urlscan.io logo urlscan.io
SecurityTrails logo

sandbox.dev.clover.com Open in urlscan Pro
34.117.169.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fp.tickett.net/
Effective URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2F...
Submission: On August 08 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 41 HTTP transactions. The main IP is 34.117.169.22, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is sandbox.dev.clover.com. The Cisco Umbrella rank of the primary domain is 984416.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on January 4th 2022. Valid for: a year.
This is the only time sandbox.dev.clover.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2600:9000:206e:3600:17:f1fd:4b80:21 (United States)

ASN16509 (AMAZON-02, US)
fp.tickett.net
20    34.117.169.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.169.117.34.bc.googleusercontent.com
sandbox.dev.clover.com
5    2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:acf (None, )

ASN- ()
maxcdn.bootstrapcdn.com
Apex Domain
Subdomains		 Transfer
20 clover.com
sandbox.dev.clover.com — Cisco Umbrella Rank: 984416
2 MB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
82 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
4 KB
4 tickett.net
fp.tickett.net
42 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 161
126 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
48 KB
41 7
Domain Requested by
20 sandbox.dev.clover.com fp.tickett.net
sandbox.dev.clover.com
5 www.google-analytics.com sandbox.dev.clover.com
www.google-analytics.com
www.googletagmanager.com
5 fonts.googleapis.com sandbox.dev.clover.com
4 fp.tickett.net fp.tickett.net
2 apis.google.com sandbox.dev.clover.com
apis.google.com
1 maxcdn.bootstrapcdn.com sandbox.dev.clover.com
1 www.googletagmanager.com sandbox.dev.clover.com
41 7

This site contains no links.

Subject Issuer Validity Valid
*.fp.tickett.net
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
*.dev.clover.com
AlphaSSL CA - SHA256 - G2		 2022-01-04 -
2023-02-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Frame ID: DC759873CCD271D1353DD794806080A5
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Clover Dashboard

Page URL History Show full URLs

  1. https://fp.tickett.net/ Page URL
  2. https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined Page URL
  3. https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

