paywithmoon.com Open in urlscan Pro
2606:4700:20::ac43:4686 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paywithmoon.com/l
Submission: On January 08 via manual (January 8th 2023, 12:56:48 pm UTC) from BD — Scanned from DE

Summary HTTP 54 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 54 HTTP transactions. The main IP is 2606:4700:20::ac43:4686, located in United States and belongs to CLOUDFLARENET, US. The main domain is paywithmoon.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 29th 2022. Valid for: a year.

This is the only time paywithmoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
2	75.2.10.96 75.2.10.96	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
12	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
54	17

11 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

paywithmoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7daf (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.10.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: a64bed9ff5004f5b3.awsglobalaccelerator.com

use1.fptls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8629 va.tawk.to — Cisco Umbrella Rank: 8538	199 KB
11	paywithmoon.com paywithmoon.com	646 KB
6	unpkg.com 3 redirects unpkg.com — Cisco Umbrella Rank: 1163	85 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235	73 KB
2	fptls.com use1.fptls.com — Cisco Umbrella Rank: 13385	568 B
2	gstatic.com fonts.gstatic.com	70 KB
2	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 3932 rs.fullstory.com — Cisco Umbrella Rank: 3524	67 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	132 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	39 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	338 B
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 22168	35 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1204	25 KB
54	13

	Domain	Requested by
18	embed.tawk.to	paywithmoon.com embed.tawk.to
11	paywithmoon.com	paywithmoon.com
6	unpkg.com	3 redirects paywithmoon.com
5	va.tawk.to	paywithmoon.com
2	use1.fptls.com	paywithmoon.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	paywithmoon.com www.googletagmanager.com
2	fonts.googleapis.com	paywithmoon.com
1	cdn.jsdelivr.net	embed.tawk.to
1	region1.google-analytics.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	rs.fullstory.com	paywithmoon.com
1	fpnpmcdn.net	paywithmoon.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	paywithmoon.com
1	edge.fullstory.com	paywithmoon.com
1	maxcdn.bootstrapcdn.com	paywithmoon.com
54	17

This site contains links to these domains. Also see Links.

Domain
angel.co
www.facebook.com
twitter.com
instagram.com
discord.gg

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-29` - `2023-12-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
fpcdn.io Amazon RSA 2048 M01	`2022-11-09` - `2023-12-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.fullstory.com R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
use1.fptls.com R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://paywithmoon.com/l
Frame ID: D33F4A59EBDF4E94AD720CD0E30E0816
Requests: 45 HTTP requests in this frame

Frame: https://paywithmoon.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200
Frame ID: 4D00AFA61C2B2738A96324FBDAAC94E3
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 3BCA5F92DD979B4524D8A73F34290580
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/min-widget.css
Frame ID: C7AC573233935F3FCABA4844E46A514F
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/message-preview.css
Frame ID: 4A244F5E3A860685DF544266602FB2C3
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/max-widget.css
Frame ID: 06D7AA83B84FDD8EF50A3EE741D84F1A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Moon - Shop Online with Cryptocurrency

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

54
Requests

94 %
HTTPS

59 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1372 kB
Transfer

4749 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://angel.co/company/moon-13/jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/paywithmoon/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?region=follow_link&screen_name=paywithmoon&tw_p=followbutton

Search URL Search Domain Scan URL

URL: https://instagram.com/paywithmoon

Search URL Search Domain Scan URL

URL: https://discord.gg/E9TP7wPtZF

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/react/umd/react.production.min.js HTTP 302
https://unpkg.com/react@18.2.0/umd/react.production.min.js

Request Chain 6

https://unpkg.com/react-dom/umd/react-dom.production.min.js HTTP 302
https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Request Chain 7

https://unpkg.com/react-bootstrap@next/dist/react-bootstrap.min.js HTTP 302
https://unpkg.com/react-bootstrap@2.5.0-beta.1/dist/react-bootstrap.min.js

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request l Show response
paywithmoon.com/ 8 KB
4 KB 116ms
82ms Document
text/html 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4b5bee35ca2a84b883cbede08224ae7f9f6203de2abd8e71d8d02bb92908d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 78651845edad2be9-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 08 Jan 2023 12:56:43 GMT
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RX1V0pJJpXQ0SBo7xaxs8sa0i6s9O1UOgTb1Fw4%2FLPnTK8XZ64AG9RqXtX3nRcLkl5WdyYVZODD21XfoLSb3SsW2V7L5qXUlaH1gdcmi3yT4UNor%2FB4fZv4TZaoGBALSD7AW72RvJTVFBxIyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-frame-options: DENY
x-served-by: cache-hhn-etou8220097-HHN
x-timer: S1673182603.212058,VS0,VE43

