paywithmoon.com Open in urlscan Pro
2606:4700:20::ac43:4686 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paywithmoon.com/extension-successfully-uninstalled
Submission: On January 28 via api (January 28th 2024, 8:29:26 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 43 HTTP transactions. The main IP is 2606:4700:20::ac43:4686, located in United States and belongs to CLOUDFLARENET, US. The main domain is paywithmoon.com.
TLS certificate: Issued by E1 on January 27th 2024. Valid for: 3 months.

This is the only time paywithmoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.139.19 52.222.139.19	16509 (AMAZON-02) (AMAZON-02)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.95.28 65.9.95.28	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	13.227.219.28 13.227.219.28	16509 (AMAZON-02) (AMAZON-02)
2	3.33.204.12 3.33.204.12	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	18

10 2606:4700:20::ac43:4686 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paywithmoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7eaf (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-28.prg50.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.219.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.204.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: a082a4fa0823469f3.awsglobalaccelerator.com

pf.paywithmoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

paywithmoonhelp.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	paywithmoon.com 1 redirects paywithmoon.com pf.paywithmoon.com	822 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2047 ekr.zdassets.com — Cisco Umbrella Rank: 2364	214 KB
6	unpkg.com 3 redirects unpkg.com — Cisco Umbrella Rank: 867	86 KB
3	zendesk.com paywithmoonhelp.zendesk.com	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	61 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2074 rs.fullstory.com — Cisco Umbrella Rank: 2075	70 KB
2	gstatic.com fonts.gstatic.com	75 KB
2	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 21822	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	167 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	254 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616	245 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	25 KB
43	14

	Domain	Requested by
10	paywithmoon.com	1 redirects paywithmoon.com
7	static.zdassets.com	paywithmoon.com static.zdassets.com
6	unpkg.com	3 redirects paywithmoon.com
3	paywithmoonhelp.zendesk.com	static.zdassets.com
2	pf.paywithmoon.com	paywithmoon.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fpnpmcdn.net	paywithmoon.com
2	edge.fullstory.com	paywithmoon.com
2	www.googletagmanager.com	paywithmoon.com www.googletagmanager.com
2	fonts.googleapis.com	paywithmoon.com
1	rs.fullstory.com	paywithmoon.com
1	www.google.de	paywithmoon.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ekr.zdassets.com	paywithmoon.com
1	static.hotjar.com	paywithmoon.com
1	maxcdn.bootstrapcdn.com	paywithmoon.com
43	18

This site contains no links.

Subject Issuer	Validity	Valid
paywithmoon.com E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
pf.paywithmoon.com Amazon RSA 2048 M01	`2023-03-19` - `2024-04-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
paywithmoonhelp.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://paywithmoon.com/extension-successfully-uninstalled
Frame ID: 31BCE71F1E2B5C30719553C40E58D028
Requests: 32 HTTP requests in this frame

Frame: https://paywithmoon.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 55C7EE35F73308D20BBED80229BFB292
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Frame ID: 2C232B63E447551B23B9E15663DB76FA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Moon - Shop Online with Cryptocurrency

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

43
Requests

91 %
HTTPS

50 %
IPv6

14
Domains

18
Subdomains

18
IPs

4
Countries

1614 kB
Transfer

5224 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/react/umd/react.production.min.js HTTP 302
https://unpkg.com/react@18.2.0/umd/react.production.min.js

Request Chain 6

https://unpkg.com/react-dom/umd/react-dom.production.min.js HTTP 302
https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Request Chain 7

https://unpkg.com/react-bootstrap@next/dist/react-bootstrap.min.js HTTP 302
https://unpkg.com/react-bootstrap@2.9.0-beta.1/dist/react-bootstrap.min.js

Request Chain 21

https://paywithmoon.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://paywithmoon.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request extension-successfully-uninstalled Show response
paywithmoon.com/ 7 KB
4 KB 174ms
78ms Document
text/html 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8347b26739b3a98d425968f9efdb704c1e79e36dca1580027f383fccac86f9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 84c7de04c8514d80-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 08:29:22 GMT
last-modified: Thu, 25 Jan 2024 23:12:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FolRkWr8HgPRH0LWctLmpSa2690zEDgKdDrtHHLVWwfaj%2BfOwTRQ4ZRn51NCcKLx0bN2wuLXXy29Ux2i6veG1O%2FVVYt0ryFhJ4W2yrTcb%2BgsTBpSBFoTx%2BzaJ0tW1UfbyWDRI9hmnewcF2CDig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-frame-options: DENY
x-served-by: cache-fra-eddf8230135-FRA
x-timer: S1706430562.069526,VS0,VE30

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 83ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:300,400,600,700,800

