urlscan.io logo urlscan.io
SecurityTrails logo

pay.mirandachesnutrealestate.com Open in urlscan Pro
34.234.126.233  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.mirandachesnutrealestate.com/
Submission: On January 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 9 domains to perform 66 HTTP transactions. The main IP is 34.234.126.233, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pay.mirandachesnutrealestate.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 12th 2024. Valid for: a year.
This is the only time pay.mirandachesnutrealestate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    34.234.126.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-126-233.compute-1.amazonaws.com
pay.mirandachesnutrealestate.com
9    13.224.214.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-115.phl50.r.cloudfront.net
cdn.poynt.net
8    2607:f8b0:4006:80e::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
12    2607:f8b0:4006:80f::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    13.224.208.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-22.phl50.r.cloudfront.net
d85ecz8votkqa.cloudfront.net
6    23.206.172.151 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-151.deploy.static.akamaitechnologies.com
img1.wsimg.com
4    2607:f8b0:4004:c19::5c (Washington, United States)

ASN15169 (GOOGLE, US)
pay.google.com
8    2600:141b:1c00:16::17c4:32a (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
4    2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.233.17.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-17-206.compute-1.amazonaws.com
services.poynt.net
6    2607:f8b0:4006:816::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
play.google.com
2    130.211.34.183 (None, )

ASN- ()
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
18 google.com
www.google.com — Cisco Umbrella Rank: 2
pay.google.com — Cisco Umbrella Rank: 2630
play.google.com — Cisco Umbrella Rank: 31
489 KB
16 gstatic.com
www.gstatic.com
fonts.gstatic.com
1020 KB
11 poynt.net
cdn.poynt.net — Cisco Umbrella Rank: 105206
services.poynt.net — Cisco Umbrella Rank: 239157
481 KB
8 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 8665
2 KB
6 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 7508
41 KB
6 cloudfront.net
d85ecz8votkqa.cloudfront.net
153 KB
2 mixpanel.com
api-js.mixpanel.com
460 B
1 mirandachesnutrealestate.com
pay.mirandachesnutrealestate.com
2 KB
0 godaddy.com Failed
poynt.godaddy.com Failed
66 9
Domain Requested by
12 www.gstatic.com www.google.com
pay.google.com
www.gstatic.com
9 cdn.poynt.net pay.mirandachesnutrealestate.com
cdn.poynt.net
8 events.api.secureserver.net img1.wsimg.com
8 www.google.com pay.mirandachesnutrealestate.com
www.gstatic.com
cdn.poynt.net
www.google.com
6 play.google.com www.gstatic.com
6 img1.wsimg.com 3 redirects pay.mirandachesnutrealestate.com
6 d85ecz8votkqa.cloudfront.net pay.mirandachesnutrealestate.com
cdn.poynt.net
4 fonts.gstatic.com www.google.com
4 pay.google.com cdn.poynt.net
pay.google.com
pay.mirandachesnutrealestate.com
www.gstatic.com
2 api-js.mixpanel.com cdn.poynt.net
2 services.poynt.net cdn.poynt.net
1 pay.mirandachesnutrealestate.com
0 poynt.godaddy.com Failed cdn.poynt.net
66 13

This site contains no links.

Subject Issuer Validity Valid
pay.mirandachesnutrealestate.com
Go Daddy Secure Certificate Authority - G2		 2024-01-12 -
2025-01-12		 a year crt.sh
*.poynt.net
Go Daddy Secure Certificate Authority - G2		 2023-10-12 -
2024-11-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-07-10 -
2024-08-10		 a year crt.sh
*.mixpanel.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-02-13 -
2024-03-15		 a year crt.sh

This page contains 6 frames:

Primary Page: https://pay.mirandachesnutrealestate.com/
Frame ID: 9F2E891126D5D68451186869CE42938D
Requests: 18 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=6e05bc0c-908f-4de3-8751-37e6f8f07b5f&enableCardOnFile=false
Frame ID: 8EC48A4E8878A1AA267D828A2EB94188
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
Frame ID: 4452EE9D28AB3079F37B27F0C5E2CA1D
Requests: 8 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.mirandachesnutrealestate.com&mid=
Frame ID: C616A0B28FB5792102D185E3F3A52083
Requests: 10 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=09239641-ffc7-4f4e-bcf0-0eba0f56c69a&enableReCaptcha=false&enableCardOnFile=false
Frame ID: BED9664C78C03DE6800A2192D202980E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
Frame ID: 36CB8AEBCE44EB94E1BD2BAE19E531D2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online payment @ pay.mirandachesnutrealestate.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Page Statistics