41
Requests

93 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

2787 kB
Transfer

7681 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fp.tickett.net/ Page URL
  2. https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined Page URL
  3. https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
fp.tickett.net/ 		600 B
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.tickett.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:3600:17:f1fd:4b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94265629139e6fe4c6c0fca829054f5b01c248c96dff2683835a4e950ff410c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0, s-maxage=2
content-length
600
content-type
text/html
date
Mon, 08 Aug 2022 11:28:58 GMT
etag
"c4ac88db5c077cc8881dfdc91f8476a4"
last-modified
Mon, 25 Jul 2022 18:53:40 GMT
server
AmazonS3
via
1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
x-amz-cf-id
HfLKgyUySDmqhdyYD7wPbw6gOtAxVlzEPMVrogGOnlAB48lDf9jYBw==
x-amz-cf-pop
VIE50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
chunk-vendors.792d6c6a.js
fp.tickett.net/js/ 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.tickett.net/js/chunk-vendors.792d6c6a.js
Requested by
Host: fp.tickett.net
URL: https://fp.tickett.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:3600:17:f1fd:4b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00782c021d5b436068a0adfd9d03cbfe0ac5860680678ea49744f932fc79f26b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fp.tickett.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Aug 2022 11:28:58 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 18:53:40 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
W/"3aedf985d5bb733836cc96ef184c32f8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
C9-igJdEYtmi8rZpFy4RkpkjTVMOVqPpEbcaSmh5uAvBq3tEhta9DA==
app.8cf6a346.js
fp.tickett.net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.tickett.net/js/app.8cf6a346.js
Requested by
Host: fp.tickett.net
URL: https://fp.tickett.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:3600:17:f1fd:4b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26f9c794ceb54a7c00a509346e819e9277a0a5ebe66ddd619719158990d87375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fp.tickett.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Aug 2022 11:28:58 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 18:53:40 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
W/"57e3989227df9083e9c4483fc2162aa5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
q20llOGzC08wuP-39FoJLRpHACUaCmBW6lpugXLe-VzktMQM0OJuzw==
app.5a37a04f.css
fp.tickett.net/css/ 		34 B
411 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fp.tickett.net/css/app.5a37a04f.css
Requested by
Host: fp.tickett.net
URL: https://fp.tickett.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:3600:17:f1fd:4b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22bd469897ab57ae4be24fb10a04faf743689db5b707175ac0e727f25aa20a4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fp.tickett.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Aug 2022 11:28:58 GMT
via
1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 18:53:40 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
"1a37c69df5442c0919920c7879b9a0ee"
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
34
x-amz-cf-id
SjK3w3qc_IBEs6TYEBpJX1Bpyh5J27TTK4K7wwbcOb8mTl7GtMSh1g==
devices
sandbox.dev.clover.com/v3/merchants/null/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/v3/merchants/null/devices
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://fp.tickett.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
0
access-control-allow-headers
accept, authorization, content-type
access-control-allow-methods
GET, POST, DELETE
access-control-allow-origin
https://fp.tickett.net
access-control-max-age
60
strict-transport-security
31536000
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
devices
sandbox.dev.clover.com/v3/merchants/null/ 		30 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/v3/merchants/null/devices
Requested by
Host: fp.tickett.net
URL: https://fp.tickett.net/js/chunk-vendors.792d6c6a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://fp.tickett.net/
Authorization
Bearer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
31536000
x-content-type-options
nosniff
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://fp.tickett.net
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
none
Content-Length
30
x-xss-protection
1; mode=block
expires
Tue, 17 Sep 1991 10:00:00 PST
authorize
sandbox.dev.clover.com/oauth/ 		26 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Requested by
Host: fp.tickett.net
URL: https://fp.tickett.net/js/app.8cf6a346.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
