2l7e0y6ygya2s.cloudfront.net/packs/js/checkout-v3-6c9dd6e4b6bbcfdfb552.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf89e1ab7378b08c9e83dcee25983d37d98489e3a1c658f1c2c7a6f3f49028a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 00:46:26 GMT
content-encoding
br
vary
x-fh-requested-host, accept-encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
15
x-cache
HIT
cf-request-id
078634eb810000074a38247000000001
x-served-by
cache-fra19156-FRA
last-modified
Fri, 08 Jan 2021 15:30:44 GMT
server
cloudflare
x-timer
S1610120027.015014,VS0,VE1
etag
W/"f6928b72afb892a7a3f24866f22859346cca4e11ef5628c2f17ee00b16e6b7bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31556926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y%2B7yVebVMOmiJOaZgGFFafAZxygqlB63mpjA5r3svYBZMW6culVoJWSjqeWL6NG2JpUTJtedHL8sVakf3gpJbwQL1KcjdoL7eMXHcYnwCnXw6XDxKblnHGzcnYBs"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
60ea24259943074a-FRA
x-cache-hits
1
v3
js.stripe.com/ 		192 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: d2l7e0y6ygya2s.cloudfront.net
URL: https://d2l7e0y6ygya2s.cloudfront.net/packs/js/checkout-v3-6c9dd6e4b6bbcfdfb552.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-17.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1afd1f3dd98684a283f48a494041ed4eab3e03620c014197def5ba39cd649109
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"6bb48cc27542b694955ccda1320613cc"
age
225
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
DB2DF46650886DD9
x-amz-id-2
BrQDwummceB9WIrL+eanyN/6mLQU3DcCkUbB2t0obVKcgG9tXyhs2KtyCgt26PZjk8R3NbbqG+w=
last-modified
Thu, 07 Jan 2021 21:43:18 GMT
server
AmazonS3
date
Sat, 09 Jan 2021 00:42:42 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
ZRH50-C1
timing-allow-origin
*
x-amz-cf-id
BAH_-1B4Pph7_tY17WQUELQ14nnPfXoMfc6gVqNMrJWm2DJHy8I-fQ==
Website_Logo_%281%29.png
s3.amazonaws.com/moonclerk-production/themes/logos/000/023/902/medium/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/moonclerk-production/themes/logos/000/023/902/medium/Website_Logo_%281%29.png?1598908252
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.41.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
01c679423bcbd80d5496d08243383f96ba5d3050cc8aad01a51c2d2456c10e62

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 09 Jan 2021 00:46:27 GMT
Last-Modified
Mon, 31 Aug 2020 21:10:53 GMT
Server
AmazonS3
x-amz-request-id
CF6DA8592F6B973E
ETag
"b0a293d9541f772504a3f98900cadb1f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
41271
x-amz-id-2
KP1ffH5y9NSmaXiE7x5USCKGdKHwuanrF77hFKoflrZXGp+9SvScNW6kVRxq93kbZkECSxGMPaE=
Website_Logo_%281%29.png
s3.amazonaws.com/moonclerk-production/themes/mobile_logos/000/023/902/medium/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/moonclerk-production/themes/mobile_logos/000/023/902/medium/Website_Logo_%281%29.png?1598908252
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.41.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
01c679423bcbd80d5496d08243383f96ba5d3050cc8aad01a51c2d2456c10e62

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 09 Jan 2021 00:46:27 GMT
Last-Modified
Mon, 31 Aug 2020 21:10:53 GMT
Server
AmazonS3
x-amz-request-id
339DB45C04262134
ETag
"b0a293d9541f772504a3f98900cadb1f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
41271
x-amz-id-2
XLFHq0FLDSHIxVrEASLQPDrxdR5b7/TuZhpndrV2Aw79pd6oZ9AbsjMXkkKcyhSdxm8D9n/+4nU=
lock@2x-7ff4f094.png
d2l7e0y6ygya2s.cloudfront.net/packs/media/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/packs/media/images/lock@2x-7ff4f094.png
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.141 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2e06e8c07348e99801a2ea6b10462675cc031c03883b757674a613f734462745
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600; includeSubDomains
Via
1.1 vegur, 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 06 Jan 2021 15:27:26 GMT
Server
Cowboy
Age
58182
Date
Fri, 08 Jan 2021 08:36:44 GMT
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-transform
X-Amz-Cf-Pop
FRA56-C1
Content-Length
1289
X-Amz-Cf-Id
JjRUnlxGnBc5cKy_AfUrHwm89QfhH1dLMz3y_YVS8Oyu8muKZS8mGg==
powered-logo@2x-0f7bb416.png
d2l7e0y6ygya2s.cloudfront.net/packs/media/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2l7e0y6ygya2s.cloudfront.net/packs/media/images/powered-logo@2x-0f7bb416.png
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.141 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
9f8fde81da9960472ac62db27aed23d13465b873e1b487a34573b156ab455c25
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