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b33f2498ecd822a2167a5392df9586da4e2098f3e2b86bcad263a0b814f9ae95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 08:29:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 08:29:22 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 86ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 865
age: 5103049
cdn-cachedat: 10/31/2023 18:50:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 536bfb9690a9a2d13c1ea264eb7f3c26
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84c7de059ea45d7b-FRA
cdn-requestpullsuccess: True

GET
H2 200 index.css
paywithmoon.com/stylesheets/ 57 B
421 B 131ms
131ms Stylesheet
text/css 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/stylesheets/index.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

108d9e1babda8890a913b0a3d867ae87dba8fe37f56b101a1a800174a83dbeb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/extension-successfully-uninstalled
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
strict-transport-security: max-age=31556926
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Thu, 25 Jan 2024 23:12:26 GMT
server: cloudflare
x-timer: S1706430562.147288,VS0,VE74
etag: W/"192ba4e36bb111abc2b4ae51999cbd07d79f0f21d5c9a46fc61c7669d8f07181"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64LsacU3T8gPtNRE6Ali2NBKnyXGEXDXFJIhVH7rEzUo9imzmFHj9Rhm8Nfflb20ftrF6pTSMJIaFTv7tpJpk5%2BUFXZCuFSWTP6Jt42OBuDEW2939o7jvl3AMgzEYaY5Vof9cD%2F6w%2B4srJq%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84c7de0548d24d80-FRA
x-cache-hits: 0

GET
H2 200 2.2c3c4f80.chunk.css
paywithmoon.com/static/css/ 143 KB
23 KB 88ms
87ms Stylesheet
text/css 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/css/2.2c3c4f80.chunk.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5bc1ee8b4ea241ae161ae8add30c075588e171e01c615eee37a3bd040e9a032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/extension-successfully-uninstalled
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Thu, 25 Jan 2024 23:12:26 GMT
server: cloudflare
x-timer: S1706430562.146488,VS0,VE42
etag: "66ea443eba56f606e8434f102e37e69ad0a3416d6adb4de08283b01211645891"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZru2VVOmUczFibWaR6DNexv3Ex1ELNd5WXW8wtp47Ri9XzhuRUreq8S333Rj%2Frb8Ynp6teI3ys7I2I3KguPpj%2FqGF94%2BPTvYef22587VPunQ8Sl5D5UvkfSO0unaKo4rVZCzcvnlvP0ENJP5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84c7de0548d44d80-FRA
x-cache-hits: 0

GET
H2 200 main.76f8f4b4.chunk.css
paywithmoon.com/static/css/ 86 KB
16 KB 72ms
71ms Stylesheet
text/css 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/css/main.76f8f4b4.chunk.css

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b2fd6da019380dfa6cd2f238311d64916e4098e51acd9b3f2b3e7e260777b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/extension-successfully-uninstalled
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-fra-eddf8230071-FRA
last-modified: Thu, 25 Jan 2024 23:12:26 GMT
server: cloudflare
x-timer: S1706430562.148227,VS0,VE25
etag: "83f9abe2d4f242479beeb3e0122f829b0db0eae89a2329e2d327aba3b9f0bb1d"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pbr6SstH16O1PJi0XfRtPxOsYzvFALk0Ix%2BU6YRazfGETj%2FwZvVtKQMhI9YkKu2od2Dp2Zm0ZqWzg%2Fw5Zi6dm0TgBZvuL%2Bsp79uCeSGXtGFGahLKNLroR5v%2Bv76F37WPNmkdj4uTSMgbya5gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84c7de0548d64d80-FRA
x-cache-hits: 0

GET
H2

200

react.production.min.js Show response
unpkg.com/react@18.2.0/umd/
Redirect Chain

https://unpkg.com/react/umd/react.production.min.js
https://unpkg.com/react@18.2.0/umd/react.production.min.js

10 KB
4 KB

33ms
30ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@18.2.0/umd/react.production.min.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5190046
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGCXCC18RQ5D5FQKY0RF26NQ-fra
server: cloudflare
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84c7de05ca7a71be-FRA

Redirect headers

date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HN7JF0PZS3Q2SC1FB3KWK2N5-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 556
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react@18.2.0/umd/react.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 84c7de059a4771be-FRA

GET
H2

200

react-dom.production.min.js Show response
unpkg.com/react-dom@18.2.0/umd/
Redirect Chain

https://unpkg.com/react-dom/umd/react-dom.production.min.js
https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

129 KB
43 KB

36ms
36ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7539227
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HE6X11BWP2JYYDQSV0SB7MAQ-fra
server: cloudflare
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84c7de05ca7b71be-FRA

Redirect headers

date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HN7JSDCW84MRGS857QW4HPXH-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 216
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react-dom@18.2.0/umd/react-dom.production.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 84c7de059a4871be-FRA