3c9933ff29c4f49cee64eb1d83eb2449b3a5ad572fcd323e1fab32f30f5531f8
Security Headers
Name Value
Content-Security-Policy img-src blob: data: 'self' firstdatacloverwebsite.122.2o7.net bat.bing.com res.cloudinary.com dxkdvuv3hanyu.cloudfront.net *.clover.com cloverstatic.com dev.cloverstatic.com images.contentful.com mver.agkn.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net www.facebook.com connect.facebook.net www.google-analytics.com lh3.googleusercontent.com maps.googleapis.com chart.googleapis.com *.ggpht.com *.googleapis.com www.google.com www.google.com.pr www.google.com.br www.google.com.co www.google.ca www.google.de www.google.ie www.google.co.uk www.google.co.in www.google.co.id www.googletagmanager.com *.gstatic.com heapanalytics.com script.hotjar.com static.intercomassets.com js.intercomcdn.com *.intercomcdn.com uploads.intercomusercontent.com *.online-metrix.net *.optimizely.com *.perka.com *.rfihub.com api.swiftype.com pixel.quantserve.com apintego.com app.nav.com *.t.eloqua.com track.hubspot.com play.vidyard.com cdn.vidyard.com px.ads.linkedin.com p.adsymptotic.com amplify.outbrain.com amplifypixel.outbrain.com tr.outbrain.com data.pendo.io recaptcha.net js.adsrvr.org www.redditstatic.com alb.reddit.com ct.pinterest.com s.pinimg.com www.linkedin.com s.amazon-adsystem.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com data.adxcel-ec2.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com cx.atdmt.com *.eyeota.net; font-src data: 'self' maxcdn.bootstrapcdn.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.gstatic.com heapanalytics.com script.hotjar.com js.intercomcdn.com use.fontawesome.com *.walkme.com *.qualtrics.com; frame-src mailto: 'self' tel: players.brightcove.net *.clover.com cloverstatic.com dev.cloverstatic.com bid.g.doubleclick.net *.fls.doubleclick.net www.facebook.com accounts.google.com maps.googleapis.com docs.google.com optimize.google.com www.google.com boards.greenhouse.io vars.hotjar.com intercom-sheets.com h.online-metrix.net *.cdn.optimizely.com *.optimizely.com *.perka.com player.vimeo.com www.youtube.com *.ytimg.com play.vidyard.com *.lendingfront.com s.amazon-adsystem.com *.walkme.com mainstreetinsights.firstdata.com *.mydisputemanager.com insight.adsrvr.org; connect-src 'self' bat.bing.com *.clover.com cloverstatic.com dev.cloverstatic.com wss://*.clover.com *.contentful.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net secure.geonames.org www.facebook.com www.google-analytics.com apis.google.com maps.googleapis.com storage.googleapis.com www.google.com *.greenhouse.io heapanalytics.com vc.hotjar.io *.hotjar.com wss://*.hotjar.com uploads.intercomcdn.com uploads.intercomusercontent.com *.intercom.io wss://*.intercom.io h.online-metrix.net *.optimizely.com *.perka.com sentry.io *.sentry.io api.swiftype.com d8a92f8280d84184bb69a3a4b74b61d1.app-search.us-west-2.aws.found.io collection.bgalytics.com *.tt.omtrdc.net oamportal.fdvs.com *.donorschoose.org collection.sperse.io data.pendo.io recaptcha.net ct.pinterest.com *.walkme.com ordering.app s.yimg.com *.mydisputemanager.com *.evidon.com order-ahead-network-production.herokuapp.com api.thelevelup.com wss://ws4.hotjar.com *.qualtrics.com *.datadoghq.com *.browser-intake-datadoghq.com helpcenter-v3.ent.us-west-2.aws.found.io helpcenter-v3-56e522.ent.us-west-2.aws.found.io stage.ordering.app thelevelup.ngrok.io order-ahead-network-qa.herokuapp.com; default-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' bat.bing.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com nifegwy.neustar.biz googleads.g.doubleclick.net stats.g.doubleclick.net connect.facebook.net www.googleadservices.com www.google-analytics.com apis.google.com maps.googleapis.com tagmanager.google.com optimize.google.com www.google.com www.googletagmanager.com tracker.gaconnector.com *.greenhouse.io www.gstatic.com heapanalytics.com cdn.heapanalytics.com script.hotjar.com static.hotjar.com mpsnare.iesnare.com js.intercomcdn.com widget.intercom.io solutions.invocacdn.com pnapi.invoca.net h.online-metrix.net cdn.optimizely.com *.optimizely.com rules.quantcount.com cdn.ravenjs.com tags.tiqcdn.com www.youtube.com secure.quantserve.com *.ytimg.com *.t.eloqua.com play.vidyard.com apps.mypurecloud.com secure.adnxs.com js.hs-scripts.com js.hs-analytics.net analytics.bgalytics.com img.en25.com snap.licdn.com amplify.outbrain.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com recaptcha.net js.adsrvr.org www.redditstatic.com s.pinimg.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com munchkin.marketo.net; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.googleapis.com chart.googleapis.com tagmanager.google.com optimize.google.com heapanalytics.com *.natwest-tyl.com *.usetyl.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com *.mydisputemanager.com *.qualtrics.com; media-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com *.ctfassets.net js.intercomcdn.com cdn.vidyard.com gateway.zscloud.net commondatastorage.googleapis.com; object-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com h.online-metrix.net vd.vidoplay.com; frame-ancestors *.clover.com cloverstatic.com dev.cloverstatic.com *.natwest-tyl.com *.usetyl.com *.optimizely.com *.perka.com; child-src intercom-sheets.com player.vimeo.com www.youtube.com; report-uri ;
