momence.com Open in urlscan Pro
2606:4700:20::681a:357 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://momence.com/p/210552
Effective URL:
https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-...
Submission: On April 28 via api (April 28th 2023, 8:26:10 pm UTC) from FI — Scanned from FI

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 12 domains to perform 100 HTTP transactions. The main IP is 2606:4700:20::681a:357, located in United States and belongs to CLOUDFLARENET, US. The main domain is momence.com. The Cisco Umbrella rank of the primary domain is 495661.
TLS certificate: Issued by GTS CA 1P5 on April 6th 2023. Valid for: 3 months.

This is the only time momence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:20:... 2606:4700:20::681a:357	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:257	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	65.9.95.7 65.9.95.7	16509 (AMAZON-02) (AMAZON-02)
27	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:212... 2600:9000:2127:ae00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.208.191.20 34.208.191.20	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.18 65.9.95.18	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
10	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	52.219.98.226 52.219.98.226	16509 (AMAZON-02) (AMAZON-02)
2	52.9.112.97 52.9.112.97	16509 (AMAZON-02) (AMAZON-02)
1	54.204.171.73 54.204.171.73	14618 (AMAZON-AES) (AMAZON-AES)
1	52.49.17.168 52.49.17.168	16509 (AMAZON-02) (AMAZON-02)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
5	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	() ()
1	2a04:4e42:600... 2a04:4e42:600::291	() ()
100	22

15 2606:4700:20::681a:357 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

momence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.momence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:257 (United States)

ASN13335 (CLOUDFLARENET, US)

api.momence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1022364.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 65.9.95.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-7.prg50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:ae00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.191.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-191-20.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-18.prg50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.98.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

ribbon-technologes-images.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.9.112.97 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-112-97.us-west-1.compute.amazonaws.com

api.ipfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.171.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-171-73.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.17.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (None, ) 1 redirects

ASN- ()

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (None, )

ASN- ()

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 15734 r.stripe.com — Cisco Umbrella Rank: 7419	556 KB
23	momence.com 1 redirects momence.com — Cisco Umbrella Rank: 495661 api.momence.com — Cisco Umbrella Rank: 579566	801 KB
20	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2260 t.paypal.com — Cisco Umbrella Rank: 3014 c.paypal.com — Cisco Umbrella Rank: 5211 b.stats.paypal.com dub.stats.paypal.com c6.paypal.com	348 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2070	35 KB
2	ipfind.com api.ipfind.com — Cisco Umbrella Rank: 173617	443 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 5316	207 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 3763 api-iam.intercom.io — Cisco Umbrella Rank: 3605	6 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	16 KB
1	amazonaws.com ribbon-technologes-images.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 987202	1 MB
1	gstatic.com fonts.gstatic.com	38 KB
1	sentry.io o1022364.ingest.sentry.io	301 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
100	12

	Domain	Requested by
21	r.stripe.com	js.stripe.com
16	api.momence.com	momence.com
15	js.stripe.com	momence.com js.stripe.com
10	www.paypal.com	momence.com www.paypal.com www.paypalobjects.com
7	momence.com	1 redirects momence.com
6	q.stripe.com	momence.com
5	c.paypal.com	www.paypal.com c.paypal.com
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	t.paypal.com
2	api.ipfind.com	momence.com
2	js.intercomcdn.com	widget.intercom.io
2	m.stripe.network	js.stripe.com m.stripe.network
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	merchant-ui-api.stripe.com	js.stripe.com
1	api-iam.intercom.io	js.intercomcdn.com
1	ribbon-technologes-images.s3.us-east-2.amazonaws.com
1	fonts.gstatic.com	fonts.googleapis.com
1	widget.intercom.io	momence.com
1	m.stripe.com	m.stripe.network
1	o1022364.ingest.sentry.io	momence.com
1	fonts.googleapis.com	momence.com
100	23

This site contains no links.

Subject Issuer	Validity	Valid
*.momence.com GTS CA 1P5	`2023-04-06` - `2023-07-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-28`	a year	crt.sh
ipfind.com Amazon RSA 2048 M01	`2023-02-10` - `2023-08-08`	6 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
Frame ID: C06F2DDE15719459B0D7E358C4493B6D
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 40B97FC5574D7746FF35BF131C17D57B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 298FA0A47B81F881A428078C46F41125
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.a672ced9.js
Frame ID: 6162097EFC1F0FFBC13677FA05A398D5
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
Frame ID: A58C1C442E33286D591839BE98AC3F4C
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
Frame ID: 9D07EDBF85F718E60F39B58C98765FA7
Requests: 10 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.370&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNpVHBab25LU3FqYk9jcl94U2llM3BibEc5Nmx3MHp3SWhpQkJscmtINmNzUlBmemJoWFhNMXBHVElHeExGZExpQUVxR0tQVUpVR1l6bUMmY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCx2ZW5tbyxzZXBhLGJhbmNvbnRhY3QsZXBzLGdpcm9wYXksaWRlYWwsbXliYW5rLHAyNCxzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocHp6c2VneXp0dXFjeW9pc2t6enhsZHhna2R4eHIifX0&clientID=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&sdkCorrelationID=f277686485730&storageID=uid_503117beec_mja6mjy6mdc&sessionID=uid_b55923be42_mja6mjy6mdc&buttonSessionID=uid_9a0c8173eb_mja6mjy6mdc&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&disableFunding.2=venmo&disableFunding.3=sepa&disableFunding.4=bancontact&disableFunding.5=eps&disableFunding.6=giropay&disableFunding.7=ideal&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 8E011E2F08930A9FFED499ED1E019A39
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 529E4EDD55D60F01330A790AE4BFDFA4
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 5BE83E2A0EE4D91239A05977ADE7F3C0
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 9ED38D76A993120263D6311C36344AA2
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS
Frame ID: 0222DE3DBB7AC2B69463892FE83264AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gemini : Threshold Of The NEW Beginning | May 2023 Channeled Tarot Message - EXT

Page URL History Show full URLs

https://momence.com/p/210552 HTTP 302
https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2... Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

100
Requests

99 %
HTTPS

29 %
IPv6

12
Domains

23
Subdomains

22
IPs

3
Countries

3480 kB
Transfer

8077 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://momence.com/p/210552 HTTP 302
https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://b.stats.paypal.com/v2/counter.cgi?p=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 210552 Show response
momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/
Redirect Chain

https://momence.com/p/210552
https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552

2 KB
1 KB

160ms
159ms

Document
text/html

2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 00c109d9aa9011cb1670f6377685331ab324c91a7edb1fb690a49d4d078c08a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7bf209c4ea39d95f-HEL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 20:26:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67DKWYVy%2B2SXsfi73d9VNzTHdvrwRWWvjhWznYK%2FcSzj9l%2Be%2BlmqDOz6HfJif0lB8b6JhevVDyZlAlffvA%2FCgyRwxIqD8YIv734fgJ5i3uZTp4ULvEjNVilaDgAK5hdCT5c%2Bc8PyMt9e"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

access-control-allow-headers: *
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7bf209c2ae47d95f-HEL
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 20:26:04 GMT
location: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTQ7EaKw0rW1nqZzw6w%2BUb8dFhiGDqQIc1gUTZHWS5YGoUvKr%2Fn8TUPDpwGvhk3itzvUq8miZ5U2On9Kn6CmRA6j8g2eMiPwOPbPyDrdN0wUFQzqxNoiLYEA0S0hFjut0ob40brxA8o%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
x-powered-by: Express

GET
H2 200 6551.4ce95949.js Show response
momence.com/event/static/js/ 1 MB
422 KB 83ms
81ms Script
application/javascript 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://momence.com/event/static/js/6551.4ce95949.js
Requested by: Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2f5fd74e3bf00a0e9a539d9398619edf4a8d7431f97f4a246844fc31d479c6b8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 09:57:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35881
x-powered-by: Express
etag: W/"12f81b-187c74c4545"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YzZW3%2Bh%2BDWkChtU2N1qMA2j%2B0nVYCS%2B1XsY4D2QNU%2BiBu4GcjJuzcK2Z8%2FhwUqg7f4u7at1p5QT0%2BwhGz5pgRkau4XydnoCLrfmTNhmjULewiDfRc6LZlW63rQJpip3VOz1a39V7tHw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000000, immutable
cf-ray: 7bf209c60c02d95f-HEL