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 128ms
53ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:300,400,600,700,800

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f37de7922511a3f794b21520b20324226c15a11a536366f707834a19ae0ce9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 12:56:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Jan 2023 12:56:43 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 51ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 17386266
cdn-cachedat: 2021-06-08 14:20:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 71423675f6aafc62398a3860474c994a
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 786518469ba692ba-FRA
cdn-requestpullsuccess: True

GET
H2 200 index.css
paywithmoon.com/stylesheets/ 57 B
469 B 61ms
60ms Stylesheet
text/css 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/stylesheets/index.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

108d9e1babda8890a913b0a3d867ae87dba8fe37f56b101a1a800174a83dbeb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=31556926
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-served-by: cache-hhn-etou8220024-HHN
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
server: cloudflare
x-timer: S1673182603.288606,VS0,VE31
etag: W/"03cc6bea4322eee9a720707d08ddd785557bf2084a4fbce17e1ec5512178ef23"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dLPqfav1Ft%2FOxhosGZm%2F6sRHvIkzUccXuAG59O3VI%2BSkiphicAzG3Y1%2FlMZyhTBudgMeoEUSt1ZHFeaq2Nu0aNyHtqjf63izb7UGOSeZINtfDKQVGebws%2BP4KS9Bstkfm%2BmJ7lCnNQ6Ems9SA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 786518466ea32be9-FRA
x-cache-hits: 0

GET
H2 200 2.b05f090d.chunk.css
paywithmoon.com/static/css/ 144 KB
23 KB 65ms
64ms Stylesheet
text/css 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/css/2.b05f090d.chunk.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c847f8d5e416bcf7a229eea8aca98d8bd84b5f51ce9ab1d86c4a0af657262c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
server: cloudflare
x-timer: S1673182603.292132,VS0,VE32
etag: "7c62a3e3edbb5313ca039a32d2d1803e43f3b1e1b94cd80427ff6cebc4294ba3"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iO%2BZKk1kc3WXLPKXKYyO%2F9FSj2MUe7uVUh22ZQg5y5XQqnPkn6oUIylZ33y5PevxYUjJhp7al45XZhkC10F%2F9cksL%2F%2FtBJV4drhz7eGDrrAY7uTMZHZIDYtvTJLR3CrjNT7LVNLIJgfJvppWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 786518466ea42be9-FRA
x-cache-hits: 0

GET
H2 200 main.085f341c.chunk.css
paywithmoon.com/static/css/ 79 KB
14 KB 63ms
62ms Stylesheet
text/css 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/css/main.085f341c.chunk.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79e433be772c71b3f7b7faf00a0c47d9a44de2484b15d7f0432777aa6ec1532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-fra-eddf8230107-FRA
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
server: cloudflare
x-timer: S1673182603.289958,VS0,VE31
etag: "12f51d554dd46267869de4415ba9a5736bb9685d085978cb96d5d1ec0c289b59"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvA4TZzhxPybPgosksQZPI0jkvhuxN3emQgSGZHJGTxWGwo%2FojrZjaNuuazjU6FYnoKuhSBD8JTubvGKRrNnSpD%2BtaJ2F46VtJQTkEXOce%2FQOCHAmqfekLaHjD%2Fb7C3WyJpi42NH0DjHbhIJPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 786518466ea62be9-FRA
x-cache-hits: 0

GET
H2

200

react.production.min.js Show response
unpkg.com/react@18.2.0/umd/
Redirect Chain

https://unpkg.com/react/umd/react.production.min.js
https://unpkg.com/react@18.2.0/umd/react.production.min.js

10 KB
4 KB

16ms
15ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@18.2.0/umd/react.production.min.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 17206032
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G67YA71Z49RAA1N0WGSXH8H1-fra
server: cloudflare
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78651846ae15bb9d-FRA

Redirect headers

date: Sun, 08 Jan 2023 12:56:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GP8PRXKECNJQ2BJZPCAWQAHV-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 521
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react@18.2.0/umd/react.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 786518468ddbbb9d-FRA