66
Requests

94 %
HTTPS

50 %
IPv6

9
Domains

13
Subdomains

13
IPs

1
Countries

2188 kB
Transfer

5940 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Request Chain 21
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Request Chain 29
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.mirandachesnutrealestate.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.mirandachesnutrealestate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.234.126.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-126-233.compute-1.amazonaws.com
Software
/
Resource Hash
db075d9a84feaffe10448a916c3a84a0386eaccecaa04d52095a0bdc024550ec
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 13 Jan 2024 02:54:14 GMT
last-modified
Sat, 13 Jan 2024 02:54:14 GMT
transfer-encoding
chunked
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
bundle.5a143.css
cdn.poynt.net/checkout/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/checkout/bundle.5a143.css
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96c149495f920f27a78b10cc583bcfeb01c8bd3332f28df5af77c9c613535e8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
jshHMYe..hTmDBwbRKJ7z2bbgLoz5BCI
Content-Encoding
gzip
Via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
Date
Fri, 12 Jan 2024 23:03:16 GMT
X-Amz-Cf-Pop
PHL50-C1
Age
13859
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Mon, 08 Jan 2024 23:02:28 GMT
Server
AmazonS3
ETag
W/"ad7d8898991dfac12b855f590f906011"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
TcZoUXaeORiH_oH_YFUXNjNwmrmBtQYg2IXzovjo7uSNTVA1O_oFqg==
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3813e21210e20a09707275b9e35c72a85a5631c4462b774091666af532442133
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:54:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 02:54:14 GMT
bundle.6403d.js
cdn.poynt.net/checkout/ 		310 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/checkout/bundle.6403d.js
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
862d399c75dadd5c6eb5eeacce01cf698704f9f03b9cb5c25c276dddcba302a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
ODSZro_aGRvRWDT0AykjvaRSGnFpbda7
Content-Encoding
gzip
Via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
Date
Fri, 12 Jan 2024 19:00:33 GMT
X-Amz-Cf-Pop
PHL50-C1
Age
28524
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Wed, 10 Jan 2024 18:58:14 GMT
Server
AmazonS3
ETag
W/"c338eb9656fc5b62d39851b22422e4e0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
UYz5ZAu1D5Cd2gaJ5PaFGp50729R750kyHV7VVYYPliraAoloszmEQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.mirandachesnutrealestate.com/
Origin
https://pay.mirandachesnutrealestate.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:13:07 GMT
godaddy-paleblue.png
d85ecz8votkqa.cloudfront.net/payments-hub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d85ecz8votkqa.cloudfront.net/payments-hub/godaddy-paleblue.png
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-22.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97295cea001f1806f7ab973ff388da4f7f224b6fd27e807837659d6adf971cc3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
zyl6gc_zBUlc2gx6LoQz1ikQ7sgkA_Sf
Date
Sat, 13 Jan 2024 01:14:16 GMT
Via
1.1 aa68d5eaf078dffca4154e55039dbb84.cloudfront.net (CloudFront)
Last-Modified
Tue, 20 Jul 2021 19:01:09 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL50-C1
Age
5999
ETag
"795f4e9c5435d55bcb653c7375720867"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1314
X-Amz-Cf-Id
E3US9qSbihjWBknYgEZwf3QjQt9RSdQ2JzncPTR8VZ5kcct0KDkehw==
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-medium.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.5a143.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-22.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7

Request headers

Referer
https://cdn.poynt.net/
Origin
https://pay.mirandachesnutrealestate.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 02:54:15 GMT
x-amz-version-id
O2_FvwQ7bp4A8VDgoUeX_pLXSi2TQNq4
Via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
28756
Last-Modified
Thu, 15 Jul 2021 12:19:23 GMT
Server
AmazonS3
ETag
"33cab99d83b92952776a42f7405bbfab"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
zdRvH_ZbAQeDDhQ1yYcFGcLIpyPingNghxG1jPgPu1-zSVXRVRvtZw==
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-bold.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.5a143.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-22.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f