GET
H2 200 main.c84c727b.js Show response
momence.com/event/static/js/ 1015 KB
306 KB 50ms
48ms Script
application/javascript 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://momence.com/event/static/js/main.c84c727b.js
Requested by: Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7dd8310a8b0934ba8dc7a0dc8d30b6abe154138ee731bbb6148d363ff00c9f2a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 09:57:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35881
x-powered-by: Express
etag: W/"fdcd5-187c74c4549"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YV%2BkTgsNETwkT5ruJEWC41hKxmmI4NfG28OdVT5%2BYftG9Ard3Yu5cg5kB6Ae9g0taCmA9Rh%2FMDZPCNAwU4BgIO51qQpTfOtIlHUh%2FolBuqnP%2BItzKMY7GrXjoYS0ejir0eIZcRt5Wtr6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000000, immutable
cf-ray: 7bf209c60c0ad95f-HEL

GET
H2 200 main.4eff9b52.css
momence.com/event/static/css/ 41 KB
8 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://momence.com/event/static/css/main.4eff9b52.css
Requested by: Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: eb49784b0828f486032ffd67cbc3b516e4942a50cbe45aaa647d6726fbf1805a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 13:23:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 84286
x-powered-by: Express
etag: W/"a360-187c2e232f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDQ035ks%2FGD5qg6cgPu3rWQ3CQOGPsxUBduQoKBejtQZGbPqYwoREkd1ow2MDGffQz6IuUI6vt0THNUEmDJ3pKV%2FHBXwxDMhyD%2F7sbPh%2BGjJ616vFxTUjUTM0jfa1GKZWP2c1UCMMvsH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000000, immutable
cf-ray: 7bf209c60c08d95f-HEL

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 213ms
74ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: momence.com
URL: https://momence.com/event/static/css/main.4eff9b52.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d50106fa1a13ce95ef3d8f13dec4573705692e39199f75e1c934871f6475336d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 20:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 19:35:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 20:26:05 GMT

OPTIONS
H2 200 GetVideoDetails
api.momence.com/plugin/ Frame 0
0 408ms
327ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/GetVideoDetails?videoId=210552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7bf209c90f73d93f-HEL
content-length: 8
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:05 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rcvkjph6ZrDLJ78va68Ik5LhcRmsyfIqNvSqQ3LgKODGw5M%2BKq81dMhWfyLRI06A6tmnkURAabD3e%2FgG4IZMJrVJdfKwXvWVFuvY4pthKzQBUuknOCjI187oAFI58NgG4akrVPO441s6nP0v%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app1

OPTIONS
H2 200 profile
api.momence.com/auth/ Frame 0
0 411ms
331ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/auth/profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7bf209c90f77d93f-HEL
content-length: 8
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:05 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlELyuz3dNUm%2BNBXLaYSzPr8PNCkePeEVK27JhxL5vZ5bTgpoIxE2saaZAD4w8psKy7z4owTYwlUgodUPPencd%2FWa3xOwQYW9M2nkaN%2BD%2BdkVJMFRLmmdmuGCEvu7KoqGwv3cWza3M2gpDDrGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app1

POST
H2 200 / Show response
o1022364.ingest.sentry.io/api/6326061/envelope/ 2 B
301 B 153ms
68ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1022364.ingest.sentry.io/api/6326061/envelope/?sentry_key=5d79a5b1686e4a17867798c4c9f22705&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.1

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://momence.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 20:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 1632.5d5c0f8a.chunk.js Show response
momence.com/event/static/js/ 412 B
598 B 42ms
42ms Script
application/javascript 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://momence.com/event/static/js/1632.5d5c0f8a.chunk.js
Requested by: Host: momence.com
URL: https://momence.com/event/static/js/main.c84c727b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 973c4c25215299f552b28f343557f134381c0faedcf531ee145f03d2356dca7f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 09:57:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11435
x-powered-by: Express
etag: W/"19c-187c74c4545"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeLDNwYo4pgavtv05u%2FXEDCIdpHkJtt%2Bl%2F0jE82WophKJW50NxYgyovs8olk8O4ebggMgYtA%2BqhK%2FvhRNQHW6hS2G8hsz1ZrGUb8rBh5IKoO7%2Fh1wjgunOl9LP9qnaHMCI7AN11QL36o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000000, immutable
cf-ray: 7bf209c86864d95f-HEL

GET
H2 200 v3 Show response
js.stripe.com/ 473 KB
114 KB 236ms
76ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:25:18 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 54
x-cache: Hit from cloudfront
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Cloudfront
etag: W/"e0c2fcb6f1be2cfafacb1bed780a0f67"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: c9K_2u_Rj2kCkwxiesnHEmrQQfBr8NoKcRuS5Lrgq1YETugZJJrpyw==

GET
H2 200 GetVideoDetails Show response
api.momence.com/plugin/ 705 B
904 B 352ms
351ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/GetVideoDetails?videoId=210552

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a5ac8c4dfa1714b207d075d9dce3a82a639c5154ee600a935a99297152622b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c1-ddIwsTEs+DoZOxwG2jMqYweacKk"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7%2BvRmeSUtwDkw%2F5ETzc7%2B78SR5JQDWudE3QWHeiWt6JhbwJ0gYTCBrYJn2CDHObgdc%2BHU5nSgKJG%2FrPn2%2BmCVBOWEIMDAe6kRAIjG75e%2B2r0F0%2FIHCLILpwEaCO8guUJ6yr9rhtyYhGjTRbJg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209cb0cbdd95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key

GET
H2 401 profile Show response
api.momence.com/auth/ 0
541 B 334ms
334ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/auth/profile

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfohJEyT4GX4p1v6hANRVeoOqdLzjUiR62fIPC5uNzzV4k2F9SDLzHj4SF6UWfUncLKiz5Bbp6Qmf0J1CS9wFSNiKTGOiv9ZtXuDAYaP%2FSCAk4YNW%2FNP7DoK8C6pS2te9owgWaS5tBd2zen6Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209cb1ccdd95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
content-length: 0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 40B9 200 B
1 KB 67ms
67ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://momence.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2283
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 19:48:23 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 11 Apr 2023 22:02:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-id: sTAoxvCx5gadiKwj4lrVeX_YrmXwBaku_zTat2LrOTTgoZ9i9JWn4A==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 40B9 0
718 B 813ms
428ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713566658560
x-envoy-upstream-service-time: 53
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 20
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682713566633173
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 40B9 0
716 B 763ms
379ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713566635333
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682713566633195
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 40B9 631 B
1 KB 67ms
66ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 28 Apr 2023 20:21:58 GMT
x-content-type-options: nosniff
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2480
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 14 Apr 2023 20:03:32 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zAn34We-USXWF1bqZo0msGvmloOX7EEXF2QD-XBbWHIc6KA0Xu1Mug==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 298F 930 B
2 KB 197ms
63ms Document
text/html 2600:9000:2127:ae00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:ae00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 51
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 20:25:19 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-id: 5xLeGoexSno8F-F7sMGCzbaELnDZuPzBYyRgtjTO2EliuMfbXIX2VQ==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 298F 0
491 B 487ms
377ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713566633794
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1682713566633219
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 298F 86 KB
14 KB 73ms
73ms Script
text/javascript 2600:9000:2127:ae00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:ae00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:23:00 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: vHJjU1R0HUTD9lQv7-7gLyBJBQ4Av8LGrB_iCkhCeXyK1D9QoXNOmw==