GET
H2

200

react-bootstrap.min.js Show response
unpkg.com/react-bootstrap@2.9.0-beta.1/dist/
Redirect Chain

https://unpkg.com/react-bootstrap@next/dist/react-bootstrap.min.js
https://unpkg.com/react-bootstrap@2.9.0-beta.1/dist/react-bootstrap.min.js

116 KB
39 KB

34ms
33ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-bootstrap@2.9.0-beta.1/dist/react-bootstrap.min.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5281269
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGA6CDK169NKPE84CMETV7P1-fra
server: cloudflare
etag: W/"1d187-o2+OYezMEsMzpEcT3E+ubsFUj8Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84c7de05ca7271be-FRA

Redirect headers

date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HN7JF3MZEK3FES09TE7GAP9E-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 553
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /react-bootstrap@2.9.0-beta.1/dist/react-bootstrap.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 84c7de059a4471be-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 82ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=744a9f3c-06b9-478c-9495-76d8f2e2230a

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 9X4B0G1GWNB25PJG
age: 48
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: 4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6C%2Be9QsHZqfp%2FdNm4JYFCDPXe9bQn1vk%2F5Bl3eeDZubAjaHJalk1pTG3AxAodsPF5OdfGU4rbCO8ltJUoo9559pCvEv70Lld49ZQuAASkagKJ8H5%2FPZGQwXH7gSuo3kKzoLq6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 84c7de059cc8bc01-FRA

GET
H2 200 2.fa8e3f9e.chunk.js Show response
paywithmoon.com/static/js/ 2 MB
599 KB 107ms
106ms Script
text/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/js/2.fa8e3f9e.chunk.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0436403602f6b557818db14a6a94ace2f5b84994ef03de8675887aec2e1e1b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/extension-successfully-uninstalled
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-fra-eddf8230023-FRA
last-modified: Thu, 25 Jan 2024 23:12:26 GMT
server: cloudflare
x-timer: S1706430562.157463,VS0,VE28
etag: "0c636519fc16fb9050d0bf1268246a1de54a43dee88b89b195fb250120ffa41e"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8H5y%2Bi7r4MGQ2TVTBetXos1B1Xru5U0uSAMpasQxZspvP3uAeb6FK7RH5bhe82idGLemmARk8Y%2FaaZeov4vCtAVXQfO3thOFeTWSSz8nGImVFwsd71AmOZ2BXNWhkiXf%2BPn4poufKN1bK46gVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84c7de0548d74d80-FRA
x-cache-hits: 0

GET
H2 200 main.d4d2c249.chunk.js Show response
paywithmoon.com/static/js/ 520 KB
172 KB 84ms
84ms Script
text/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/static/js/main.d4d2c249.chunk.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b202df1bfc938af4bc4eadcd9a3ba53bb8e327d0997ed8b5a78470b6bf9060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/extension-successfully-uninstalled
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: MISS
x-served-by: cache-fra-etou8220032-FRA
last-modified: Thu, 25 Jan 2024 23:12:26 GMT
server: cloudflare
x-timer: S1706430562.154095,VS0,VE31
etag: "23bd9bfe4c986d477cf4484b49a21adbd0eae0bfb6b4c90229873a52012741a2"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N%2B4QdzvsG8aE3qWpZGYdQ6D1beRf%2FKQ6uqacyvxvCxRdT2yMKgB6P0ADkj0hUaTUs%2FiIzJJouvct05E4NfTNFVUHY2e6zblacwKQin08wFs9LNf%2FkmGNahqKsPlHY8QzRDvUiKTb048rhBvfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84c7de0548d94d80-FRA
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 104ms
52ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPD2986

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74d1d50825de7c92c5a8740515cde101806479178f058dd500809d17db20af59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77763
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 08:29:22 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 90ms
24ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65

Request headers

Referer: https://paywithmoon.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 07:36:19 GMT
content-encoding: br
age: 3183
x-guploader-uploadid: ABPtcPopv1J88k_63BZ2stN3MYcD97jaz0UlesGbxZki-LE-NgRoOwuwpoCaoutWAmCrUpTPHgk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69176
last-modified: Tue, 09 Jan 2024 14:46:09 GMT
server: UploadServer
etag: "39c79f2b05faf1b80cfb99fdd212a0e6"
vary: Accept-Encoding
x-goog-generation: 1704811569390469
x-goog-hash: crc32c=MZJ0CQ==, md5=OcefKwX68bgM+5n90hKg5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69176
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 28 Jan 2024 08:36:19 GMT

GET
H2 200 hotjar-1183284.js Show response
static.hotjar.com/c/ 9 KB
4 KB 122ms
62ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1183284.js?sv=6