Request headers

Referer
https://cdn.poynt.net/
Origin
https://pay.mirandachesnutrealestate.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 02:54:15 GMT
x-amz-version-id
3Dyzakh4wMsc.y1PkiMMDvjFWzWRoakF
Via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
28188
Last-Modified
Thu, 15 Jul 2021 12:19:14 GMT
Server
AmazonS3
ETag
"01ea0c70c6d59c1120d417973884a561"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
DPM9hVNXUfaeq2fvdyX1ZHYrT8TuLcPh3Y2mAhb2Hbxa7sxFNOcBaA==
collect.js
cdn.poynt.net/ 		328 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.6403d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
X_euGqT2NqN_m_59DTirI9VIAgKhcqdV
Content-Encoding
gzip
Via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
Date
Fri, 12 Jan 2024 17:06:31 GMT
X-Amz-Cf-Pop
PHL50-C1
Age
35264
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:24 GMT
Server
AmazonS3
ETag
W/"e2da51fbf119e1d064b41740e1185dce"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
-kXJVCxKE60d9QES0jHQO8R7oo4EjcIhZ7dtYPZTszCi_c5_BgBWfw==
tccl.min.js
img1.wsimg.com/signals/js/clients/tccl/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
H2
Server
23.206.172.151 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding
gzip
date
Sat, 13 Jan 2024 02:54:15 GMT
x-amz-request-id
9JEJVGW29H5PJA15
x-amz-server-side-encryption
AES256
x-amz-meta-version
2.0.2
content-length
13404
x-amz-id-2
ZRr6P7Ih/7HBTezGtX4WSPykLzrpte0V4TzDCUfFi+7tfP1XStoejXNfRxlEgJgB7h8OmeQhN3vqgmWS5FaZPw==
last-modified
Wed, 18 Oct 2023 16:44:03 GMT
etag
"8e70743bdf9b3d3adbb26471c84a006c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 03:24:15 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin
*
date
Sat, 13 Jan 2024 02:54:14 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Sun, 12 Jan 2025 02:54:14 GMT
pay.js
pay.google.com/gp/p/js/ 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-DJdTBiQ7favXwXVs_wSUlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:54:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-DJdTBiQ7favXwXVs_wSUlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 13 Jan 2024 02:54:15 GMT
index.html
cdn.poynt.net/collect/ Frame 8EC4 		742 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=6e05bc0c-908f-4de3-8751-37e6f8f07b5f&enableCardOnFile=false
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27

Request headers

Referer
https://pay.mirandachesnutrealestate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
35264
Connection
keep-alive
Content-Length
742
Content-Type
text/html
Date
Fri, 12 Jan 2024 17:07:12 GMT
ETag
"34ec6f6eeadfb689dab02af4443ffcac"
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
Vary
Accept-Encoding
Via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jIpZxw0qYxthPgWvF-k65-Rf35dLiGlqecoLBoQsj2ewkw7UtAy9fw==
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
x-amz-server-side-encryption
AES256
x-amz-version-id
tSYxw13QEIpreYtDHun_ZI.ClRHXeGtG
anchor
www.google.com/recaptcha/enterprise/ Frame 4452 		41 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1ba283da1d62bcaa542f7cc7c1f0bff6a12a625bdb884e1c4926b4af7e0e94f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rrfb9LU4GlNJxQag92FqYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay.mirandachesnutrealestate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Rrfb9LU4GlNJxQag92FqYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 02:54:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main.baaf5f56.js
cdn.poynt.net/collect/static/js/ Frame 8EC4 		502 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=6e05bc0c-908f-4de3-8751-37e6f8f07b5f&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
RjxNpQuXFCNB7_IZ3lQtGpDCbnwbcfGk
Content-Encoding
gzip
Via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
Date
Fri, 12 Jan 2024 17:07:13 GMT
X-Amz-Cf-Pop
PHL50-C1
Age
35264
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
ETag
W/"5d2625e6351777f666faebee7af6bb2e"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
JJfg9saeyjxse41slwnGxQ6zCwZjsHrg7N1_8z_e8xxZGKKRIaLj4w==
main.7f7ece38.css
cdn.poynt.net/collect/static/css/ Frame 8EC4 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=6e05bc0c-908f-4de3-8751-37e6f8f07b5f&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
UZzRUaNMW9q0ocXZ5m8RpwUVxDpaZlQR
Content-Encoding
gzip
Via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
Date
Fri, 12 Jan 2024 03:40:12 GMT
X-Amz-Cf-Pop
PHL50-C1
Age
83670
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
ETag
W/"93492fd5625e828aab0ed373d20bb5a3"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
mIPxm1aGgu_cMeAV6soPsUDVhgaWNRvH9ScKyZxTh37enQvNxFHQyQ==
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4452 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 15:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 15:59:31 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4452 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:13:07 GMT
payframe
pay.google.com/gp/p/ui/ Frame C616 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.mirandachesnutrealestate.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02ce3ae223334c28e3b3f78ceb6db165b248ae3b587728f1f3452fa48d67f7cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LYpC48RcwUkmDUMocbAe_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.mirandachesnutrealestate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LYpC48RcwUkmDUMocbAe_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sat, 13 Jan 2024 02:54:15 GMT
expires
Sat, 13 Jan 2024 02:54:15 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
index.html
cdn.poynt.net/collect/ Frame BED9 		742 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=09239641-ffc7-4f4e-bcf0-0eba0f56c69a&enableReCaptcha=false&enableCardOnFile=false
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27