OPTIONS
H2 200 436
api.momence.com/plugin/hosts/ Frame 0
0 136ms
136ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/hosts/436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7bf209cd4cc6d93f-HEL
content-length: 8
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:06 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kor%2B6Av8SdmU3HI8RXMee3Y57Y27Tkb4cbI2zuBw2SHklT%2FU6QStVy%2BI8NTtj%2BLxL3XuddJIhFkYaJCbh9Bb981J%2F4GdCQOKB1cnPf7gDdu3kfWgX%2BUIHzh8sP2sENxpsVghWwm6nGq68p2dSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app1

GET
H2 200 436 Show response
api.momence.com/plugin/hosts/ 2 KB
2 KB 157ms
157ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/hosts/436

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f783039ba78e25ca948b8c94c0e6c48f5a10603042b3eaccc2dd61eb31b46cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9ef-/C1gvXauKA0T0QULlS0jyxi6IzU"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdTx7LToNB31%2Bio9C1ur5en2QAEuF1ggr7Ke22YDF75XaJOthGM%2FjyaMjPpzOR8qRC0LshEhxEVrc9kqE6BUaSa6O9SqmcN1ZeJqEzXRuAFnKpBRcEGsC4u2QncVniiMcY0nLQGPstQxxC79Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209ce2a55d95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key

GET
H2 200 customer-fields Show response
api.momence.com/plugin/436/ 2 B
314 B 154ms
154ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/436/customer-fields

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYHyXKLyF672DsamYUCaq6sdW1GiI6S720Ooe0z0tGmmchJy5J8wVtOZlX9Nmhwnr9eYzGjYHp%2BYu7FFppTWoode3ovpdT0dNkzm3Kdiva36VEeSe7I9hhPbzjkTmfctrkt2xC4AOr9RRQ%2F40A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209ce3a8bd95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
content-length: 2

OPTIONS
H2 200 customer-fields
api.momence.com/plugin/436/ Frame 0
0 143ms
143ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/436/customer-fields

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7bf209cd4ccad93f-HEL
content-length: 8
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:06 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkLcg%2BeSfEMIpW6kX5zfFirnc%2Bi2FHHeomauYiUG%2FLxmq3VCsjSSv4RIfUz4l8mmwuPOBry2NOTwZGZRQEwt7Ljby6vL%2BmQnrJPikJ%2Bi8UU0SdqngXh9G4jTFwo754HdEOn2BBe0X3kRV94JXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app1

POST
H2 200 6 Show response
m.stripe.com/ Frame 298F 156 B
670 B 597ms
213ms XHR
application/json 34.208.191.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.191.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-191-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d2370cff1a89db5d856a6a1a90139e0b6588145843813716b381854433ec07bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713566852166
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 18
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682713566851870
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 gjf5tpix Show response
widget.intercom.io/widget/ 7 KB
3 KB 228ms
82ms Script
application/javascript 65.9.95.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/gjf5tpix
Requested by: Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-18.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a7314c082dcea39d37b314d5e8de15dd6a2323285e2eb5b756178654ab300aa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: zd0t_OSGvzulgWJ_kna4QYkRzeOmGmUu
content-encoding: gzip
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
date: Fri, 28 Apr 2023 20:16:03 GMT
x-amz-cf-pop: PRG50-C1
age: 820
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2677
last-modified: Fri, 28 Apr 2023 14:32:55 GMT
server: AmazonS3
etag: "82489e239e0315633097743217d1a7a4"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: U9O6mKrxXAuqRkh74HykRbG0TXZmLXCtTi-P4WygCzxHSwqqVYBeHQ==

GET
H2 200 customizations Show response
api.momence.com/plugin/hosts/436/ 675 B
545 B 147ms
146ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/hosts/436/customizations

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30422efae6db839e865338052e99fa4fb5d6dbc9fb2c689f18685edfb2892692

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a3-zkRdBC1D/S8oNfzfsqFh10r4ncA"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtmzZZlGYTWfGXovsYXkvsCgMM08W0qqScsNsnHa9faapw6Z3zScqrPLX0hgVPaTo8sh62eeaPwtoRrPr4JfcBS%2BDNgn0l3mdWUWYU5KeXYvYTHb22fdUvGvEzHZwFWnCabeR9SuRWVLh9jPmw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209d01df0d95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key

OPTIONS
H2 200 customizations
api.momence.com/plugin/hosts/436/ Frame 0
0 137ms
137ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/hosts/436/customizations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7bf209cf3f87d93f-HEL
content-length: 8
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:06 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D41lTElpverqRj%2BBlOEm%2FbauCJgRY1kEmBvUT4f4ejSRPTv0t65V1NAHMzxoMqa3%2BjY%2FzIMmYdouZwwVo7zC6RJfmbriWD2vR%2FwbS9IjPJCyQVtb5VP8YvBR%2FbXOJz6oMpF1ynx7ZU%2F81SFWGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app1

GET
H2 200 frame-modern.a672ced9.js Show response
js.intercomcdn.com/ Frame 6162 479 KB
134 KB 196ms
69ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.a672ced9.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gjf5tpix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

580e2faa4d5318def6d05cb6e21b7780c1ba285a29ac78bd619c1c5f15fd9a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ba3q0BEJsdUD4boHJhVUvsKxCoCPKXdg
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
date: Fri, 28 Apr 2023 18:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 6788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 136717
last-modified: Fri, 28 Apr 2023 14:30:42 GMT
server: AmazonS3
etag: "b203f38e851b0adb9ae74673647bfb63"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: H5B_nFhBh3u1th7sf2gK9Z7NDFsMfQg0PY_Uei75pWI2IzCbROF42A==

GET
H2 200 vendor-modern.a25e2912.js Show response
js.intercomcdn.com/ Frame 6162 235 KB
73 KB 313ms
187ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.a25e2912.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gjf5tpix

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

45d2d638b2febd87964c0534528daecb1cad955ef205c72c24f1b96f3c1aeb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: XtPt_8MeiuuaLJV2VN3FABlS2jAMvkbk
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
date: Fri, 28 Apr 2023 19:45:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 73954
last-modified: Tue, 25 Apr 2023 15:01:27 GMT
server: AmazonS3
etag: "342be4353ad1298e6a47d508a53adfda"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: OYzgOPY8jekMJMME6ge8R089Qocn88CWIBh5ekQzQBAiFPxZLFEVrQ==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 192ms
62ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://momence.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:42:11 GMT
x-content-type-options: nosniff
age: 528236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:42:11 GMT

GET
H2 200 Epilogue-SemiBold.b1fc2728dc2eebbfdbd9.woff
momence.com/event/static/media/ 58 KB
58 KB 45ms
44ms Font
font/woff 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://momence.com/event/static/media/Epilogue-SemiBold.b1fc2728dc2eebbfdbd9.woff
Requested by: Host: momence.com
URL: https://momence.com/event/static/css/main.4eff9b52.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dd42a8ddeb8e0d957470b5f788533628254d09103c59fb4a9f6929c389c7189f

Request headers

Referer: https://momence.com/event/static/css/main.4eff9b52.css
Origin: https://momence.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 13:23:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 84284
x-powered-by: Express
etag: W/"e654-187c2e232f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCDnLTvjlHL0e1kZ3a3IlGfho6%2FFgnE9fuov4daaqJyFTfqb7h1BYFItxO%2B646ZnsUVYwDgvZalaznPl2fsYeGv4MwLvyOPe6JqniBtz1YgJTkAYbTFD%2BGklnLXqNKiGDhVr3tnF7J4q"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000000, immutable
cf-ray: 7bf209d1284ad95f-HEL

GET
H2 200 js Show response
www.paypal.com/sdk/ 271 KB
76 KB 719ms
592ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&currency=USD&disable-funding=credit,card,venmo,sepa,bancontact,eps,giropay,ideal,mybank,p24,sofort