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

15e5265bb6810afa14a0939b91560739c70f44b163f028926b3ea3a68ac4d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 fb6c3dd3817d7e9cad9e87d716e2024c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/0e6bfbed916d2540985ce5d9e5df1bc5
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: d-9VSfqsKKJFLYl-hQsReSt3O0shpXugv305OQ9f9qFuWikyN7hN_Q==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
590 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/css/main.76f8f4b4.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cfe0feef398a03a6888537660949ef093ca9967e110a0ed29ae5bcae6b579d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 08:25:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 08:29:22 GMT

GET
H2 200 744a9f3c-06b9-478c-9495-76d8f2e2230a Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 291ms
221ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/744a9f3c-06b9-478c-9495-76d8f2e2230a

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e0f69bcf2830ee486cfe66cc251f0716fa3c9c61e619f50977ab8e9f4a1712

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 83823da04c022e0d-SEA, 83823da04c022e0d-SEA
x-runtime: 0.005607
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a9e0f69bcf2830ee486cfe66cc251f07"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnzuaGjPUFsCPTk3gFDYmkCut4wDdPaxVJrJ6g1t3MD30PHt6lbfzg51VlPULOyQpDBXt2%2Ftav8Pln0VNXchNTRGUNaM5pV%2FrPFAV%2Fdnv46VbKPA%2F26x%2F6WtrXGg8e0U3Ic%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 84c7de06ddb4906d-FRA

GET
H2 200 loader_v3.8.7.js Show response
fpnpmcdn.net/v3/JAh8uCYtgLkWZGfEwm9X/ 131 KB
45 KB 103ms
35ms Script
text/javascript 65.9.95.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/JAh8uCYtgLkWZGfEwm9X/loader_v3.8.7.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.fa8e3f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-28.prg50.r.cloudfront.net

Software

CloudFront /

Resource Hash

6071c5d4a7941f44087f70719256a2d4a15dbcff2f2d99f25aef3898dd436e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:00:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 203349
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"YgbKGaU3/YighGe5/Oa9meMu+Q4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3542, s-maxage=597464
timing-allow-origin: *
x-amz-cf-id: 9mJD4aZe0AE72J1meG21Up1Amm571wm8l6euKuaAxJHZmmCdzjAPKQ==

GET
H2 200 loader_v3.8.7.js Show response
fpnpmcdn.net/v3/JAh8uCYtgLkWZGfEwm9X/ 131 KB
45 KB 123ms
63ms Script
text/javascript 65.9.95.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/JAh8uCYtgLkWZGfEwm9X/loader_v3.8.7.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.fa8e3f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-28.prg50.r.cloudfront.net

Software

CloudFront /

Resource Hash

6071c5d4a7941f44087f70719256a2d4a15dbcff2f2d99f25aef3898dd436e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 00:00:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 203349
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"YgbKGaU3/YighGe5/Oa9meMu+Q4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3542, s-maxage=597464
timing-allow-origin: *
x-amz-cf-id: dseZI1e-7jVW7dhhdAu4GqaorDFkjJ8g_uOGtywOwH0V5XcTc3I4EQ==

GET
H2 200 moon.833ef41f.svg
paywithmoon.com/static/media/ 5 KB
2 KB 126ms
126ms Image
image/svg+xml 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paywithmoon.com/static/media/moon.833ef41f.svg

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/css/main.76f8f4b4.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

585baa51eeb961d3d3123224b9f1b0e48f902848f576a1e3b4ee16e4fb2e9afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/static/css/main.76f8f4b4.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
content-length: 1651
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Thu, 25 Jan 2024 23:12:26 GMT
server: cloudflare
x-timer: S1706430563.501427,VS0,VE82
etag: "0ced9f663748d01d84c5f4ed274036e1388e82e7842c982f37f174a784c59c05"
x-frame-options: DENY
vary: x-fh-requested-host, accept-encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow2uDWJOONbC%2FFYz23MVF3ET1YQSdF%2FZDZ6P0xtiFygvjKaYumyBnXupEsWsr53Cj6H8EPuQ58Q5mKSGgVjnmb03GH282sh2NwbuHmcDPoua490ZSFcR9O9Wwp%2FoeJ9BtXKp0bO1vdk%2F8i1dYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84c7de077ab54d80-FRA
x-cache-hits: 0

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 27 KB
28 KB 104ms
52ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:17 GMT
x-content-type-options: nosniff
age: 377405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:39:17 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 74ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paywithmoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:50 GMT
x-content-type-options: nosniff
age: 377852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:31:50 GMT

GET
H2

200

main.js Show response
paywithmoon.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 55C7
Redirect Chain

https://paywithmoon.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://paywithmoon.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
4 KB

26ms
26ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paywithmoon.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Server