GET
H2

200

react-dom.production.min.js Show response
unpkg.com/react-dom@18.2.0/umd/
Redirect Chain

https://unpkg.com/react-dom/umd/react-dom.production.min.js
https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

129 KB
43 KB

21ms
21ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 17946426
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G5HW728TH3Z5WJPBMSSPJ7E0-fra
server: cloudflare
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78651846ae16bb9d-FRA

Redirect headers

date: Sun, 08 Jan 2023 12:56:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GP8Q4JRFGZ7AGQMK6TW1VPVS-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 139
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react-dom@18.2.0/umd/react-dom.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 786518468ddebb9d-FRA

GET
H2

200

react-bootstrap.min.js Show response
unpkg.com/react-bootstrap@2.5.0-beta.1/dist/
Redirect Chain

https://unpkg.com/react-bootstrap@next/dist/react-bootstrap.min.js
https://unpkg.com/react-bootstrap@2.5.0-beta.1/dist/react-bootstrap.min.js

111 KB
37 KB

27ms
26ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-bootstrap@2.5.0-beta.1/dist/react-bootstrap.min.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fd8838106dda2dbbb8350a295a5f9a454c7b8103e5f3cab06bc0158781247e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 15868719
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G7FSM3N2YC5ZV60RSAET3RDN-fra
server: cloudflare
etag: W/"1bc2c-tBjyVCBRlkRqQCTbDEh4PH7X+4U"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78651846ae13bb9d-FRA

Redirect headers

date: Sun, 08 Jan 2023 12:56:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GP8Q4JRCCSAPAP6K7REWF0XX-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 139
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react-bootstrap@2.5.0-beta.1/dist/react-bootstrap.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 786518468ddfbb9d-FRA

GET
H2 200 2.9a605292.chunk.js Show response
paywithmoon.com/static/js/ 1 MB
415 KB 75ms
75ms Script
text/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/js/2.9a605292.chunk.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c26475a9ab7ed1e47997b2262febbcf259cfda4fb2be099b655a7c8436beaedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-hhn-etou8220026-HHN
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
server: cloudflare
x-timer: S1673182603.291658,VS0,VE37
etag: "4c730e9ed72c50f2590aef56564ddf6047ed5f6fa97a5fc81d78498a418f0667"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf67mqyFC86g4eQge0Rf6%2BlmnftyO3fqWIYcDsW8I6pPWr%2FcWpnyLPSFcj8psXxRT0bHyFRhoIiHVDi%2F30gaiC5TybzbvXV6obC2TkIgs6yZlRmf0cpnCOOo1gr%2Bk8kN%2Fg2vMZKRuxheZXXd8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 786518466ea72be9-FRA
x-cache-hits: 0

GET
H2 200 main.dfa97538.chunk.js Show response
paywithmoon.com/static/js/ 476 KB
152 KB 77ms
77ms Script
text/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/js/main.dfa97538.chunk.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c00f77d0c98c3aeee393f51e7391898753327aa708d4bc38f1e97581f2d82b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-hhn-etou8220070-HHN
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
server: cloudflare
x-timer: S1673182603.304869,VS0,VE32
etag: "b5039822d9b23b73879302bd7d3f386f2d2b594ab70f8226529e08dd70837b95"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjfCeywJuGdFYWSvn%2BTKi92M73Db%2BGnft5VB7v6RiHkt144Jiesxez0BcGbuXpFHjEIWPosaQl%2BvbZ1rZIRwMYDaYbLlIzJ7XzJ3Ij%2F%2BRKfFO9kpfsJpFPb6ExC%2FVanPdnzLwYGsv4asP3Ob8g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 786518466ea82be9-FRA
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
56 KB 60ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPD2986

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7d88418c6262507ecf98941b68ae6d3568bc8f3a585c720212a5a6d82dee6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56478
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Jan 2023 12:56:43 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 263 KB
66 KB 52ms
15ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: paywithmoon.com
URL: https://paywithmoon.com/l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ebee46eca18876c7d599bf20bd8f65c9d947350847e1aa7088cedef3d0af160