Request headers

Referer
https://pay.mirandachesnutrealestate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
35265
Connection
keep-alive
Content-Length
742
Content-Type
text/html
Date
Fri, 12 Jan 2024 17:17:16 GMT
ETag
"34ec6f6eeadfb689dab02af4443ffcac"
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
Vary
Accept-Encoding
Via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Fqbni2BUdY4_MQmp_i0PAQiv0lD1huI6QnTGbpwYox06byTkeK5Y4w==
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
x-amz-server-side-encryption
AES256
x-amz-version-id
tSYxw13QEIpreYtDHun_ZI.ClRHXeGtG
event
events.api.secureserver.net/t/1/tl/ 		43 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114455183&dh=pay.mirandachesnutrealestate.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=1140482405&cv=2.0.2&z=543412118&vg=949efe65-f7bc-57dd-8623-6487c0b994ca&vtg=949efe65-f7bc-57dd-8623-6487c0b994ca&dp=%2F&ap=PaylinkC2&trfd=%7B%22ap%22%3A%22PaylinkC2%22%7D&hit_id=3cd6858e-43a2-5fb1-af50-7819844f1683&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:15 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://pay.mirandachesnutrealestate.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
main.baaf5f56.js
cdn.poynt.net/collect/static/js/ Frame BED9 		502 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=09239641-ffc7-4f4e-bcf0-0eba0f56c69a&enableReCaptcha=false&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=09239641-ffc7-4f4e-bcf0-0eba0f56c69a&enableReCaptcha=false&enableCardOnFile=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
RjxNpQuXFCNB7_IZ3lQtGpDCbnwbcfGk
Content-Encoding
gzip
Via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
Date
Fri, 12 Jan 2024 17:51:18 GMT
X-Amz-Cf-Pop
PHL50-C1
Age
35264
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
ETag
W/"5d2625e6351777f666faebee7af6bb2e"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
-vdUyro6xWQ41bcX4KOcf6gltUG_eMOzj3cb2fzzot78_nkPfOtQkg==
main.7f7ece38.css
cdn.poynt.net/collect/static/css/ Frame BED9 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=09239641-ffc7-4f4e-bcf0-0eba0f56c69a&enableReCaptcha=false&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-115.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=97e34fca-b5fd-42d0-91c1-ccba1c519445&applicationId=urn%3Aaid%3Apoynt.net&sessionId=09239641-ffc7-4f4e-bcf0-0eba0f56c69a&enableReCaptcha=false&enableCardOnFile=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
iNmxMadTeQLuCB5iwClQqedJldWcJiSv
Content-Encoding
gzip
Via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
Date
Fri, 12 Jan 2024 10:51:18 GMT
X-Amz-Cf-Pop
PHL50-C1
Age
83670
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Mon, 11 Dec 2023 16:41:15 GMT
Server
AmazonS3
ETag
W/"93492fd5625e828aab0ed373d20bb5a3"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
T5HeXhtozLvdf2m7bMxB5GKQxoaToc6ZEb3ETjvcA7_SuNLvb-5dUA==
tccl.min.js
img1.wsimg.com/signals/js/clients/tccl/ Frame 8EC4
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
H2
Server
23.206.172.151 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding
gzip
date
Sat, 13 Jan 2024 02:54:15 GMT
x-amz-request-id
9JEJVGW29H5PJA15
x-amz-server-side-encryption
AES256
x-amz-meta-version
2.0.2
content-length
13404
x-amz-id-2
ZRr6P7Ih/7HBTezGtX4WSPykLzrpte0V4TzDCUfFi+7tfP1XStoejXNfRxlEgJgB7h8OmeQhN3vqgmWS5FaZPw==
last-modified
Wed, 18 Oct 2023 16:44:03 GMT
etag
"8e70743bdf9b3d3adbb26471c84a006c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 03:24:15 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin
*
date
Sat, 13 Jan 2024 02:54:15 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Sun, 12 Jan 2025 02:54:15 GMT
enterprise.js
www.google.com/recaptcha/ Frame 8EC4 		1 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f497510887a970081306ab0aa88c785a2addc1fee98e0b993564978552a39b09
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 02:54:15 GMT
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame 8EC4 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-medium.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-22.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7