2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1494642f5769443db64398c8186e28590ae8cdca1ec7303b8dcd805ccc4b433b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1ipKosqCGbtCi6iHFz7KiFDNA6BTpbJkU5Nqb6Lz3LQaeGF30CHehxH65FissGMEg141w1AvPTD5iZiGV5FuoenA%2BqRuRbcindn6O6jOqIx3xfa5i6vkjEVdBOQeU75s%2FW5mFrox8Ct0gceUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84c7de07baee4d80-FRA

Redirect headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2kE0YI0%2BXqckDgKlwLpPyHrdKtZtRLPgnYE9J1yQ3rI9N1tEfeJlE1bibWZSPWLEz6SEb206kucL1eAU8T7GYG5AuN0i1gXxEi7qvKWPTmL0X2EeyRaGxRZ6hx%2Fsi3MA179x3ENsieDxMk45A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
cf-ray: 84c7de078ac14d80-FRA

GET
H2 200 modules.0c2aac1b2d1ba79f2a01.js Show response
script.hotjar.com/ 219 KB
55 KB 84ms
29ms Script
application/javascript 13.227.219.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1183284.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-28.ams54.r.cloudfront.net

Software

Resource Hash

8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:40:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 319756
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55804
last-modified: Wed, 24 Jan 2024 15:39:41 GMT
etag: "252eda316b5dfe5750655c881f809a75"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: EIvwamreSKjXoSIX4oh-FgIFJfjbZLvHioOtvkbrn8XmKw25nQfXSw==

GET
H2 200 web Show response
edge.fullstory.com/s/settings/EN0WP/v1/ 4 KB
1 KB 130ms
130ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/EN0WP/v1/web
Requested by: Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.fa8e3f9e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2fc34f0a95eb0c55d1e80c8ddc9299e8eb2460be193a86246bd048287901b0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqTb1od6N0cXADxeIsg2AsK95I0QAaU6OPSI89YrtqELsXvhvOf8g8XpjYRGmSFq-vrtOlmeX_-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1178
last-modified: Sun, 28 Jan 2024 08:29:08 GMT
server: UploadServer
etag: "9eee5547f7bf436cf7ada5fe6da4cb40"
x-goog-generation: 1706302148672248
x-goog-hash: crc32c=ZmwLrw==, md5=nu5VR/e/Q2z3raX+baTLQA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1178
accept-ranges: bytes
content-type: application/json
expires: Sun, 28 Jan 2024 08:44:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
90 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BZZFDNP7QB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPD2986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

862fcf5e2240f93ed724ee4a0f3066ac1fac62ed973f8fd7414b7b25a8c4d795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 08:29:22 GMT

POST
H2 200 84c7de04c8514d80 Show response
paywithmoon.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 55C7 0
518 B 58ms
58ms XHR
text/plain 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paywithmoon.com/cdn-cgi/challenge-platform/h/g/jsd/r/84c7de04c8514d80
Requested by: Host: paywithmoon.com
URL: https://paywithmoon.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84c7de084b794d80-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BCq9Q52%2B9tgr0Ww3i6UQHiqjkqGWLDhwPnL6vqe1ONrrHqmbVZFifHPxCd2oR2f0vkD8OgI618htOivl6YsdgTY7RnaF2ksMSJexEsZBNDUbhmnNAKYR1v%2Bm5M1VzGcZse%2B6fR54DWjN8x62A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 2C23 435 KB
137 KB 42ms
41ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=744a9f3c-06b9-478c-9495-76d8f2e2230a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
x-amz-version-id: RqZIDjLbqQCJse5.5YPoIz6l3bVKH2F9
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FSF5803D2MZ177K
age: 4686029
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: s6NVEjlxQ0X409+93Y+AyzPpDVdCnUzkj58R435QREy4lvYOga3kZ8DuxKYs3kScc5mlXhydQ7o=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"531e7cd49856ceac1ab739dee1bd9825"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Apfi6m3AFMoQtCrtReQGdMBmU4NoXDX5rQSxng716gj3bzE9y5RI4h2NeYll%2FNte1Q7HfCNJDSgy3Z1jycCgM0ZZg3fzblJJpmlSoUkdzDnPE1d7P7Siq9R4DzxSwHzSQpIvo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c7de085f77bc01-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 25ms
25ms Script
application/javascript 13.227.219.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-28.ams54.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 323835
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -zu_CfSZHR_BIuSP8awm_NzZfE_AWOqFPLA6FyMhN_bOna9YsWGeVA==

GET
H2 200 6e Show response
pf.paywithmoon.com/1LO48Lh/ipCD/_mi7Uwd/ 96 B
446 B 375ms
121ms XHR
text/plain 3.33.204.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pf.paywithmoon.com/1LO48Lh/ipCD/_mi7Uwd/6e?q=JAh8uCYtgLkWZGfEwm9X