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:32:03 GMT
content-encoding: br
age: 1480
x-guploader-uploadid: ADPycdvb50tsuzKVOdq4pJyv7aNTowlhVmiREatRQ2Cu4dRov_aMriRUNHH4P3u-YH9GZFchHWmWQDYCCP-IgQLQraN6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67185
last-modified: Wed, 04 Jan 2023 15:42:06 GMT
server: UploadServer
etag: "e8df8ade6333ce0c76d894b903d986f2"
vary: Accept-Encoding
x-goog-generation: 1672846926468441
x-goog-hash: crc32c=xR86Zw==, md5=6N+K3mMzzgx22JS5A9mG8g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67185
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 08 Jan 2023 13:32:03 GMT

GET
H2 200 hotjar-1183284.js Show response
static.hotjar.com/c/ 8 KB
4 KB 30ms
7ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1183284.js?sv=6

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

8104332526d748b16aa5cc2eb9a5171948faff9c17f0085d5b8a95b055dfde78

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 12:56:17 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 26
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/f82bd614e2e605675bb7777d9286b675
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Z5KeUNXLlSHOk1r1ACQHfffYjaUpF-8nkc8EzTq4kM3gWjYPAniIxQ==

GET
H2 200 default Show response
embed.tawk.to/5c04c74c40105007f37aaf1b/ 2 KB
942 B 49ms
17ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5c04c74c40105007f37aaf1b/default

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa40119c41ecce4cd42260ca5181a6ac786d2c27754ba7eba78b824f1f442d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 5888
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 786518477d7d9025-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 4 KB
553 B 50ms
50ms Stylesheet
text/css 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/css/main.085f341c.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddf9b0e3af77c79cfd897ad6fac5b24b2630d85103505ffe26faef6e4e8af1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Jan 2023 12:24:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Jan 2023 12:56:43 GMT

GET
H2 200 modules.b4ac87d27a338f616dd7.js Show response
script.hotjar.com/ 264 KB
68 KB 56ms
7ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b4ac87d27a338f616dd7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1183284.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

faffaf872c0031565a97da5aef1afd68270ac877f7c0d2584028fc4eb3d5f43f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 10:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 182563
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68846
last-modified: Fri, 06 Jan 2023 10:13:14 GMT
etag: "1af6d1b4202cd7568a42d42e427f4e4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: pLZpA_AJ3y63m7SFPoqnSbA5FZ7nFCzyDJm7aYXuMT8xDFjrj523vg==

GET
H2 200 loader_v3.7.1.js Show response
fpnpmcdn.net/v3/JAh8uCYtgLkWZGfEwm9X/ 96 KB
35 KB 32ms
7ms Script
text/javascript 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/JAh8uCYtgLkWZGfEwm9X/loader_v3.7.1.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.9a605292.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-110.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

4c15fb6e0af1c3b560a9d89452102298aa92d8fbb4c7391a8cbf0ae5454652a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 18:56:46 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 237647
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"22cB3Y316Mi296qz2WCvBrBkeN4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3684, s-maxage=632085
x-amz-cf-id: Y_pgarH3IqWHB1TCIU_Ey3byFrOZq5blQrydu7V986Yn5ninFG35LQ==

GET
H2 200 moon-logo-black.png
paywithmoon.com/images/ 6 KB
6 KB 79ms
79ms Image
image/png 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paywithmoon.com/images/moon-logo-black.png

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edf84135b1e5f998b9f3106cfa63bc1f3d71c002aee155ed6ccc2f26093b64b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-length: 5492
x-served-by: cache-fra-eddf8230114-FRA
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
server: cloudflare
x-timer: S1672840675.193292,VS0,VE1
etag: "98a14b877b7b61c5f8dad99523b7193a519cac58028c43044e1c38e314b4dda8"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl7HmcT9jCLr2bOwSasGplz4%2FW4APMKG8ccIRkqqqkQ%2FkNYfGvXGyM1vbeGeG7HMQ6etU%2B0zxE%2F6IgCkm28H3aDuPuWY%2F6WVWKDRoq%2BT%2FAzbq3OxN5M5Ymcb9yAN4gDQlVcxCQR4KTN9Udbl7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 78651848bab12be9-FRA
x-cache-hits: 1

GET
H2 200 rocket.svg
paywithmoon.com/images/ 5 KB
3 KB 152ms
151ms Image
image/svg+xml 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paywithmoon.com/images/rocket.svg