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5f6a61fa63d655434c1a48947edb5bed413d18d25c1f50fba599f98dfd2203c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:26:07 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
p3p: true
paypal-debug-id: f1715482f4af8
server-timing: "traceparent;desc="00-0000000000000000000f1715482f4af8-1c6e9b264fbab3a4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76422
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230093-FRA
traceparent: 00-0000000000000000000f1715482f4af8-d98e01ca43c44b57-01
x-timer: S1682713567.060164,VS0,VE537
etag: W/"12a86-mDYk8PLyQXBRw9lYsQyHHpTVOxo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK host-436_GEMINI-1682701915708.png
ribbon-technologes-images.s3.us-east-2.amazonaws.com/ 1 MB
1 MB 605ms
298ms Image
image/* 52.219.98.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ribbon-technologes-images.s3.us-east-2.amazonaws.com/host-436_GEMINI-1682701915708.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.98.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6654416ff7d3d6887792d280ea17d7f6d7ff4cf7ca5a503fdb5a665fe54c4fe6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 20:26:08 GMT
Content-Encoding: base64
Last-Modified: Fri, 28 Apr 2023 17:11:59 GMT
Server: AmazonS3
x-amz-request-id: YDC96NSW7133K2NX
ETag: "b62705484fe306204a6e43841b351e50"
x-amz-server-side-encryption: AES256
Content-Type: image/*
Accept-Ranges: bytes
Content-Length: 1506405
x-amz-id-2: AnaHU4V5yw4Zy2rlFtnA1SftF63/qgpUoo6Ps7xdNTOOUVUOzGpVSOeTWCWXhTa8LgG8ywFOncc=

GET
H2 200 controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html Show response
js.stripe.com/v3/ Frame A58C 325 B
1 KB 68ms
67ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f299570812f10a5431a335b867b9b72fa745fe0050f071f443603a47f34a8cdd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://momence.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 19
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 20:25:48 GMT
etag: "83cdc86c0f3d8d83bf6bac9f58a55da5"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-id: 8tv01bE9flgPRNrpbKmzlEnJcepFvZkD6eQLsJx38WbljyuTvzqh9A==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html Show response
js.stripe.com/v3/ Frame 9D07 798 B
2 KB 67ms
67ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

70859c4d97ad5b6202a50b165b8d9ff4058800042aac66b401dbf868015c7cdd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://momence.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 405
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 20:19:27 GMT
etag: "0739a6afc8e0f33c4cf4f4f2322bd985"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-id: NAxJQGExBKnc-cHJLFVl3h_syUIc5YVFrF5MFaoKMlXn_Is3dWJGEg==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 200 me
api.ipfind.com/ Frame 0
0 617ms
206ms Preflight
text/html 52.9.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipfind.com/me?auth=9f8e7487-366c-4057-9aef-876b69458fd7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.112.97 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-112-97.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-app,x-origin,x-session
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cache-control: no-cache, private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 20:26:07 GMT
server: Apache/2.4.18 (Ubuntu)

OPTIONS
H2 200 phone-number-field
api.momence.com/plugin/436/customer-fields/ Frame 0
0 134ms
134ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/436/customer-fields/phone-number-field

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7bf209d16ab1d93f-HEL
content-length: 8
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:07 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YxPpMzAB1YJRLF50j3aMzanhQMYNR0oxk6vGf6Znafft1J7KSqjuxVQCs%2BwQykOZdAw0F1xuagN%2FpUvnIg6DFIYDxuoxX4NhtDCzPdTVx7Y1MEoqKmbDh2t4wyVZhpNs%2F9Xc3w%2FehYs7IaxYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app1

OPTIONS
H2 200 exchange-rates
api.momence.com/plugin/ Frame 0
0 137ms
137ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/exchange-rates?baseCurrency=USD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-app,x-origin,x-session
Access-Control-Request-Method: GET
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 7bf209d16ab3d93f-HEL
content-length: 8
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:07 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibIuLuWhYW52WM9GpGPwmpygYu4gGjr9yNvRTPGZbFLwKTetP3WMmDLWBuZSDSe11j5EYRIPMBgk1SHRmZMeCtaP%2BjskEPj%2BJ480MmT31bXl3bGketHAknDlpvk4gEgx3CD08p4g2ZYqSCPdYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app1

OPTIONS
H2 200 calculate
api.momence.com/api/credit-card-fees/ Frame 0
0 326ms
326ms Preflight
application/json 2606:4700:20::681a:257
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/api/credit-card-fees/calculate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:257 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app,x-idempotence-key,x-origin,x-session
Access-Control-Request-Method: POST
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://momence.com
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 7bf209d16abad93f-HEL
content-length: 4
content-type: application/json; charset=utf-8
date: Fri, 28 Apr 2023 20:26:07 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbctJWJbiwup965WYbrGZVo7A7evCcOsJ5TG06QXu85qwD5O9EbBdINeg%2F6wg2E3qMjTV7vbRY%2FKV9puWcEdTcLXn7fBhHV73QGgDvvaYVwdEqQSnPoPnJlj91YFAqXeLTgUeuGKbw6Qa8srbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
x-backend-host: app3

GET
H2 200 me Show response
api.ipfind.com/ 346 B
443 B 623ms
219ms XHR
application/json 52.9.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipfind.com/me?auth=9f8e7487-366c-4057-9aef-876b69458fd7
Requested by: Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.112.97 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-112-97.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8b0f0c5420a2d837d14bb7c4e2a97383a14111fe1abd913a9237b4fa68ffcb3c

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:08 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://momence.com
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 224

GET
H2 200 phone-number-field Show response
api.momence.com/plugin/436/customer-fields/ 94 B
668 B 154ms
153ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/436/customer-fields/phone-number-field

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99c78119a51c9f3e89b4841ad923c7002853786dd93246199169053ed73bbb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e-SG0KksT7w0KpY6C3ktw+Xj9jDKU"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pa%2B5Ik60aXL6WzdBaJb9NV69AXd%2FN%2B%2FvcMU6ftSNB2%2BMVry94eXUzpLpwUOd1P6phtT8064F6cD9qGEiLsK2mlHsV5BQ0kMLHJD71DZKwYcOB52ZqpVhKLMZrRZSoMWuOXpWQyMmKjx4Gz1cQA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209d24a59d95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key

GET
H2 200 exchange-rates Show response
api.momence.com/plugin/ 460 B
669 B 140ms
140ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/plugin/exchange-rates?baseCurrency=USD

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b136d3c28d9287e35fb4fa0f958505cf2ded3f3b2110d9647ab31f23fd2b62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1cc-GJif5H30T7tHM5FWZ7/vPj1D0qs"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hs724wyPWXWiBM%2Fkx5VqMr3poOmjvVJegYLC1zjt7kifshMT2UdFXeksH0mAzjDCxsOj3CrjRiAfwBlJu4ONsuA122Lj%2F8UlF93KBZO%2BH8boNo98XwlkX1rorty8rU5qBoSvxQMmy0ZPc4nZ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209d24a5dd95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key

POST
H2 200 calculate Show response
api.momence.com/api/credit-card-fees/ 1 B
391 B 146ms
145ms XHR
application/json 2606:4700:20::681a:357
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.momence.com/api/credit-card-fees/calculate

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:357 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

x-origin: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552
accept-language: fi-FI,fi;q=0.9
x-idempotence-key: bd6897b2-c9a2-4a1e-8b33-a19e8b488796
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://momence.com/
x-session: ea96ed913c9d3b4aac224ed0b61cd0973d09f1cf0fb48d1483f4039a4c9f7af3
x-app: checkout-de29d6694c12baeb96f9c95f0a730232c7d3138d

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
x-backend-host: app3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1-tlifxqsNyCzxIJnRwtQKuZToQQw"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PYjU3O9SzjMrs50KYMJtCBs8VxzH8gB4JLW%2FD%2FdtILGda2VLNW4AK51mjR5EuJabmoxOU%2FL30QhFx24a8bjw3PyI%2F8yTVKNZHl%2BWvYOJotUcYETZflRYzXr3nA3EHpjHggWtenmBZDLxT643g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7bf209d37cacd95f-HEL
access-control-allow-headers: Accept,Content-Type,X-Requested-With,x-api-key,Authorization,x-app,x-origin,sentry-trace,baggage,x-session,x-idempotence-key
content-length: 1

