app.moonclerk.com Open in urlscan Pro
34.196.44.209  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set 16mv7h7bbkobs Show response app.moonclerk.com/manage/	4 KB 3 KB	439ms 163ms	Document text/html	34.196.44.209 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.moonclerk.com/manage/16mv7h7bbkobs Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.196.44.209 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-196-44-209.compute-1.amazonaws.com Software Cowboy / Resource Hash cf3665c00a27aeb4c4c771cf5e17b5e8f3b5b73ad26ff4775165cd4ba77bb5b2 Security Headers Name Value Content-Security-Policy frame-ancestors https://app.optimizely.com 'self' Strict-Transport-Security max-age=3600; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host app.moonclerk.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server Cowboy Date Tue, 20 Oct 2020 15:58:50 GMT Connection keep-alive X-Xss-Protection 1; mode=block X-Content-Type-Options nosniff X-Download-Options noopen X-Permitted-Cross-Domain-Policies none Referrer-Policy strict-origin-when-cross-origin Content-Security-Policy frame-ancestors https://app.optimizely.com 'self' Content-Type text/html; charset=utf-8 Etag W/"cf3665c00a27aeb4c4c771cf5e17b5e8" Cache-Control max-age=0, private, must-revalidate Set-Cookie _moonclerk_session=cnZUSzRVTzloc3ozRDBNSGZlT09jeVZaampqOEYrbC90WU56NHU4UFQ0T0g4dkVQdnByZUZ4Sys4TmNsUllIK0YybFdhdFRlSjNucS91dmptQ2R3N0piRGRJeUtsSUhLRGRqYnBOM2dDb3lLMm5WYVdrVkRsKzR5eHBOd2Rla095RWdwTGszUXhMdmxWOE4xVWRyenA0WHVNQUI5YlJVSE43VlZ1bnVMSmVDNFVXN1I3L1NFMmY1RHpmV1dDYU1DLS1XcG5tUmpWZ1BKZWU5REx4V1NSUEl3PT0%3D--bd6a15b22c9afe2a10eaef27303e8c304dafed65; path=/; secure; HttpOnly X-Request-Id 486cd593-2357-44d1-ba2f-1cae2887f457 X-Runtime 0.029962 Vary Accept-Encoding Content-Encoding gzip Strict-Transport-Security max-age=3600; includeSubDomains Transfer-Encoding chunked Via 1.1 vegur
GET H/1.1	200 OK	portal_v3-10117c16e764d29b988fcc9a0067cf99c6e854ff635d8fc8eb1dc5a52119bf93.css d2l7e0y6ygya2s.cloudfront.net/assets/	107 KB 19 KB	152ms 58ms	Stylesheet text/css	54.230.182.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2l7e0y6ygya2s.cloudfront.net/assets/portal_v3-10117c16e764d29b988fcc9a0067cf99c6e854ff635d8fc8eb1dc5a52119bf93.css Requested by Host: app.moonclerk.com URL: https://app.moonclerk.com/manage/16mv7h7bbkobs Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.230.182.35 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-182-35.ham50.r.cloudfront.net Software Cowboy / Resource Hash 2e891b5a49e9ec162f5117343fb8d7665ac3d4a1fc32982c0f8d5aa3fbaa32e5 Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers Referer https://app.moonclerk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=3600; includeSubDomains Via 1.1 vegur, 1.1 c1fa4f08ddf9c5144bf29ba0fe671431.cloudfront.net (CloudFront) Last-Modified Wed, 07 Oct 2020 19:07:35 GMT Server Cowboy X-Amz-Cf-Pop HAM50-C3 Date Tue, 20 Oct 2020 15:58:51 GMT Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Cache-Control public, max-age=86400 Connection keep-alive Content-Encoding gzip Content-Length 18803 X-Amz-Cf-Id 1CAIDPmunWTsUFs3zO2RX_nBok2E3YCrKy5egIlx2UzYYhvWue5S7Q==