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8e4e872bfb91d697eac664c3c911f75878f47d9220c94ee71b0d527a3f6880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
content-length: 2231
x-served-by: cache-hhn-etou8220052-HHN
last-modified: Thu, 29 Dec 2022 15:30:20 GMT
server: cloudflare
x-timer: S1673182604.676422,VS0,VE106
etag: "84cdbcbc900ad41faed73874dcbf6eeefad4d31f39f7f7c870321015f6afd4a7"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRvn8ZNUUEHGQ6N6awKSjxZZpjPPH%2FoUrMeQsLwuPUKRQTQkHlOjScHA7xoqUsh0hc2EcKcZHDB5B%2F38bAxuRH7ydmbRcnKWm0Mn3LcAQEdLpCuw2yQGxN1vwFKdX0onJwGaC8n8Ry01wfPPKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 78651848bab62be9-FRA
x-cache-hits: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 102ms
27ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 18:50:55 GMT
x-content-type-options: nosniff
age: 497148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 18:50:55 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 25 KB
25 KB 138ms
63ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:47:48 GMT
x-content-type-options: nosniff
age: 299335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:47:48 GMT

GET
H2 200 invisible.js Show response
paywithmoon.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 4D00 34 KB
16 KB 16ms
15ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paywithmoon.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200
Requested by: Host: paywithmoon.com
URL: https://paywithmoon.com/l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad586c7242fd1ab6f5943d9cec3b6bc58fb917dff2a3db43c7a7bc9b237059e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q06IK4h0mDdp2Rkn7kRSTQzUEexmNslA%2By9KDFao37iVL0C9Tg8elrjLMqWcbjNlAIsHjteQbuEzcI98lAMCQGnPFu3iyTNUky4%2Fh1Kn5HI%2Fdq%2BgtGqr1CIsRSvnJIztTNcoeakYy%2F3cFAwSCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78651848eb2e2be9-FRA

POST
H2 202 page Show response
rs.fullstory.com/rec/ 81 B
288 B 255ms
167ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.9a605292.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

b09178edd1d360efefd8967ff884362fad770fecc4229e8445df1c64fc79b53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://paywithmoon.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 57ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BZZFDNP7QB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPD2986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5d6f50c93074dc8e58c26999c260dca62cf84da58f7fa960d836f05e0b61ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Jan 2023 12:56:43 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 3BCA 2 KB
1 KB 28ms
6ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1183284.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://paywithmoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3973597
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-cf-id: yQShEOClWtkVXynzcFfw1Llr39hcRuvvCjVpFW9hEJUQsBrOMWTCwA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 / Show response
use1.fptls.com/ 208 B
335 B 321ms
97ms XHR
text/plain 75.2.10.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://use1.fptls.com/

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.9a605292.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.10.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a64bed9ff5004f5b3.awsglobalaccelerator.com

Software

Resource Hash

9a465878807d124b1c66b4bd8910661ffa5103b5ebb304306e83fd81d1b4eb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=2592000, immutable, private
date: Sun, 08 Jan 2023 12:56:44 GMT
content-length: 208
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
use1.fptls.com/ 208 B
233 B 314ms
97ms XHR
text/plain 75.2.10.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://use1.fptls.com/

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.9a605292.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.10.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a64bed9ff5004f5b3.awsglobalaccelerator.com

Software

Resource Hash

86c06ac31a249a56c795373b27b25fa57b29a529a1f762b99571d01a56ec8b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=2592000, immutable, private
date: Sun, 08 Jan 2023 12:56:44 GMT
content-length: 208
content-type: text/plain; charset=utf-8

GET
H2 200 pica.js
paywithmoon.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4D00 23 KB
11 KB 16ms
16ms Other
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paywithmoon.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: paywithmoon.com
URL: https://paywithmoon.com/l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c84f3875bf25358889c1d0dbea8988c488fd35f34a039200994b83282ac9a37b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5I9YvRcSMotFx2rWTphwkVKjZuIgZNxIU18d8eoJSWwKIkGIncBbz2T5kNYByI4win%2FnHz%2B%2FGAsH3Py17LtolFLnLykUGVU5xAv2KPCkd%2FL54qlEq%2FVtgqT0QCaxllkG8f4q2L22ypqwyk3sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7865184a2d472be9-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
338 B 47ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BZZFDNP7QB&gtm=2oe120&_p=870296836&cid=84366088.1673182604&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673182603&sct=1&seg=0&dl=https%3A%2F%2Fpaywithmoon.com%2Fl&dt=Moon%20-%20Shop%20Online%20with%20Cryptocurrency&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BZZFDNP7QB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Jan 2023 12:56:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paywithmoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 121 B
367 B 33ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c04c74c40105007f37aaf1b/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 417856
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7865184aad419b86-FRA