Request headers

Referer
https://cdn.poynt.net/
Origin
https://cdn.poynt.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
O2_FvwQ7bp4A8VDgoUeX_pLXSi2TQNq4
Date
Fri, 12 Jan 2024 19:02:14 GMT
Via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
28321
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28756
Last-Modified
Thu, 15 Jul 2021 12:19:23 GMT
Server
AmazonS3
ETag
"33cab99d83b92952776a42f7405bbfab"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
5fl7cUNIa7fic9_zpiwuEhzJft9JEHETJphR55j8xTg8GAD25yP3Fg==
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame 8EC4 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-bold.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-22.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f

Request headers

Referer
https://cdn.poynt.net/
Origin
https://cdn.poynt.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
3Dyzakh4wMsc.y1PkiMMDvjFWzWRoakF
Date
Fri, 12 Jan 2024 19:02:14 GMT
Via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
28321
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28188
Last-Modified
Thu, 15 Jul 2021 12:19:14 GMT
Server
AmazonS3
ETag
"01ea0c70c6d59c1120d417973884a561"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
p_diupnUatGsJHBCmGaDji8aGTHtYrgEEXvC8txPiif0S_qY7Bf7Uw==
gd-sherpa-regular.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame 8EC4 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-regular.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-22.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53bcb1ac12397043989c7cfd3e39017e0dc80711ef4a0f36eb5a12e3c2e2bf3a

Request headers

Referer
https://cdn.poynt.net/
Origin
https://cdn.poynt.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
LlnImV1k4.8VH0ionwgOdCfmIburlnAU
Date
Fri, 12 Jan 2024 19:02:15 GMT
Via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
28321
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
37104
Last-Modified
Thu, 15 Jul 2021 12:19:12 GMT
Server
AmazonS3
ETag
"b6a90e27204597cb6eddb31f93a90bfa"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
wrf7mdz-lqOzN1VzX67yJckBCuCGRyPtWi64fvqq7dzjvD06mzGLjw==
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame C616 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.mirandachesnutrealestate.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0907b4aa82a15c779c30330fe6a51314edb838168870e2fe7e535276e3034828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 04:38:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 17:11:47 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C616 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 13 Jan 2024 02:54:15 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8EC4 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.poynt.net/
Origin
https://cdn.poynt.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:13:07 GMT
tccl.min.js
img1.wsimg.com/signals/js/clients/tccl/ Frame BED9
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by
Host: pay.mirandachesnutrealestate.com
URL: https://pay.mirandachesnutrealestate.com/
Protocol
H2
Server
23.206.172.151 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding
gzip
date
Sat, 13 Jan 2024 02:54:15 GMT
x-amz-request-id
9JEJVGW29H5PJA15
x-amz-server-side-encryption
AES256
x-amz-meta-version
2.0.2
content-length
13404
x-amz-id-2
ZRr6P7Ih/7HBTezGtX4WSPykLzrpte0V4TzDCUfFi+7tfP1XStoejXNfRxlEgJgB7h8OmeQhN3vqgmWS5FaZPw==
last-modified
Wed, 18 Oct 2023 16:44:03 GMT
etag
"8e70743bdf9b3d3adbb26471c84a006c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 03:24:15 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin
*
date
Sat, 13 Jan 2024 02:54:15 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Sun, 12 Jan 2025 02:54:15 GMT
lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
www.google.com/js/bg/ Frame 4452 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
237779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 08:51:16 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4452 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:05:00 GMT
x-content-type-options
nosniff
age
305355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 16 Jan 2024 14:05:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4452 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:27:59 GMT
x-content-type-options
nosniff
age
1576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 02:27:59 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4452 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:47:10 GMT
x-content-type-options
nosniff
age
223625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 12:47:10 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 4452 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeTzQ0lAAAAAEfJH-2MTDuuhzLIAEZ7VZd98VDI&co=aHR0cHM6Ly9wYXkubWlyYW5kYWNoZXNudXRyZWFsZXN0YXRlLmNvbTo0NDM.&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=iyzdo1gv9t69
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 02:54:15 GMT
event
events.api.secureserver.net/t/1/tl/ Frame 8EC4 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114455483&dh=cdn.poynt.net&dr=https%3A%2F%2Fpay.mirandachesnutrealestate.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=1061523842&cv=2.0.2&z=304365012&vg=765a5771-315b-5168-8274-132eeac4475d&vtg=765a5771-315b-5168-8274-132eeac4475d&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=2558422c-d12f-57fa-8c05-7f07535ac80d&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:15 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ Frame 8EC4 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114455543&dh=cdn.poynt.net&dr=https%3A%2F%2Fpay.mirandachesnutrealestate.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=1061523842&cv=2.0.2&z=284554974&vg=1782a8d5-1b20-5366-abe8-3f1dd1a55cb2&vtg=1782a8d5-1b20-5366-abe8-3f1dd1a55cb2&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=60a6db99-0937-50d9-b7ef-5dd1bc897917&ht=perf&tce=1705114454970&tcs=1705114454970&tdc=1705114455228&tdclee=1705114455227&tdcles=1705114455227&tdi=1705114455189&tdl=1705114455097&tdle=1705114454970&tdls=1705114454970&tfs=1705114454970&tns=1705114454970&trqs=1705114454972&tre=1705114455006&trps=1705114455004&tles=1705114455228&tlee=1705114455228&nt=navigate&lcp=408&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:15 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
validate
services.poynt.net/businesses/97e34fca-b5fd-42d0-91c1-ccba1c519445/google-pay/ Frame BED9 		307 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.poynt.net/businesses/97e34fca-b5fd-42d0-91c1-ccba1c519445/google-pay/validate
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.17.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-17-206.compute-1.amazonaws.com
Software
/
Resource Hash
f9526d9ee98c341a123915806dae0e219e5a4605086db261f16aa3a491df601d