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.fa8e3f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.204.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a082a4fa0823469f3.awsglobalaccelerator.com

Software

Resource Hash

980dbd3f955a5da3e07219997f91efc3924aba22e269029676cb81ebedd7fb2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:23 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H2 200 6e Show response
pf.paywithmoon.com/1LO48Lh/ipCD/_mi7Uwd/ 96 B
447 B 374ms
120ms XHR
text/plain 3.33.204.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pf.paywithmoon.com/1LO48Lh/ipCD/_mi7Uwd/6e?q=JAh8uCYtgLkWZGfEwm9X

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.fa8e3f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.204.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a082a4fa0823469f3.awsglobalaccelerator.com

Software

Resource Hash

9c85be9ff48268a2108f03fb4105386e0d621756697839b55a46404faff6c307

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:23 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 80ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BZZFDNP7QB&gtm=45je41o0v884568973z8811812774&_p=1706430562252&_gaz=1&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cid=1194109393.1706430563&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706430562&sct=1&seg=0&dl=https%3A%2F%2Fpaywithmoon.com%2Fextension-successfully-uninstalled&dt=Moon%20-%20Shop%20Online%20with%20Cryptocurrency&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=772
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BZZFDNP7QB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 08:29:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paywithmoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 95ms
30ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BZZFDNP7QB&cid=1194109393.1706430563&gtm=45je41o0v884568973z8811812774&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BZZFDNP7QB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 08:29:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paywithmoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 97ms
46ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BZZFDNP7QB&cid=1194109393.1706430563&gtm=45je41o0v884568973z8811812774&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&z=730449078

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/extension-successfully-uninstalled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paywithmoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 08:29:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 2C23 16 KB
3 KB 34ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
x-amz-version-id: 0TD6PAWfsyxN8kJamulTpqLVZArSSWuB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS8D41MZJZMYG1B
age: 4686029
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: MlQYiQ2dqb9h/OIVYc60rdAWwzi2m98faLu/nzTPmQXpoeHOhtgWXpnmexReeLW5Qx210z3PGrY=
last-modified: Tue, 05 Dec 2023 00:28:38 GMT
server: cloudflare
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMGRbUNQS832FwjUuQDp7mF4cS%2ByMyjBaGC2cVMpUMZpukvtz1aL24FmRi7E8UKG8UC3t4dk%2Fkf7rxBLZMJVzD0%2Fq%2B0lWuUeEF2pT5FnnUEfzNo3nMZLZPQ%2ByFn5mRRj4RHT8no%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c7de092847bc01-FRA
expires: Wed, 04 Dec 2024 00:28:37 GMT

GET
H2 200 web-widget-4852-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 2C23 139 KB
47 KB 38ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
x-amz-version-id: rgQyDw8mO5OrfYenQWJeUHQhMhROhIV.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS6K6N3BED5C9DX
age: 4686029
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: mZYDmVwtmpMlbyBFUcvQAyVxK3nKNxXriZZENjdf3EjmZopRc63mtrIJzjjk+FTJoP0ZDs3BETM=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEIiC7RRar6emp4qM3AfVlvYHlmlwLYkQsyy0LyApcm6qIwN4sB3vkKweCWMjYggtI0x8UyEww%2FeIyn0egf%2F9WuoutrX2kD3gyrX%2FCEYKWbSZ%2F1R7uMYsQurEy2uRYjatLQHJRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c7de092849bc01-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-519-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 2C23 24 KB
8 KB 39ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
x-amz-version-id: GVsqCvOfUiBJYIwZLFLTQX5MyDUCOwc2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS3V2M4QJ2ZK33P
age: 4686029
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZcwJ01puBTNkg0AiqHh4Jwsz8eTxW4l9Gmz7kmYejNT5ylWWy39mTLN7KSZvvQMqOIGQL7p8G4s=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaE9B%2BornbcEARgzm3t2ZkLR4JwZNRvi518Vu6tfzCbwn8kVEYV44k2YxQQBqqHlZfP2RBqdxQnK88%2B3xZRMlOty%2FUdWSq%2F4zH1wo142HQbjRgtOmEZFrrVfqTrH5uOoX8bi4XY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c7de09284bbc01-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-5178-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 2C23 24 KB
7 KB 35ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
x-amz-version-id: NLi469M1WczuGaqZLXtxIgWwTh.1j.zh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS7C58SVHM9XWRN
age: 4686029
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UHe8in2/NNlJQ8+xqDERT39dCXeKxCJVrG2UC/shLH4h+ZNVARF4OnkmVkfqjVmg/Z5Cp8G4Dco=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7s9cLYYIoRKIhSoBvAmNzCgm5xAZ6WyuVa6D0euF8Baf%2FAXQo8i%2BUjk0ttALHgb1QcX299KFllJinP8IrO9Jp2uqbVK%2FADQv3khE76y0ipFnG7EW1n%2Ffj5KWFjpEtynVQwXlU8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c7de09284dbc01-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