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 76 KB
27 KB 33ms
24ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c04c74c40105007f37aaf1b/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375296
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7865184aad429b86-FRA

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 206 KB
61 KB 47ms
38ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c04c74c40105007f37aaf1b/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 375296
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"70dac54eca3bb2143032bc4db3237623"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7865184aad3d9b86-FRA

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 192 KB
40 KB 38ms
29ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c04c74c40105007f37aaf1b/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 419008
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7865184aad3b9b86-FRA

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 2 KB
1 KB 31ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c04c74c40105007f37aaf1b/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 419008
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7865184aad409b86-FRA

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 151 B
391 B 54ms
46ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c04c74c40105007f37aaf1b/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:43 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 417856
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7865184aad3f9b86-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 478ms
463ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5c04c74c40105007f37aaf1b&widgetId=default&sv=undefined

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fa3f743d093643d9a6fbd61ac6d290446472081263accf7f490db8bc62c3c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-tv0k
server: cloudflare
etag: W/"2-44-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 7865184b8bef9025-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H2 200 78651845edad2be9 Show response
paywithmoon.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4D00 2 B
601 B 29ms
29ms XHR
text/plain 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paywithmoon.com/cdn-cgi/challenge-platform/h/b/cv/result/78651845edad2be9
Requested by: Host: paywithmoon.com
URL: https://paywithmoon.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7865184c69ae2be9-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39DaIexw7G57dnPL7CDfbS8yaoqSbRtRw8nEa71DT7cOS76QFdKn3gNKt0XwHsKugc9dval8%2BELPakwlauIMTsloM55XydsVBMMy%2FyJPQHBHFQ%2FYpZAm2ycKSb21Crrg0g2SCvT04pvYWPIKqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

POST
H3 200 start Show response
va.tawk.to/v1/session/ 997 B
1 KB 552ms
542ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c0b9a899967bcbf9f6d77680c35c9121f4c5219d9664cdc806352a2fc4e884

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://paywithmoon.com
access-control-allow-credentials: true
cf-ray: 7865184d6ea02c2e-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-hd1w

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 146ms
146ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paywithmoon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://paywithmoon.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7865184c7d4f9025-FRA
date: Sun, 08 Jan 2023 12:56:44 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-hd1w

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/languages/ 16 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384709
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7865184e78502c2e-FRA

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 7 KB
2 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384751
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 78651850dce62c2e-FRA

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 16 KB
5 KB 26ms
25ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83bf5bc596982a4f75467e476f78e856ac970915731fb11c7115f5feaac5027b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384751
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"a4ee0f7f38343d301e91591fc360d3fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 78651850dce92c2e-FRA

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 15 KB
5 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

663028e7a6e8b469483d28f1b38a593e73623ae4e95eebdef03eecc014da0316

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384751
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"12f6c0f6e6cec2a03629fbce091e2072"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 78651850dcec2c2e-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 942 B
714 B 15ms
15ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384751
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 78651850dced2c2e-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 546 B
603 B 27ms
27ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384751
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 78651850dcee2c2e-FRA

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 11 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384751
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"a92075fd9ac5ba130387a80453676099"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 78651850dcef2c2e-FRA

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ 72 KB
16 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea95ad5c8b1c5de01a4a647ba43f1d82e0e94337b17995abaa29a6dc7d5bffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384751
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"af764270cff49e4f88710a5824f1af0a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 78651850dcf12c2e-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/637ddf31c8f/css/ Frame C7AC 24 KB
5 KB 19ms
19ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:44 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384750
cf-polished: origSize=24960
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 786518511d492c2e-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/637ddf31c8f/css/ Frame 4A24 37 KB
8 KB 20ms
19ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:45 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384750
cf-polished: origSize=38268
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 786518512d842c2e-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/637ddf31c8f/css/ Frame 06D7 74 KB
14 KB 32ms
31ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:45 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 384750
cf-polished: origSize=75771
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
server: cloudflare
etag: W/"0158db159e8967dbda5865ed6b2e435d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 786518514daa2c2e-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 45ms
28ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 12:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 53889
age: 25328103
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-hhn4071-HHN
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goSYu8ZQTyxldsxtruAAHW8amhZbEjEDeUb6AuUqRXR2t3e7wkcij8FlNriszuoRAujWfCTP8Qf0TM4nnW9miUx6Rt%2BouQxEmxFTil86ejSMwJIeVJp41cca0U1c1ybAwOSBGJXJLxuKZ%2BChJBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 786518517d0e927f-FRA