POST
H2 200 csp-report
q.stripe.com/ Frame A58C 0
718 B 243ms
243ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713567110515
x-envoy-upstream-service-time: 55
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 22
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682713567082273
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A58C 404 KB
88 KB 72ms
72ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:13:55 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 733
x-cache: Hit from cloudfront
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Cloudfront
etag: W/"ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: iq0RUL0UfEHPJymKT7cNlCxCFygPpzx1XoTlrPGqW5KKhZAkYcg_vA==

GET
H2 200 controller-29563f727e5e752fc3bb42afc31979da.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A58C 450 KB
111 KB 101ms
101ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-29563f727e5e752fc3bb42afc31979da.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b6918f0f7a4745c4ff5f00786438935cf32c146f14dba7b96c37a054aa2df3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 19:27:44 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3504
x-cache: Hit from cloudfront
last-modified: Thu, 27 Apr 2023 17:26:46 GMT
server: Cloudfront
etag: W/"4fb125a47507653ef37e355469fe710f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Rsc7hU5ut5OtPz6Z0ZMZ23-Av5RKOfhX9FdytJz2BlJgaJG3m8Mnaw==

POST
H2 200 csp-report
q.stripe.com/ Frame 9D07 0
717 B 250ms
249ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713567120024
x-envoy-upstream-service-time: 62
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 34
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682713567094347
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9D07 0
717 B 203ms
202ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: momence.com
URL: https://momence.com/Soulful-Revolution/video/Gemini-%3A-Threshold-Of-The-NEW-Beginning-%7C-May-2023-Channeled-Tarot-Message---EXT/210552

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713567095886
x-envoy-upstream-service-time: 14
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682713567095494
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9D07 404 KB
88 KB 136ms
135ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:16:36 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 733
x-cache: Hit from cloudfront
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Cloudfront
etag: W/"ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: c9M1L3hnVyV3D-zBxm0OJpKFliAQ7fiMMeOIOzP_MbS4mMo5z6qbLA==

GET
H2 200 ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9D07 288 KB
83 KB 165ms
164ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 19:35:33 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3035
x-cache: Hit from cloudfront
last-modified: Thu, 27 Apr 2023 17:26:49 GMT
server: Cloudfront
etag: W/"6a157162e34a00ebdf695e648c755811"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5NAFRT4PO3ApocAANqgP888D70-2nKJEc3HQvQhS67-FbujudYZWgw==

GET
H2 200 elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9D07 46 KB
11 KB 183ms
182ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b48e1141180d9eb4297ddc69ce9b46565ca016186d9ad11471238c620e89beee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:03:52 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1336
x-cache: Hit from cloudfront
last-modified: Mon, 24 Apr 2023 17:02:50 GMT
server: Cloudfront
etag: W/"15d6d18487117438f36a7fec85fac587"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -dNp4JCz7TZY5Nila4anwLGBnD4kG7ctcqPjsqdchJM9Kmjo2zkQEg==

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 9D07 19 KB
3 KB 163ms
163ms Stylesheet
text/css 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:00:13 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1555
x-cache: Hit from cloudfront
last-modified: Wed, 19 Apr 2023 20:09:13 GMT
server: Cloudfront
etag: W/"dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: FTnH0T8ra63-Tow3DLBHYe4I6djIqncKJVxgBQ65Ut8n3IXHo_83mg==

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame 9D07 10 KB
2 KB 162ms
162ms Stylesheet
text/css 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:01:09 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1499
x-cache: Hit from cloudfront
last-modified: Mon, 17 Apr 2023 21:23:17 GMT
server: Cloudfront
etag: W/"26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: F1Z8_VpryX80KNiSkoonol98BjHkCj2sJ-GbAslKCq76LDHsx8LEIw==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A58C 535 B
924 B 267ms
131ms Fetch
application/json 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 5a2634784199606dcc189820d62db1992c80bd304eeff59dd10ced7ac2b1e54c

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2023 20:22:38 GMT
server: Cloudfront
x-amz-cf-pop: PRG50-C1
age: 1
etag: "aeed0a1481266e30ab760b68f7ce811c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 535
x-amz-cf-id: 8arfq2RS7byPLdZDP5yXYajtIkAlFt_OjX_2YFfHd-jPCEQhfVEmBQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9D07 535 B
923 B 197ms
131ms Fetch
application/json 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 5a2634784199606dcc189820d62db1992c80bd304eeff59dd10ced7ac2b1e54c

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2023 20:22:38 GMT
server: Cloudfront
x-amz-cf-pop: PRG50-C1
age: 1
etag: "aeed0a1481266e30ab760b68f7ce811c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 535
x-amz-cf-id: 74BnwPN2q4-dchYebNQSTtCy5SMF4808yiLMLjf5rPSJi_JFQLTdzA==

GET
H2 200 countryRanges-1e8b3d390a07073baae3a9d50ccffdd5.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 9D07 143 KB
36 KB 119ms
78ms Fetch
application/json 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-1e8b3d390a07073baae3a9d50ccffdd5.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-7.prg50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b1edba09a92cc8a52b69c18ec834510950b98f387cbe6014a53f92c5579a3725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 19:46:14 GMT
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2423
x-cache: Hit from cloudfront
last-modified: Mon, 17 Apr 2023 21:23:18 GMT
server: Cloudfront
etag: W/"1e8b3d390a07073baae3a9d50ccffdd5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BH80qVDgIteE_1s_Y-R2j0qbqz7XDO2C4wm2xasx0__6lDuB5fiibQ==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 6162 5 KB
3 KB 751ms
471ms XHR
application/json 54.204.171.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.a672ced9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.204.171.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-204-171-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

602d456c84ed103e805b520ad40009fdd9b9fb284b415ec273e8037a8a16216e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 20:26:08 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0c8b59900a680b5c4
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0003kgvje35naj8u5u60
x-runtime: 0.297253
server: nginx
etag: W/"602d456c84ed103e805b520ad40009fd"
x-ratelimit-remaining: 66655
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
x-intercom-version: 466f477cfb41e5d489d158de0cc9aed1abd4918e
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1682713570
x-ratelimit-limit: 66666
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame A58C 1 KB
2 KB 477ms
267ms Fetch
application/json 52.49.17.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config?key=pk_live_RoPa2iuvwBbqEISUd2LYTmKF&_stripe_account=acct_1CxIUtGGPElFU8j7&request_surface=web_elements_controller&stripe_js_id=e25a176e-40f9-4a51-8fbf-ea9a9b2b8796

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.49.17.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f92fc068e1c85704cee3530e601f657d0023d9704b1aac4b37ea11f9a614b548

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682713567687867
content-length: 1133
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 67
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1682713567687169
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 384ms
376ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741397
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741202
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 384ms
377ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741336
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741139
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 387ms
380ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741833
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741257
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 389ms
382ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741830
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741570
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 390ms
384ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741738
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741515
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 391ms
385ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567742101
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741625
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 384ms
380ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741804
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741310
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 382ms
378ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741599
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682713567741055
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 387ms
383ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567742039
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741855
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 388ms
385ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567742285
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741734
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 386ms
383ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741578
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741403
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 386ms
384ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567741918
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567741462
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 564ms
563ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567927826
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567927612
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 568ms
566ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567928215
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682713567927704
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 565ms
565ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567928636
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567928378
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 564ms
563ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567928677
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567928477
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 567ms
567ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567928964
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567928429
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 60ms
59ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=momence.com&t=xo&v=5.0.370&source=payments_sdk&client_id=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&currency=USD&disable-funding=credit,card,venmo,sepa,bancontact,eps,giropay,ideal,mybank,p24,sofort

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc488645715f63436989f441f1389e65fafd679173f2e9de17d54e9a92cb8c89