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Poynt-Session-Id
09239641-ffc7-4f4e-bcf0-0eba0f56c69a
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://cdn.poynt.net/
Poynt-Request-Id
3a36e1cb-4a60-4c17-87fd-57cd27f882a3
Poynt-Collect-Version
v2.0.41

Response headers

Date
Sat, 13 Jan 2024 02:54:15 GMT
Transfer-Encoding
chunked
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://cdn.poynt.net
Instance-Id
poynt-fargate/bcba8413823e44ce9658dcfa2e48ca85
Poynt-Request-Id
3a36e1cb-4a60-4c17-87fd-57cd27f882a3
Connection
keep-alive
Poynt-Build-Info
1.4.149-2024-01-05T21:34:22Z
validate
services.poynt.net/businesses/97e34fca-b5fd-42d0-91c1-ccba1c519445/google-pay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.poynt.net/businesses/97e34fca-b5fd-42d0-91c1-ccba1c519445/google-pay/validate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.17.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-17-206.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,poynt-collect-version,poynt-request-id,poynt-session-id
Access-Control-Request-Method
POST
Origin
https://cdn.poynt.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type, poynt-collect-version, poynt-request-id, poynt-session-id
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://cdn.poynt.net
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Sat, 13 Jan 2024 02:54:15 GMT
Instance-Id
poynt-fargate/451918ad1ac94a82b11b20241bbb8e85
Poynt-Build-Info
1.4.149-2024-01-05T21:34:22Z
Poynt-Request-Id
0c15e9e7-1c70-4fac-870f-4cce3cc4f03e
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-k... Frame C616 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjDfC78kPQfGpzCJkAyWrtIVIxMXw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73918053b6fb69d8979aefebf48c1a39e7cd181afdb5ac6f435c0269fd73eb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27614
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 04:21:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 17:14:21 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-k... Frame C616 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjDfC78kPQfGpzCJkAyWrtIVIxMXw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f13f02aaad5c331cbd9ea62875eeb70f9eccc6fd0f3f97f87a2d6051e1e3378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3742
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 04:21:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 17:25:56 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-k... Frame C616 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjDfC78kPQfGpzCJkAyWrtIVIxMXw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad75f91fe2a592369f5214ffc0b87250fc9898a9fea1856627ec8c552f6a0506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14295
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 04:21:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 17:25:56 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 36CB 		41 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b0ae1bcddeb95b5167dba225f4fb7df020d9dc2089bc9e63fcc6ce9ea64b4fd5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eAPNfN8jR3-y-SrtT7Rj7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.poynt.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eAPNfN8jR3-y-SrtT7Rj7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 02:54:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ Frame BED9 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114455659&dh=cdn.poynt.net&dr=https%3A%2F%2Fpay.mirandachesnutrealestate.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=2082688226&cv=2.0.2&z=1717221935&vg=0cacee3a-085e-5339-b892-83f50b55484a&vtg=0cacee3a-085e-5339-b892-83f50b55484a&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=5c549cec-ad12-51b6-a462-055bd25e1922&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:15 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ Frame BED9 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114455666&dh=cdn.poynt.net&dr=https%3A%2F%2Fpay.mirandachesnutrealestate.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=2082688226&cv=2.0.2&z=500772368&vg=79a5d3dd-993f-52a6-a75e-6446726faab4&vtg=79a5d3dd-993f-52a6-a75e-6446726faab4&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=c291429a-4514-5dcf-8c65-cdb9b395fbe3&ht=perf&tce=1705114455174&tcs=1705114455174&tdc=1705114455361&tdclee=1705114455361&tdcles=1705114455361&tdi=1705114455324&tdl=1705114455231&tdle=1705114455174&tdls=1705114455174&tfs=1705114455174&tns=1705114455173&trqs=1705114455176&tre=1705114455219&trps=1705114455208&tles=1705114455361&tlee=1705114455361&nt=navigate&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:15 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
pay
pay.google.com/gp/p/ui/ Frame C616 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68bff66cf8d82525aad285074b4c2115d1649b37a96b19b8c285a4477d0ede42
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-wBkLwbtuo842jqfjxNQfOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:54:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-wBkLwbtuo842jqfjxNQfOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 13 Jan 2024 02:54:15 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 36CB 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 15:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 15:59:31 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 36CB 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:13:07 GMT
lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
www.google.com/js/bg/ Frame 36CB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
237779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 08:51:16 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 36CB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:05:00 GMT
x-content-type-options
nosniff
age
305355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 16 Jan 2024 14:05:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 36CB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:27:59 GMT
x-content-type-options
nosniff
age
1576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 02:27:59 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 36CB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:47:10 GMT
x-content-type-options
nosniff
age
223625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 12:47:10 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 36CB 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=d4qabi31rq6j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Jan 2024 02:54:15 GMT
merchant
poynt.godaddy.com/api/b/checkout-urls/97e34fca-b5fd-42d0-91c1-ccba1c519445/apple-pay/ 		0
0
log
play.google.com/ Frame C616 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 13 Jan 2024 02:54:16 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 02:54:16 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 13 Jan 2024 02:54:16 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 13 Jan 2024 02:54:16 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C616 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 13 Jan 2024 02:54:16 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 02:54:16 GMT
log
play.google.com/ Frame C616 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dmoSfp-pJE8.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgTTSWOJHxKuqOXMWmxgClrnbzJzg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 13 Jan 2024 02:54:16 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 02:54:16 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 13 Jan 2024 02:54:16 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
event
events.api.secureserver.net/t/1/tl/ 		43 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114456001&dh=pay.mirandachesnutrealestate.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=1140482405&cv=2.0.2&z=1879815955&vg=949efe65-f7bc-57dd-8623-6487c0b994ca&vtg=949efe65-f7bc-57dd-8623-6487c0b994ca&dp=%2F&ap=PaylinkC2&trfd=%7B%22ap%22%3A%22PaylinkC2%22%7D&hit_id=faddc92f-c856-5550-99ea-42b8c1820dec&ht=pageevent&ea=click&eid=gdp.hub.opl_c2_load
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:16 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://pay.mirandachesnutrealestate.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114456003&dh=pay.mirandachesnutrealestate.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=1140482405&cv=2.0.2&z=1051558508&vg=949efe65-f7bc-57dd-8623-6487c0b994ca&vtg=949efe65-f7bc-57dd-8623-6487c0b994ca&dp=%2F&ap=PaylinkC2&trfd=%7B%22ap%22%3A%22PaylinkC2%22%7D&hit_id=c6a44d0f-15cb-555d-a168-c27c38656ede&ht=pageevent&ea=click&eid=gdp.hub.opl_c2_load_custom_amount
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:16 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://pay.mirandachesnutrealestate.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1705114456011&dh=pay.mirandachesnutrealestate.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&vci=1140482405&cv=2.0.2&z=1314620004&vg=949efe65-f7bc-57dd-8623-6487c0b994ca&vtg=949efe65-f7bc-57dd-8623-6487c0b994ca&dp=%2F&ap=PaylinkC2&trfd=%7B%22ap%22%3A%22PaylinkC2%22%7D&hit_id=3b8a5681-6a2b-5034-8452-8f895ec78316&ht=perf&tce=1705114454440&tcs=1705114454341&tdc=1705114455998&tdclee=1705114454804&tdcles=1705114454804&tdi=1705114454748&tdl=1705114454594&tdle=1705114454341&tdls=1705114454341&tfs=1705114454280&tns=1705114454280&trqs=1705114454440&tre=1705114454591&trps=1705114454590&tles=1705114455998&tlee=0&nt=navigate&lcp=578&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.mirandachesnutrealestate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 13 Jan 2024 02:54:16 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://pay.mirandachesnutrealestate.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
/
api-js.mixpanel.com/track/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1705114459855
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.6403d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://pay.mirandachesnutrealestate.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Sat, 13 Jan 2024 02:54:20 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://pay.mirandachesnutrealestate.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
31
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear
/
api-js.mixpanel.com/engage/ 		25 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/engage/?verbose=1&ip=1&_=1705114459857
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.6403d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://pay.mirandachesnutrealestate.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Sat, 13 Jan 2024 02:54:20 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://pay.mirandachesnutrealestate.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
46
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poynt.godaddy.com
URL
https://poynt.godaddy.com/api/b/checkout-urls/97e34fca-b5fd-42d0-91c1-ccba1c519445/apple-pay/merchant