GET
H2 200 web-widget-9535-1bfc6fa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 2C23 15 KB
6 KB 36ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
x-amz-version-id: ty1N93CTNGjm.TymHP.kwa5RR_YIsyxf
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4FS0JNEYMFMYAKH2
age: 4686029
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KZ6JU9UjGIwkXQxX79VJPt5IBQz+RyTOOPzgoaj8Fyg4FIN4CX5ErJSJSDOj+qVg7hRI7zO5uEc=
last-modified: Tue, 05 Dec 2023 00:28:36 GMT
server: cloudflare
etag: W/"d46547a6c79c8800ac99ed5408528a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSUVslN%2BL931NRsHlscmHdPFIrCMeF2X9qkgAtlOammN%2FPFEYJldZpZfA3YMDctJJCMVNLc9%2FqrbWxdHOA2m2enNzAKnTpuYV3442qB1YSF7zh8wp2p0ppPqdt2MzgDLX%2F1L%2FC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c7de09284ebc01-FRA
expires: Wed, 04 Dec 2024 00:28:35 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 81 B
279 B 226ms
162ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: paywithmoon.com
URL: https://paywithmoon.com/static/js/2.fa8e3f9e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

b09178edd1d360efefd8967ff884362fad770fecc4229e8445df1c64fc79b53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paywithmoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 28 Jan 2024 08:29:22 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://paywithmoon.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81

OPTIONS
H2 204 pv
paywithmoonhelp.zendesk.com/frontendevents/ Frame 0
0 610ms
523ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paywithmoonhelp.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paywithmoon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 84c7de0a78141979-FRA
date: Sun, 28 Jan 2024 08:29:23 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pa5yGSGZFu9n9wcwbnCeDOj89y2rw%2FfUCHPrFoEaC3a9HN1x3n8og7UDlDc6y7zJZxtLMJpzD8XMtVuXBLhumvW7a0Bh%2BtnrNbkZO%2Fwnarlyd%2BFEHFk4sNu3d38d2NqRcr11ePA%2BvavRBUEwQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 84c7de0a78141979-FRA
x-zendesk-zorg: yes

POST
H2 200 pv
paywithmoonhelp.zendesk.com/frontendevents/ Frame 2C23 0
0 196ms
195ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paywithmoonhelp.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Jan 2024 08:29:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOcLYq2kh5Bq3XMHhTsXTkDCQyep%2FsSOOJsLPjPdz15BsoT8S8KEB%2F7XXC29u%2Fhvn%2B6F9UcRplYz3xSR4BqU7utcHDefcscL%2FnaLCI0JQWT7AdnPycaO6CBOyd7wdqpbhJLmEZZWW2Rx7uFJlw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84c7de0dbae81979-FRA
content-length: 0
x-request-id: 84c7de0dbae81979-FRA

GET
H2 200 config Show response
paywithmoonhelp.zendesk.com/embeddable/ Frame 2C23 834 B
1 KB 313ms
227ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paywithmoonhelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a9719fa8f3d94e6c44b7fdff7ce92f2221a6d48613a8e4524b852d2aea78df6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:29:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-58cc4c54c5-mjv82
x-cached: MISS
x-request-id: 84c7de0a78181979-FRA
x-runtime: 0.002484
last-modified: Sun, 28 Jan 2024 04:14:07 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMwFDeN7ScsdSiVqMg%2FxZCjsJOYMlfTsmvlF5qWe4zo3pHX5%2FGTJnysj7giACRtoyf%2Bwj3JGyM2qUhX7Ca852MFEHE4M2LryXNNujQSAMXYs9BuZDTQhbJ0Xi0ppYkqBbxBEPw1CovQyxL%2FsqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 84c7de0a78181979-FRA