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-USPtzmthrQ99yldfr6Sv1AW9NqO2h9u9FoINaBZcojUR6opU' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-USPtzmthrQ99yldfr6Sv1AW9NqO2h9u9FoINaBZcojUR6opU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:26:07 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 60525
x-cache: HIT
paypal-debug-id: f951693238a16
server-timing: "traceparent;desc="00-0000000000000000000f951693238a16-dee909735aaff7c3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4746
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230093-FRA
traceparent: 00-0000000000000000000f951693238a16-5b19b953e3531034-01
x-timer: S1682713568.769559,VS0,VE2
etag: W/"3535-x2dxLCYj40oDwPclNYsdhXD2BT8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 8E01 378 KB
138 KB 430ms
430ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.370&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNpVHBab25LU3FqYk9jcl94U2llM3BibEc5Nmx3MHp3SWhpQkJscmtINmNzUlBmemJoWFhNMXBHVElHeExGZExpQUVxR0tQVUpVR1l6bUMmY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCx2ZW5tbyxzZXBhLGJhbmNvbnRhY3QsZXBzLGdpcm9wYXksaWRlYWwsbXliYW5rLHAyNCxzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocHp6c2VneXp0dXFjeW9pc2t6enhsZHhna2R4eHIifX0&clientID=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&sdkCorrelationID=f277686485730&storageID=uid_503117beec_mja6mjy6mdc&sessionID=uid_b55923be42_mja6mjy6mdc&buttonSessionID=uid_9a0c8173eb_mja6mjy6mdc&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&disableFunding.2=venmo&disableFunding.3=sepa&disableFunding.4=bancontact&disableFunding.5=eps&disableFunding.6=giropay&disableFunding.7=ideal&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

609bbb7a0c6dfae1c78219c927aa9e2c524f1baab8eac437f5b517ff74f009bb

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://momence.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 20:26:08 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5e8b6-n46Cu46u+vzGfWEV7eJ/KgUrjgo"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f14808445199a
server-timing: "traceparent;desc="00-0000000000000000000f14808445199a-8358bf739face2c5-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f14808445199a-8422d9f1a46543ad-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230093-FRA
x-timer: S1682713568.824865,VS0,VE373
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 529E 3 KB
4 KB 177ms
57ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: a9c403155406c
dc: ccg11-origin-www-1.paypal.com
content-length: 3266
x-served-by: cache-sjc10049-SJC, cache-fra-eddf8230137-FRA
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
traceparent: 00-0000000000000000000a9c403155406c-daf84a9867d9436a-01
x-timer: S1682713568.944310,VS0,VE0
etag: "642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 5560

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 345ms
233ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://momence.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://momence.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 28 Apr 2023 20:26:08 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f148084749eee
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f148084749eee-91bb99a3f7e2a443-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230132-FRA
x-timer: S1682713568.940971,VS0,VE176

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1020 B
2 KB 257ms
255ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: momence.com
URL: https://momence.com/event/static/js/6551.4ce95949.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4112a0917dcf6b1a8461a8add4b92b32286ef9e937e675fea34cc12ce7cb2867

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://momence.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Apr 2023 20:26:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f1480846c5139
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230132-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f1480846c5139-ddfe406e136db6da-01
x-timer: S1682713568.180025,VS0,VE198
etag: W/"3fc-BQ8XMdVZlObpHE5XF8dUXSNCcnk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://momence.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 169ms
58ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=momence.com&t=xo&v=5.0.370&source=payments_sdk&client_id=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&vault=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:07 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 4da584dd0e633
dc: ccg11-origin-www-1.paypal.com
content-length: 15721
x-served-by: cache-sjc10081-SJC, cache-fra-eddf8230137-FRA
last-modified: Tue, 03 May 2022 17:28:29 GMT
traceparent: 00-00000000000000000004da584dd0e633-fe538e47eb7f6188-01
x-timer: S1682713568.944282,VS0,VE0
etag: W/"6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 112, 13132

GET
H2 200 ts
t.paypal.com/ 42 B
817 B 353ms
217ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AHYMRK8B4YP7QJ-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AHYMRK8B4YP7QJ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bce051ba-147e-40b3-8d77-b65a980e399c&fltp=analytics&mrid=HYMRK8B4YP7QJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Gemini%20%3A%20Threshold%20Of%20The%20NEW%20Beginning%20%7C%20May%202023%20Channeled%20Tarot%20Message%20-%20EXT&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1682713567809&g=0&completeurl=https%3A%2F%2Fmomence.com%2FSoulful-Revolution%2Fvideo%2FGemini-%253A-Threshold-Of-The-NEW-Beginning-%257C-May-2023-Channeled-Tarot-Message---EXT%2F210552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 28 Apr 2023 20:26:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 86aece70cf7f9
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-fra-eddf8230103-FRA
pragma: no-cache
traceparent: 00-000000000000000000086aece70cf7f9-4c067501a19d9e2b-01
x-timer: S1682713568.969351,VS0,VE161
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 20:26:08 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 192ms
192ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567949115
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567948931
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 190ms
190ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:07 GMT
x-stripe-server-envoy-start-time-us: 1682713567949300
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713567949117
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 360ms
359ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:08 GMT
x-stripe-server-envoy-start-time-us: 1682713568114872
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713568114337
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A58C 0
274 B 360ms
360ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 20:26:08 GMT
x-stripe-server-envoy-start-time-us: 1682713568115375
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682713568114795
access-control-allow-credentials: true
content-length: 0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 5BE8 54 KB
16 KB 57ms
56ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://momence.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 15947
content-type: text/html
date: Fri, 28 Apr 2023 20:26:08 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 1a1174bec2189
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001a1174bec2189-ffe26aa58f4b8868-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1228, 13930
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-fra-eddf8230137-FRA
x-timer: S1682713568.041232,VS0,VE0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 8E01 271 KB
76 KB 58ms
57ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.370&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNpVHBab25LU3FqYk9jcl94U2llM3BibEc5Nmx3MHp3SWhpQkJscmtINmNzUlBmemJoWFhNMXBHVElHeExGZExpQUVxR0tQVUpVR1l6bUMmY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCx2ZW5tbyxzZXBhLGJhbmNvbnRhY3QsZXBzLGdpcm9wYXksaWRlYWwsbXliYW5rLHAyNCxzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocHp6c2VneXp0dXFjeW9pc2t6enhsZHhna2R4eHIifX0&clientID=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&sdkCorrelationID=f277686485730&storageID=uid_503117beec_mja6mjy6mdc&sessionID=uid_b55923be42_mja6mjy6mdc&buttonSessionID=uid_9a0c8173eb_mja6mjy6mdc&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&disableFunding.2=venmo&disableFunding.3=sepa&disableFunding.4=bancontact&disableFunding.5=eps&disableFunding.6=giropay&disableFunding.7=ideal&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5f6a61fa63d655434c1a48947edb5bed413d18d25c1f50fba599f98dfd2203c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.370&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNpVHBab25LU3FqYk9jcl94U2llM3BibEc5Nmx3MHp3SWhpQkJscmtINmNzUlBmemJoWFhNMXBHVElHeExGZExpQUVxR0tQVUpVR1l6bUMmY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCx2ZW5tbyxzZXBhLGJhbmNvbnRhY3QsZXBzLGdpcm9wYXksaWRlYWwsbXliYW5rLHAyNCxzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocHp6c2VneXp0dXFjeW9pc2t6enhsZHhna2R4eHIifX0&clientID=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&sdkCorrelationID=f277686485730&storageID=uid_503117beec_mja6mjy6mdc&sessionID=uid_b55923be42_mja6mjy6mdc&buttonSessionID=uid_9a0c8173eb_mja6mjy6mdc&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&disableFunding.2=venmo&disableFunding.3=sepa&disableFunding.4=bancontact&disableFunding.5=eps&disableFunding.6=giropay&disableFunding.7=ideal&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8hp1v53rzj2gdeWhawQL+Y8dR9CjtpXrEndw0ciowGYa9F5D' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 20:26:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: HIT
p3p: true
paypal-debug-id: f1715482f4af8
server-timing: "traceparent;desc="00-0000000000000000000f1715482f4af8-1c6e9b264fbab3a4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76422
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230093-FRA
traceparent: 00-0000000000000000000f1715482f4af8-d98e01ca43c44b57-01
x-timer: S1682713568.275413,VS0,VE1
etag: W/"12a86-mDYk8PLyQXBRw9lYsQyHHpTVOxo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ts
t.paypal.com/ 42 B
469 B 214ms
214ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AHYMRK8B4YP7QJ-1&page=muse%3Aoffer%3A%3A%3AHYMRK8B4YP7QJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bce051ba-147e-40b3-8d77-b65a980e399c&es=visitorInfoFlowStarted&mrid=HYMRK8B4YP7QJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Gemini%20%3A%20Threshold%20Of%20The%20NEW%20Beginning%20%7C%20May%202023%20Channeled%20Tarot%20Message%20-%20EXT&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1682713568253&g=0&completeurl=https%3A%2F%2Fmomence.com%2FSoulful-Revolution%2Fvideo%2FGemini-%253A-Threshold-Of-The-NEW-Beginning-%257C-May-2023-Channeled-Tarot-Message---EXT%2F210552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://momence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 28 Apr 2023 20:26:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a07a06cfa4483
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-fra-eddf8230103-FRA
pragma: no-cache
traceparent: 00-0000000000000000000a07a06cfa4483-73dff64e8d2f1a2b-01
x-timer: S1682713568.277455,VS0,VE158
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 20:26:08 GMT