GET H2	200	/ Show response js.stripe.com/v3/	185 KB 48 KB	152ms 31ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: app.moonclerk.com URL: https://app.moonclerk.com/manage/16mv7h7bbkobs Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5638d82ace670b41f3ecd1bad90040f39719bac604505834bf444511c2839764 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://app.moonclerk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 20 Oct 2020 15:58:51 GMT content-encoding gzip vary Accept-Encoding age 164 via 1.1 varnish x-cache HIT status 200 content-length 48842 x-amz-id-2 MHnZJeE1N3f6tCcj9gyN37/P7n3ivJ61Y9WoAy9tcB1M0mMZrXzeei6vMFp0xpnu6MbJgWLSjXU= x-served-by cache-fra19139-FRA timing-allow-origin * last-modified Mon, 19 Oct 2020 19:42:07 GMT server AmazonS3 etag "7445b2621658db0f43f2699c5c00c19b" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 41CC0CB0436B232E access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 83
GET H/1.1	200 OK	portal-554a0884a0b470b2f83f.js Show response d2l7e0y6ygya2s.cloudfront.net/packs/js/	389 KB 108 KB	136ms 42ms	Script application/javascript	54.230.182.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2l7e0y6ygya2s.cloudfront.net/packs/js/portal-554a0884a0b470b2f83f.js Requested by Host: app.moonclerk.com URL: https://app.moonclerk.com/manage/16mv7h7bbkobs Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.230.182.35 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-182-35.ham50.r.cloudfront.net Software Cowboy / Resource Hash 095e34adcac64719d1bf2977b05481ba5ef0269ff568426f8c272c6a4e10863a Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers Referer https://app.moonclerk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 20 Oct 2020 06:46:53 GMT Content-Encoding gzip Connection keep-alive Last-Modified Mon, 19 Oct 2020 19:59:10 GMT Server Cowboy Age 33118 Vary Accept-Encoding Strict-Transport-Security max-age=3600; includeSubDomains Content-Type application/javascript Via 1.1 vegur, 1.1 6eabffd9312b994dd9c1277b403ac16f.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 X-Cache Hit from cloudfront X-Amz-Cf-Pop HAM50-C3 Content-Length 110124 X-Amz-Cf-Id ta5ur8v3aKkteDybISw_DETr1LEYF7MSUCnxsYeEgI2B3ij2c2s0Ag==
GET H/1.1	200 OK	lock@2x-3b8acc37761c25710abaa4e9b51925c1f2281baaf3a68245812a54fe0b614542.png d2l7e0y6ygya2s.cloudfront.net/assets/	1 KB 2 KB	449ms 448ms	Image image/png	54.230.182.35 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2l7e0y6ygya2s.cloudfront.net/assets/lock@2x-3b8acc37761c25710abaa4e9b51925c1f2281baaf3a68245812a54fe0b614542.png Requested by Host: app.moonclerk.com URL: https://app.moonclerk.com/manage/16mv7h7bbkobs Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.230.182.35 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-182-35.ham50.r.cloudfront.net Software Cowboy / Resource Hash 2e06e8c07348e99801a2ea6b10462675cc031c03883b757674a613f734462745 Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers Referer https://app.moonclerk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=3600; includeSubDomains Via 1.1 vegur, 1.1 6eabffd9312b994dd9c1277b403ac16f.cloudfront.net (CloudFront) Last-Modified Mon, 29 Jun 2020 19:05:03 GMT Server Cowboy X-Amz-Cf-Pop HAM50-C3 Date Tue, 20 Oct 2020 15:58:51 GMT X-Cache RefreshHit from cloudfront Content-Type image/png Cache-Control no-transform Connection keep-alive Content-Length 1289 X-Amz-Cf-Id nibRnCQ6bEHOyB4z3cQUCNUh9asCY7kz2We3F09pUQpvm26Rv8S_FA==