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
280 B 129ms
129ms Fetch
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/l

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 08 Jan 2023 12:56:45 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://paywithmoon.com
access-control-allow-credentials: true
cf-ray: 78651854d8a99b86-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-lc4g

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 136ms
136ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paywithmoon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://paywithmoon.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 786518540f029b86-FRA
date: Sun, 08 Jan 2023 12:56:45 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-m5hz

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paywithmoon.com/	1970-01-20 17:31:58	Name: mp_982b1ecdb25262439e8abb7b6fb54dbb_mixpanel Value: %7B%22distinct_id%22%3A%20%22185917468fe4b-00a0e7589084ad-67325c50-1d4c00-185917468ff1056%22%2C%22%24device_id%22%3A%20%22185917468fe4b-00a0e7589084ad-67325c50-1d4c00-185917468ff1056%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paywithmoon.com/	1970-01-20 10:55:58	Name: _gcl_au Value: 1.1.1642132834.1673182604
.paywithmoon.com/	1970-01-20 17:31:58	Name: _hjSessionUser_1183284 Value: eyJpZCI6IjU3YTcwMzhkLTgzZmUtNTUwZi05NTBmLWE5N2IwM2I4N2IyYiIsImNyZWF0ZWQiOjE2NzMxODI2MDM3NTgsImV4aXN0aW5nIjpmYWxzZX0=
.paywithmoon.com/	1970-01-20 08:46:24	Name: _hjFirstSeen Value: 1
paywithmoon.com/	1970-01-20 08:46:22	Name: _hjIncludedInSessionSample Value: 0
.paywithmoon.com/	1970-01-20 08:46:24	Name: _hjSession_1183284 Value: eyJpZCI6ImQ2Mjg1YTlmLWEzZGQtNGNhNy1hMDU2LTkxMWJmMDJlM2QwMyIsImNyZWF0ZWQiOjE2NzMxODI2MDM4NzEsImluU2FtcGxlIjpmYWxzZX0=
.paywithmoon.com/	1970-01-20 08:46:24	Name: _hjAbsoluteSessionInProgress Value: 0
.paywithmoon.com/	1970-01-20 18:22:22	Name: _ga_BZZFDNP7QB Value: GS1.1.1673182603.1.0.1673182603.0.0.0
.paywithmoon.com/	1970-01-20 18:22:22	Name: _ga Value: GA1.1.84366088.1673182604
paywithmoon.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: bRsjw4dPd1KahNiiKldQz
.paywithmoon.com/	1970-01-20 08:46:24	Name: __cf_bm Value: OixXq6jELuV8pnwG2FIamHJ0uw3g1_6c24bQrjUlyQg-1673182604-0-AZLygjOHZIBXgjVs4toYBO4nrx41qaw6ChItH7t2PAFTuRRxkyMYGr9mIzDjZCEWoaEPTbYdTMBGg4ryEQCHOEbxpHuQQ6+h5tqyG9MGgpLkhvcJhG3jMuh7V1wcV7nKOmtwJPEE9caBD4WzT/3k4G8=
paywithmoon.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.paywithmoon.com/	1970-01-20 13:05:34	Name: twk_uuid_5c04c74c40105007f37aaf1b Value: %7B%22uuid%22%3A%221.WrpJjrVxX49UFQ9mlQjM93BsMuXYQ36JVf3x4Kl5QniLgPGFKCgpcZfJuqI3y7ppjGfK9uBxEZzmUyFKpTSXhh6EmiYCWZslTk3At91tbysF1zW91Q6X0Fkmq%22%2C%22version%22%3A3%2C%22domain%22%3A%22paywithmoon.com%22%2C%22ts%22%3A1673182604933%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
edge.fullstory.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
fpnpmcdn.net
maxcdn.bootstrapcdn.com
paywithmoon.com
region1.google-analytics.com
rs.fullstory.com
script.hotjar.com
static.hotjar.com
unpkg.com
use1.fptls.com
va.tawk.to
vars.hotjar.com
www.googletagmanager.com
18.66.112.110
18.66.147.113
18.66.97.49
2001:4860:4802:34::36
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700:20::ac43:4686
2606:4700::6810:5814
2606:4700::6810:7daf
2606:4700::6812:bcf