GET
DATA 200
OK truncated
/ Frame 8E01 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 5BE8 435 B
2 KB 394ms
394ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

750516402ad21314a6f33e4a847fe323fffab60e1d7a405797b0da33ad79c8aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-5yYLDwN86wax0xLlJzbV2maADpm4ORfjBidw9fmy2V8I4rTI' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-5yYLDwN86wax0xLlJzbV2maADpm4ORfjBidw9fmy2V8I4rTI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date: Fri, 28 Apr 2023 20:26:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f244970b7e8aa
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230093-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f244970b7e8aa-cecd0d81c73f5d13-01
x-timer: S1682713569.503550,VS0,VE337
etag: W/"1b3-gOcGGC+ZL0ZuD4nmQlZyqIhsnvU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 216ms
215ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 28 Apr 2023 20:26:08 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f148084351f4a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f148084351f4a-57e208ae370b6f6a-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230132-FRA
x-timer: S1682713568.287261,VS0,VE159

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 8E01 59 KB
21 KB 184ms
57ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 4, 1, 629802
date: Fri, 28 Apr 2023 20:26:09 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 7513096
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230066-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1682713569.310360,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 20:26:09 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 8E01 1 KB
2 KB 273ms
271ms Ping
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

114eb320bbdb4ab5ee1b039d0fc3a819d1b059b9913f5ef073cb8e36790a122c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.370&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNpVHBab25LU3FqYk9jcl94U2llM3BibEc5Nmx3MHp3SWhpQkJscmtINmNzUlBmemJoWFhNMXBHVElHeExGZExpQUVxR0tQVUpVR1l6bUMmY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCx2ZW5tbyxzZXBhLGJhbmNvbnRhY3QsZXBzLGdpcm9wYXksaWRlYWwsbXliYW5rLHAyNCxzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocHp6c2VneXp0dXFjeW9pc2t6enhsZHhna2R4eHIifX0&clientID=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&sdkCorrelationID=f277686485730&storageID=uid_503117beec_mja6mjy6mdc&sessionID=uid_b55923be42_mja6mjy6mdc&buttonSessionID=uid_9a0c8173eb_mja6mjy6mdc&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&disableFunding.2=venmo&disableFunding.3=sepa&disableFunding.4=bancontact&disableFunding.5=eps&disableFunding.6=giropay&disableFunding.7=ideal&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 20:26:09 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f24497050bc27
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230093-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f24497050bc27-baaa6e845e39f4df-01
x-timer: S1682713569.250478,VS0,VE214
etag: W/"401-GdcOoRBt2M8rRqeC/deCmPthXCY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 9ED3 160 B
1 KB 204ms
203ms Document
text/html 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 7cdb92b078d41
date: Fri, 28 Apr 2023 20:26:09 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 7cdb92b078d41
server-timing: "traceparent;desc="00-00000000000000000007cdb92b078d41-fb218329af3b07b4-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000007cdb92b078d41-26fd83bc80490954-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230066-FRA
x-timer: S1682713569.417891,VS0,VE147
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 0222
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS

42 B
299 B

340ms
78ms

Image
image/jpeg

64.4.245.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.370&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNpVHBab25LU3FqYk9jcl94U2llM3BibEc5Nmx3MHp3SWhpQkJscmtINmNzUlBmemJoWFhNMXBHVElHeExGZExpQUVxR0tQVUpVR1l6bUMmY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCx2ZW5tbyxzZXBhLGJhbmNvbnRhY3QsZXBzLGdpcm9wYXksaWRlYWwsbXliYW5rLHAyNCxzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocHp6c2VneXp0dXFjeW9pc2t6enhsZHhna2R4eHIifX0&clientID=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&sdkCorrelationID=f277686485730&storageID=uid_503117beec_mja6mjy6mdc&sessionID=uid_b55923be42_mja6mjy6mdc&buttonSessionID=uid_9a0c8173eb_mja6mjy6mdc&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&disableFunding.2=venmo&disableFunding.3=sepa&disableFunding.4=bancontact&disableFunding.5=eps&disableFunding.6=giropay&disableFunding.7=ideal&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 -, , ASN (),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 20:26:09 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS
Date: Fri, 28 Apr 2023 20:26:09 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 9ED3 59 KB
21 KB 57ms
56ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 4, 1, 629803
date: Fri, 28 Apr 2023 20:26:09 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 7513096
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230066-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1682713570.628912,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 20:26:09 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 9ED3 125 B
900 B 269ms
269ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

79dd08ce14875b67ab030f02edfdca57c4c5f42acacc9ce4e3b4583f0d40b8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 20:26:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 60b16db9ea3b6
server-timing: "traceparent;desc="00-000000000000000000060b16db9ea3b6-ea04ca8051fe402d-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-fra-eddf8230066-FRA
correlation-id: 60b16db9ea3b6
traceparent: 00-000000000000000000060b16db9ea3b6-96d554d0dbb675bc-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 9ED3 0
354 B 213ms
213ms XHR
text/plain 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Apr 2023 20:26:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: 4505757b479d1
server-timing: "traceparent;desc="00-00000000000000000004505757b479d1-e3c907a1db97c761-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230066-FRA
correlation-id: 4505757b479d1
traceparent: 00-00000000000000000004505757b479d1-71a00b49d0aa2998-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 9ED3 0
499 B 482ms
246ms Image
text/plain 2a04:4e42:600::291