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paywithmoon.com/	1970-01-21 02:46:06	Name: mp_982b1ecdb25262439e8abb7b6fb54dbb_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d4f30004e1bb-0e6a6af6301b01-6b305750-1d4c00-18d4f30004e1bb%22%2C%22%24device_id%22%3A%20%2218d4f30004e1bb-0e6a6af6301b01-6b305750-1d4c00-18d4f30004e1bb%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.paywithmoon.com/	1970-01-20 20:10:06	Name: _gcl_au Value: 1.1.944891417.1706430563
.paywithmoon.com/	1970-01-21 02:46:06	Name: cf_clearance Value: NtzCyJQMUKorTx7h.C0wtoAF6TI2xl4UwEzC7sbsto4-1706430562-1-Ac06PKDiwdNLqT7xwivksrJD3/Yb0ZOcW6LO/yIUiA/zHiMtPiRfp9md+p12ebyt9otU6PI2XFu12jZcv3f/jpg=
.paywithmoon.com/	1970-01-21 02:46:06	Name: _hjSessionUser_1183284 Value: eyJpZCI6IjRkN2ZhODgzLWFkOGQtNTZhMS04NzUxLTAxMDAzZTg4NTJjYiIsImNyZWF0ZWQiOjE3MDY0MzA1NjI2NzksImV4aXN0aW5nIjpmYWxzZX0=
.paywithmoon.com/	1970-01-20 18:00:32	Name: _hjSession_1183284 Value: eyJpZCI6ImY2YmU0OTM1LWJlNTMtNDYyNC1iM2UyLTQ3YTljMzFhZjE4OSIsImMiOjE3MDY0MzA1NjI2ODAsInMiOjAsInIiOjAsInNiIjoxLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.paywithmoon.com/	1970-01-21 03:36:30	Name: _ga Value: GA1.1.1194109393.1706430563
.paywithmoon.com/	1970-01-21 03:36:30	Name: _ga_BZZFDNP7QB Value: GS1.1.1706430562.1.0.1706430562.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

edge.fullstory.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
fpnpmcdn.net
maxcdn.bootstrapcdn.com
paywithmoon.com
paywithmoonhelp.zendesk.com
pf.paywithmoon.com
region1.analytics.google.com
rs.fullstory.com
script.hotjar.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
unpkg.com
www.google.de
www.googletagmanager.com
104.16.53.111
104.18.70.113
104.18.72.113
13.227.219.28
2001:4860:4802:32::36
2606:4700:20::ac43:4686
2606:4700::6810:7eaf
2606:4700::6812:bcf
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9b
3.33.204.12
35.186.194.58
35.201.112.186
52.222.139.19
65.9.95.28
02b2fd6da019380dfa6cd2f238311d64916e4098e51acd9b3f2b3e7e260777b1
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
0436403602f6b557818db14a6a94ace2f5b84994ef03de8675887aec2e1e1b1c
108d9e1babda8890a913b0a3d867ae87dba8fe37f56b101a1a800174a83dbeb5
1494642f5769443db64398c8186e28590ae8cdca1ec7303b8dcd805ccc4b433b
150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33
15e5265bb6810afa14a0939b91560739c70f44b163f028926b3ea3a68ac4d8bb
164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65
1a9719fa8f3d94e6c44b7fdff7ce92f2221a6d48613a8e4524b852d2aea78df6
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
2fc34f0a95eb0c55d1e80c8ddc9299e8eb2460be193a86246bd048287901b0a0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
47b202df1bfc938af4bc4eadcd9a3ba53bb8e327d0997ed8b5a78470b6bf9060
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
585baa51eeb961d3d3123224b9f1b0e48f902848f576a1e3b4ee16e4fb2e9afe
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
6071c5d4a7941f44087f70719256a2d4a15dbcff2f2d99f25aef3898dd436e00
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6cfe0feef398a03a6888537660949ef093ca9967e110a0ed29ae5bcae6b579d4
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
74d1d50825de7c92c5a8740515cde101806479178f058dd500809d17db20af59
7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982
8347b26739b3a98d425968f9efdb704c1e79e36dca1580027f383fccac86f9b8
862fcf5e2240f93ed724ee4a0f3066ac1fac62ed973f8fd7414b7b25a8c4d795
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
980dbd3f955a5da3e07219997f91efc3924aba22e269029676cb81ebedd7fb2b
9c85be9ff48268a2108f03fb4105386e0d621756697839b55a46404faff6c307
a9e0f69bcf2830ee486cfe66cc251f0716fa3c9c61e619f50977ab8e9f4a1712
b09178edd1d360efefd8967ff884362fad770fecc4229e8445df1c64fc79b53f
b33f2498ecd822a2167a5392df9586da4e2098f3e2b86bcad263a0b814f9ae95
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d5bc1ee8b4ea241ae161ae8add30c075588e171e01c615eee37a3bd040e9a032
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

paywithmoon.com Open in urlscan Pro 2606:4700:20::ac43:4686 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

91 %HTTPS

50 %IPv6

14 Domains

18 Subdomains

18 IPs

4 Countries

1614 kBTransfer

5224 kBSize

7 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paywithmoon.com Open in urlscan Pro
2606:4700:20::ac43:4686 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

91 %
HTTPS

50 %
IPv6

14
Domains

18
Subdomains

18
IPs

4
Countries

1614 kB
Transfer

5224 kB
Size

7
Cookies

43 HTTP transactions
0 data transactions