2a00:1450:4001:813::2008
2a00:1450:400d:806::200a
2a00:1450:400d:80a::2003
35.186.194.58
35.201.112.186
52.222.236.122
75.2.10.96
108d9e1babda8890a913b0a3d867ae87dba8fe37f56b101a1a800174a83dbeb5
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1d8e4e872bfb91d697eac664c3c911f75878f47d9220c94ee71b0d527a3f6880
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b
2fa3f743d093643d9a6fbd61ac6d290446472081263accf7f490db8bc62c3c7b
3c847f8d5e416bcf7a229eea8aca98d8bd84b5f51ce9ab1d86c4a0af657262c1
42c0b9a899967bcbf9f6d77680c35c9121f4c5219d9664cdc806352a2fc4e884
43fd8838106dda2dbbb8350a295a5f9a454c7b8103e5f3cab06bc0158781247e
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4c15fb6e0af1c3b560a9d89452102298aa92d8fbb4c7391a8cbf0ae5454652a8
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44
663028e7a6e8b469483d28f1b38a593e73623ae4e95eebdef03eecc014da0316
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b4b5bee35ca2a84b883cbede08224ae7f9f6203de2abd8e71d8d02bb92908d6
6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
8104332526d748b16aa5cc2eb9a5171948faff9c17f0085d5b8a95b055dfde78
83bf5bc596982a4f75467e476f78e856ac970915731fb11c7115f5feaac5027b
86c06ac31a249a56c795373b27b25fa57b29a529a1f762b99571d01a56ec8b42
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8ea95ad5c8b1c5de01a4a647ba43f1d82e0e94337b17995abaa29a6dc7d5bffc
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
9a465878807d124b1c66b4bd8910661ffa5103b5ebb304306e83fd81d1b4eb7d
9ebee46eca18876c7d599bf20bd8f65c9d947350847e1aa7088cedef3d0af160
a7d88418c6262507ecf98941b68ae6d3568bc8f3a585c720212a5a6d82dee6fc
ad586c7242fd1ab6f5943d9cec3b6bc58fb917dff2a3db43c7a7bc9b237059e0
b09178edd1d360efefd8967ff884362fad770fecc4229e8445df1c64fc79b53f
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
c00f77d0c98c3aeee393f51e7391898753327aa708d4bc38f1e97581f2d82b39
c26475a9ab7ed1e47997b2262febbcf259cfda4fb2be099b655a7c8436beaedd
c84f3875bf25358889c1d0dbea8988c488fd35f34a039200994b83282ac9a37b
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
ddf9b0e3af77c79cfd897ad6fac5b24b2630d85103505ffe26faef6e4e8af1fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d6f50c93074dc8e58c26999c260dca62cf84da58f7fa960d836f05e0b61ec7
e79e433be772c71b3f7b7faf00a0c47d9a44de2484b15d7f0432777aa6ec1532
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
edf84135b1e5f998b9f3106cfa63bc1f3d71c002aee155ed6ccc2f26093b64b5
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f37de7922511a3f794b21520b20324226c15a11a536366f707834a19ae0ce9fb
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fa40119c41ecce4cd42260ca5181a6ac786d2c27754ba7eba78b824f1f442d72
faffaf872c0031565a97da5aef1afd68270ac877f7c0d2584028fc4eb3d5f43f
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

paywithmoon.com Open in urlscan Pro 2606:4700:20::ac43:4686 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

94 %HTTPS

59 %IPv6

13 Domains

17 Subdomains

17 IPs

3 Countries

1372 kBTransfer

4749 kBSize

13 Cookies

5 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paywithmoon.com Open in urlscan Pro
2606:4700:20::ac43:4686 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

94 %
HTTPS

59 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1372 kB
Transfer

4749 kB
Size

13
Cookies

54 HTTP transactions
0 data transactions