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_b55923be42_mja6mjy6mdc&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 20:26:10 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: d3727db74697e
server-timing: "traceparent;desc="00-0000000000000000000d3727db74697e-9f11d9b8bfedf9b5-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-fra-eddf8230138-FRA, cache-hel1410026-HEL
correlation-id: d3727db74697e
traceparent: 00-0000000000000000000d3727db74697e-84911a7b2ff05075-01
x-timer: S1682713570.929718,VS0,VE215
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 8E01 1 KB
1 KB 273ms
273ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70d3a81bdd2a985d5930c4b03b4939936f1f0919f5f053d9e3a0bd26a7babbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.370&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNpVHBab25LU3FqYk9jcl94U2llM3BibEc5Nmx3MHp3SWhpQkJscmtINmNzUlBmemJoWFhNMXBHVElHeExGZExpQUVxR0tQVUpVR1l6bUMmY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCx2ZW5tbyxzZXBhLGJhbmNvbnRhY3QsZXBzLGdpcm9wYXksaWRlYWwsbXliYW5rLHAyNCxzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocHp6c2VneXp0dXFjeW9pc2t6enhsZHhna2R4eHIifX0&clientID=ASiTpZonKSqjbOcr_xSie3pblG96lw0zwIhiBBlrkH6csRPfzbhXXM1pGTIGxLFdLiAEqGKPUJUGYzmC&sdkCorrelationID=f277686485730&storageID=uid_503117beec_mja6mjy6mdc&sessionID=uid_b55923be42_mja6mjy6mdc&buttonSessionID=uid_9a0c8173eb_mja6mjy6mdc&env=production&buttonSize=small&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&disableFunding.2=venmo&disableFunding.3=sepa&disableFunding.4=bancontact&disableFunding.5=eps&disableFunding.6=giropay&disableFunding.7=ideal&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Apr 2023 20:26:09 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f2025714121dc
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230093-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f2025714121dc-679fcedb2205bac0-01
x-timer: S1682713570.750007,VS0,VE217
etag: W/"400-KqPcOf4FQpL2khS9oXADSzzTeS4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-20 21:01:13	Name: m Value: ec6a2efd-0265-44ab-b22c-b5c8c06bc90360721d
.momence.com/	1970-01-20 20:10:49	Name: __stripe_mid Value: 2247bb8b-cfda-4e3c-a600-20b4c1329c4b930d4e
.momence.com/	1970-01-20 11:25:15	Name: __stripe_sid Value: 212a8ea7-e100-4b89-9308-5b3e0243ed3babf6f7
.momence.com/	1970-01-20 17:54:03	Name: intercom-id-gjf5tpix Value: 3437461d-48c6-45f8-9d02-699b32dd117b
.momence.com/	1970-01-20 11:35:18	Name: intercom-session-gjf5tpix Value:
.momence.com/	1970-01-20 17:54:03	Name: intercom-device-id-gjf5tpix Value: e1f5c95c-99b3-4f07-b7ac-1cae3fda4b57
.paypal.com/	1970-01-20 11:25:15	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 21:01:13	Name: ts_c Value: vr%3Dc98b62b61870a2d0082586d5ff9bd7b9%26vt%3Dc98b62b61870a2d0082586d5ff9bd7b8
.paypal.com/	1970-01-20 20:10:49	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 11:25:45	Name: LANG Value: fi_FI%3BFI
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3A4YU59vaTo5GBbzTJUvcAnERkJRMt2Mg0.NlkDD9SbNKFNo6Y3jQWRQAgkXpFO21BnsU5b2YHuoss
.paypalobjects.com/	1970-01-20 11:26:39	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 11:29:32	Name: tsrce Value: loggernodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MjcxMzU2OTM4NCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 21:01:13	Name: ts Value: vreXpYrS%3D1777407969%26vteXpYrS%3D1682715369%26vr%3Dc98b62b61870a2d0082586d5ff9bd7b9%26vt%3Dc98b62b61870a2d0082586d5ff9bd7b8%26vtyp%3Dnew

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://api.momence.com/auth/profile Message: Failed to load resource: the server responded with a status of 401 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.ipfind.com
api.momence.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
momence.com
o1022364.ingest.sentry.io
q.stripe.com
r.stripe.com
ribbon-technologes-images.s3.us-east-2.amazonaws.com
t.paypal.com
widget.intercom.io
www.paypal.com
www.paypalobjects.com
151.101.1.35
151.101.129.35
151.101.2.133
151.101.65.21
18.66.147.3
2600:9000:2127:ae00:19:7d10:bd80:93a1
2606:4700:20::681a:257
2606:4700:20::681a:357
2a00:1450:4001:806::2003
2a00:1450:4001:827::200a
2a04:4e42:600::291
34.120.195.249
34.208.191.20
52.219.98.226
52.49.17.168
52.9.112.97
54.187.119.242
54.204.171.73
64.4.245.84
65.9.95.18
65.9.95.7
00c109d9aa9011cb1670f6377685331ab324c91a7edb1fb690a49d4d078c08a7
031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b
114eb320bbdb4ab5ee1b039d0fc3a819d1b059b9913f5ef073cb8e36790a122c
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2b136d3c28d9287e35fb4fa0f958505cf2ded3f3b2110d9647ab31f23fd2b62f
2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460
2f5fd74e3bf00a0e9a539d9398619edf4a8d7431f97f4a246844fc31d479c6b8
30422efae6db839e865338052e99fa4fb5d6dbc9fb2c689f18685edfb2892692
4112a0917dcf6b1a8461a8add4b92b32286ef9e937e675fea34cc12ce7cb2867
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45d2d638b2febd87964c0534528daecb1cad955ef205c72c24f1b96f3c1aeb7d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
580e2faa4d5318def6d05cb6e21b7780c1ba285a29ac78bd619c1c5f15fd9a55
5a2634784199606dcc189820d62db1992c80bd304eeff59dd10ced7ac2b1e54c
5a7314c082dcea39d37b314d5e8de15dd6a2323285e2eb5b756178654ab300aa
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
602d456c84ed103e805b520ad40009fdd9b9fb284b415ec273e8037a8a16216e
609bbb7a0c6dfae1c78219c927aa9e2c524f1baab8eac437f5b517ff74f009bb
61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
6654416ff7d3d6887792d280ea17d7f6d7ff4cf7ca5a503fdb5a665fe54c4fe6
68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70859c4d97ad5b6202a50b165b8d9ff4058800042aac66b401dbf868015c7cdd
70d3a81bdd2a985d5930c4b03b4939936f1f0919f5f053d9e3a0bd26a7babbf5
750516402ad21314a6f33e4a847fe323fffab60e1d7a405797b0da33ad79c8aa
79dd08ce14875b67ab030f02edfdca57c4c5f42acacc9ce4e3b4583f0d40b8a6
7dd8310a8b0934ba8dc7a0dc8d30b6abe154138ee731bbb6148d363ff00c9f2a
7f783039ba78e25ca948b8c94c0e6c48f5a10603042b3eaccc2dd61eb31b46cb
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8b0f0c5420a2d837d14bb7c4e2a97383a14111fe1abd913a9237b4fa68ffcb3c
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
973c4c25215299f552b28f343557f134381c0faedcf531ee145f03d2356dca7f
99c78119a51c9f3e89b4841ad923c7002853786dd93246199169053ed73bbb51
9a5ac8c4dfa1714b207d075d9dce3a82a639c5154ee600a935a99297152622b2
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b1edba09a92cc8a52b69c18ec834510950b98f387cbe6014a53f92c5579a3725
b48e1141180d9eb4297ddc69ce9b46565ca016186d9ad11471238c620e89beee
b6918f0f7a4745c4ff5f00786438935cf32c146f14dba7b96c37a054aa2df3ab
cc488645715f63436989f441f1389e65fafd679173f2e9de17d54e9a92cb8c89
d2370cff1a89db5d856a6a1a90139e0b6588145843813716b381854433ec07bf
d50106fa1a13ce95ef3d8f13dec4573705692e39199f75e1c934871f6475336d
d5f6a61fa63d655434c1a48947edb5bed413d18d25c1f50fba599f98dfd2203c
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
dd42a8ddeb8e0d957470b5f788533628254d09103c59fb4a9f6929c389c7189f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb49784b0828f486032ffd67cbc3b516e4942a50cbe45aaa647d6726fbf1805a
ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f299570812f10a5431a335b867b9b72fa745fe0050f071f443603a47f34a8cdd
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f92fc068e1c85704cee3530e601f657d0023d9704b1aac4b37ea11f9a614b548

momence.com Open in urlscan Pro 2606:4700:20::681a:357 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

99 %HTTPS

29 %IPv6

12 Domains

23 Subdomains

22 IPs

3 Countries

3480 kBTransfer

8077 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

momence.com Open in urlscan Pro
2606:4700:20::681a:357 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

99 %
HTTPS

29 %
IPv6

12
Domains

23
Subdomains

22
IPs

3
Countries

3480 kB
Transfer

8077 kB
Size

15
Cookies

100 HTTP transactions
1 data transactions