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| _trfd object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| sendMessage function| checkHeight object| observer string| __PAYLINK__ object| payLink object| _expDataLayer function| TokenizeJs object| recaptcha object| closure_lm_181228 object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google boolean| _tcclPageReqFired object| _tcclInternal object| _signalsDataLayer object| tccl object| _trfq

4 Cookies

Domain/Path Name / Value
pay.mirandachesnutrealestate.com/ Name: mp_b3053c0785212011971a15669b094404_mixpanel
Value: %7B%22distinct_id%22%3A%20%2297e34fca-b5fd-42d0-91c1-ccba1c519445%22%2C%22%24device_id%22%3A%20%2218d00bdcb4c245-0d5eb486d4130a-68325750-1d4c00-18d00bdcb4d245%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%2297e34fca-b5fd-42d0-91c1-ccba1c519445%22%7D
.mirandachesnutrealestate.com/ Name: _tccl_visitor
Value: 949efe65-f7bc-57dd-8623-6487c0b994ca
.mirandachesnutrealestate.com/ Name: _tccl_visit
Value: 949efe65-f7bc-57dd-8623-6487c0b994ca
.google.com/ Name: NID
Value: 511=V-ynWzdSRkmJRj-YnN7iy2PaZ_ZvG7OaJr2WbdxZoNsaWFbs9-ekYNKw_vh7iHPRo9MsP6-g_LbHZL3gNP5-GLWs3wvC0am2v5u_mXgdVJJj-hoGgo2tlwpfMqIqDk4p9GcSug79KX91zvgU6rT8lBvz6nYqsMFnSw6F1nVp-yw

4 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://pay.mirandachesnutrealestate.com/
Message:
Access to fetch at 'https://poynt.godaddy.com/api/b/checkout-urls/97e34fca-b5fd-42d0-91c1-ccba1c519445/apple-pay/merchant' from origin 'https://pay.mirandachesnutrealestate.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://poynt.godaddy.com/api/b/checkout-urls/97e34fca-b5fd-42d0-91c1-ccba1c519445/apple-pay/merchant
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
cdn.poynt.net
d85ecz8votkqa.cloudfront.net
events.api.secureserver.net
fonts.gstatic.com
img1.wsimg.com
pay.google.com
pay.mirandachesnutrealestate.com
play.google.com
poynt.godaddy.com
services.poynt.net
www.google.com
www.gstatic.com
poynt.godaddy.com
13.224.208.22
13.224.214.115
130.211.34.183
23.206.172.151
2600:141b:1c00:16::17c4:32a
2607:f8b0:4004:c19::5c
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2003
3.233.17.206
34.234.126.233
02ce3ae223334c28e3b3f78ceb6db165b248ae3b587728f1f3452fa48d67f7cc
0907b4aa82a15c779c30330fe6a51314edb838168870e2fe7e535276e3034828
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3813e21210e20a09707275b9e35c72a85a5631c4462b774091666af532442133
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f
4f13f02aaad5c331cbd9ea62875eeb70f9eccc6fd0f3f97f87a2d6051e1e3378
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0
53bcb1ac12397043989c7cfd3e39017e0dc80711ef4a0f36eb5a12e3c2e2bf3a
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
68bff66cf8d82525aad285074b4c2115d1649b37a96b19b8c285a4477d0ede42
73918053b6fb69d8979aefebf48c1a39e7cd181afdb5ac6f435c0269fd73eb00
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15
7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27
862d399c75dadd5c6eb5eeacce01cf698704f9f03b9cb5c25c276dddcba302a3
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
96c149495f920f27a78b10cc583bcfeb01c8bd3332f28df5af77c9c613535e8d
97295cea001f1806f7ab973ff388da4f7f224b6fd27e807837659d6adf971cc3
a1ba283da1d62bcaa542f7cc7c1f0bff6a12a625bdb884e1c4926b4af7e0e94f
ad75f91fe2a592369f5214ffc0b87250fc9898a9fea1856627ec8c552f6a0506
b0ae1bcddeb95b5167dba225f4fb7df020d9dc2089bc9e63fcc6ce9ea64b4fd5
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
db075d9a84feaffe10448a916c3a84a0386eaccecaa04d52095a0bdc024550ec
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e
f497510887a970081306ab0aa88c785a2addc1fee98e0b993564978552a39b09
f9526d9ee98c341a123915806dae0e219e5a4605086db261f16aa3a491df601d