Referer
https://app.moonclerk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600; includeSubDomains
Via
1.1 vegur, 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 06 Jan 2021 15:27:26 GMT
Server
Cowboy
Age
58182
Date
Fri, 08 Jan 2021 08:36:44 GMT
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-transform
X-Amz-Cf-Pop
FRA56-C1
Content-Length
3511
X-Amz-Cf-Id
-vJz4Xt7zVP-QfFYJ1U9gx3M0od8rVFhWz6vlJ90vZnTMveMNWcksQ==
63dd935b-1b54-48f9-99a2-6584914221ae
https://app.moonclerk.com/ 		420 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.moonclerk.com/63dd935b-1b54-48f9-99a2-6584914221ae
Requested by
Host: app.moonclerk.com
URL: https://app.moonclerk.com/pay/3wa975gk2r96
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de2e93a5823cc243f7debe975a8e64cdc4606856b0464374bd91589217ffe47b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
429892
controller-08e761bf4ec0a4c23398ce76edb5408b.html
js.stripe.com/v3/ Frame DA5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-08e761bf4ec0a4c23398ce76edb5408b.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-17.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-08e761bf4ec0a4c23398ce76edb5408b.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.moonclerk.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.moonclerk.com/

Response headers

content-type
text/html; charset=utf-8
content-length
562
x-amz-id-2
OVruf2Q8AFxNGVKpVyY6vYadMQu6hoD5HeAenb4s0GyKIWdHXjehTv+xm1WewKIZBnzCRt+ZBCA=
x-amz-request-id
9WBK4Y3H5N6REPBM
last-modified
Thu, 07 Jan 2021 21:25:17 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date
Sat, 09 Jan 2021 00:42:23 GMT
cache-control
public, max-age=300
etag
"08e761bf4ec0a4c23398ce76edb5408b"
x-cache
Hit from cloudfront
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
r7V1ZWO9VS-dFHcCPfx6GpuB0pGbZiRo6XNmgq7oDhSWQULPfBflKg==
age
250
m-outer-d9e5e2bfda26c81fe55a41963856c287.html
js.stripe.com/v3/ Frame 2BEB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-d9e5e2bfda26c81fe55a41963856c287.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-17.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-d9e5e2bfda26c81fe55a41963856c287.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.moonclerk.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.moonclerk.com/

Response headers

content-type
text/html; charset=utf-8
content-length
215
x-amz-id-2
DcN/4+Mt64xoFNBpAvFYWobHOz86VdOmPOoM1cO8EQlgtILR0VUiUUpnrwkbosvwjAMMec6OdaY=
x-amz-request-id
4AA4ADBC819A8BB1
last-modified
Thu, 07 Jan 2021 21:25:17 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Sat, 09 Jan 2021 00:43:12 GMT
cache-control
public, max-age=300
etag
"d9e5e2bfda26c81fe55a41963856c287"
x-cache
Hit from cloudfront
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
ATRt6-RDQbmxYu0w0p7f44_EGR3w8FnRTbhpShIrAuTEBrudWjIZBA==
age
195

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| _lrMutationObserver object| __SDKCONFIG__ object| regeneratorRuntime object| __core-js_shared__ function| _LRLogger boolean| _lr_loaded function| Stripe

1 Cookies

Domain/Path Name / Value
app.moonclerk.com/ Name: _moonclerk_session
Value: bUFBMGtPSmFFWVFRNmR1cFhxWTZwUmd2UFYvbWlzaDJ0WHRsZHZoeUtmR3BoRElyaGZVY2xWOU44Z0NJVVpYK1V0blpydk9Dc0d3YTVqVGtmemNwMW5TNW9obVB4UGV4aDJSVEQzYWFXdG4rTDFFeVg4YzlEallRNmtFbzRNWUtNQVF4UjBsd3ZTWVpwZVM2a3o0QWRldWRPdGQrK2p1TG9pcGxGV3BPSlExSVRjRUdGOWRjdXRlMFBYdEMwN3RjLS04ZkVzZTN5dThCZFlkZFpjcmpmMVNRPT0%3D--1ad1b043bd184ab79e2aa14564c612db64fda6fa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://app.optimizely.com 'self'
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block