GET H/1.1	200 OK	powered-logo@2x-c66a24fd46759d558c0f7e3bbef756450d21e52acc26fe90cd4f9e51868d35a4.png d2l7e0y6ygya2s.cloudfront.net/assets/	3 KB 4 KB	49ms 49ms	Image image/png	54.230.182.35 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2l7e0y6ygya2s.cloudfront.net/assets/powered-logo@2x-c66a24fd46759d558c0f7e3bbef756450d21e52acc26fe90cd4f9e51868d35a4.png Requested by Host: app.moonclerk.com URL: https://app.moonclerk.com/manage/16mv7h7bbkobs Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.230.182.35 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-182-35.ham50.r.cloudfront.net Software Cowboy / Resource Hash 9f8fde81da9960472ac62db27aed23d13465b873e1b487a34573b156ab455c25 Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers Referer https://app.moonclerk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=3600; includeSubDomains Via 1.1 vegur, 1.1 c1fa4f08ddf9c5144bf29ba0fe671431.cloudfront.net (CloudFront) Last-Modified Mon, 29 Jun 2020 19:05:03 GMT Server Cowboy X-Amz-Cf-Pop HAM50-C3 Date Tue, 20 Oct 2020 15:58:51 GMT X-Cache Hit from cloudfront Content-Type image/png Cache-Control public, max-age=86400, no-transform Connection keep-alive Content-Length 3511 X-Amz-Cf-Id bVLwFnKSs41bNntqAAfEchU-4AleXtZw2ScrTeaQODPJNK2OcWplrw==
GET H2	200	m-outer-c24e335c6ecfefe514d6ff32b3c40a6f.html js.stripe.com/v3/ Frame 7763	0 0	30ms 30ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-c24e335c6ecfefe514d6ff32b3c40a6f.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash Security Headers Name Value Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-c24e335c6ecfefe514d6ff32b3c40a6f.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://app.moonclerk.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://app.moonclerk.com/ Response headers status 200 x-amz-id-2 jZj3LhH9SCNsmSl9WgUxnHtGqIJ7hzbBLJTylOvzICRSoE9Xgv4Ig8rm/aetQ9Kv8z9cRfJKvRE= x-amz-request-id DCE4870236DA373E last-modified Wed, 07 Oct 2020 20:18:55 GMT etag "c24e335c6ecfefe514d6ff32b3c40a6f" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding gzip accept-ranges bytes date Tue, 20 Oct 2020 15:58:51 GMT via 1.1 varnish age 82 x-served-by cache-fra19139-FRA x-cache HIT x-cache-hits 101 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 186

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| Stripe object| __core-js_shared__ object| core function| jQuery function| $ boolean| _rails_loaded object| Select2 object| regeneratorRuntime

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.moonclerk.com/	1969-12-31 23:59:59	Name: _moonclerk_session Value: cnZUSzRVTzloc3ozRDBNSGZlT09jeVZaampqOEYrbC90WU56NHU4UFQ0T0g4dkVQdnByZUZ4Sys4TmNsUllIK0YybFdhdFRlSjNucS91dmptQ2R3N0piRGRJeUtsSUhLRGRqYnBOM2dDb3lLMm5WYVdrVkRsKzR5eHBOd2Rla095RWdwTGszUXhMdmxWOE4xVWRyenA0WHVNQUI5YlJVSE43VlZ1bnVMSmVDNFVXN1I3L1NFMmY1RHpmV1dDYU1DLS1XcG5tUmpWZ1BKZWU5REx4V1NSUEl3PT0%3D--bd6a15b22c9afe2a10eaef27303e8c304dafed65

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://app.optimizely.com 'self'
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.moonclerk.com
d2l7e0y6ygya2s.cloudfront.net
js.stripe.com
151.101.12.176
34.196.44.209
54.230.182.35
095e34adcac64719d1bf2977b05481ba5ef0269ff568426f8c272c6a4e10863a
2e06e8c07348e99801a2ea6b10462675cc031c03883b757674a613f734462745
2e891b5a49e9ec162f5117343fb8d7665ac3d4a1fc32982c0f8d5aa3fbaa32e5
5638d82ace670b41f3ecd1bad90040f39719bac604505834bf444511c2839764
9f8fde81da9960472ac62db27aed23d13465b873e1b487a34573b156ab455c25
cf3665c00a27aeb4c4c771cf5e17b5e8f3b5b73ad26ff4775165cd4ba77bb5b2