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fp.tickett.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
accept-ranges
bytes
cache-control
max-age=1800
content-security-policy
img-src blob: data: 'self' firstdatacloverwebsite.122.2o7.net bat.bing.com res.cloudinary.com dxkdvuv3hanyu.cloudfront.net *.clover.com cloverstatic.com dev.cloverstatic.com images.contentful.com mver.agkn.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net www.facebook.com connect.facebook.net www.google-analytics.com lh3.googleusercontent.com maps.googleapis.com chart.googleapis.com *.ggpht.com *.googleapis.com www.google.com www.google.com.pr www.google.com.br www.google.com.co www.google.ca www.google.de www.google.ie www.google.co.uk www.google.co.in www.google.co.id www.googletagmanager.com *.gstatic.com heapanalytics.com script.hotjar.com static.intercomassets.com js.intercomcdn.com *.intercomcdn.com uploads.intercomusercontent.com *.online-metrix.net *.optimizely.com *.perka.com *.rfihub.com api.swiftype.com pixel.quantserve.com apintego.com app.nav.com *.t.eloqua.com track.hubspot.com play.vidyard.com cdn.vidyard.com px.ads.linkedin.com p.adsymptotic.com amplify.outbrain.com amplifypixel.outbrain.com tr.outbrain.com data.pendo.io recaptcha.net js.adsrvr.org www.redditstatic.com alb.reddit.com ct.pinterest.com s.pinimg.com www.linkedin.com s.amazon-adsystem.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com data.adxcel-ec2.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com cx.atdmt.com *.eyeota.net; font-src data: 'self' maxcdn.bootstrapcdn.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.gstatic.com heapanalytics.com script.hotjar.com js.intercomcdn.com use.fontawesome.com *.walkme.com *.qualtrics.com; frame-src mailto: 'self' tel: players.brightcove.net *.clover.com cloverstatic.com dev.cloverstatic.com bid.g.doubleclick.net *.fls.doubleclick.net www.facebook.com accounts.google.com maps.googleapis.com docs.google.com optimize.google.com www.google.com boards.greenhouse.io vars.hotjar.com intercom-sheets.com h.online-metrix.net *.cdn.optimizely.com *.optimizely.com *.perka.com player.vimeo.com www.youtube.com *.ytimg.com play.vidyard.com *.lendingfront.com s.amazon-adsystem.com *.walkme.com mainstreetinsights.firstdata.com *.mydisputemanager.com insight.adsrvr.org; connect-src 'self' bat.bing.com *.clover.com cloverstatic.com dev.cloverstatic.com wss://*.clover.com *.contentful.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net secure.geonames.org www.facebook.com www.google-analytics.com apis.google.com maps.googleapis.com storage.googleapis.com www.google.com *.greenhouse.io heapanalytics.com vc.hotjar.io *.hotjar.com wss://*.hotjar.com uploads.intercomcdn.com uploads.intercomusercontent.com *.intercom.io wss://*.intercom.io h.online-metrix.net *.optimizely.com *.perka.com sentry.io *.sentry.io api.swiftype.com d8a92f8280d84184bb69a3a4b74b61d1.app-search.us-west-2.aws.found.io collection.bgalytics.com *.tt.omtrdc.net oamportal.fdvs.com *.donorschoose.org collection.sperse.io data.pendo.io recaptcha.net ct.pinterest.com *.walkme.com ordering.app s.yimg.com *.mydisputemanager.com *.evidon.com order-ahead-network-production.herokuapp.com api.thelevelup.com wss://ws4.hotjar.com *.qualtrics.com *.datadoghq.com *.browser-intake-datadoghq.com helpcenter-v3.ent.us-west-2.aws.found.io helpcenter-v3-56e522.ent.us-west-2.aws.found.io stage.ordering.app thelevelup.ngrok.io order-ahead-network-qa.herokuapp.com; default-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' bat.bing.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com nifegwy.neustar.biz googleads.g.doubleclick.net stats.g.doubleclick.net connect.facebook.net www.googleadservices.com www.google-analytics.com apis.google.com maps.googleapis.com tagmanager.google.com optimize.google.com www.google.com www.googletagmanager.com tracker.gaconnector.com *.greenhouse.io www.gstatic.com heapanalytics.com cdn.heapanalytics.com script.hotjar.com static.hotjar.com mpsnare.iesnare.com js.intercomcdn.com widget.intercom.io solutions.invocacdn.com pnapi.invoca.net h.online-metrix.net cdn.optimizely.com *.optimizely.com rules.quantcount.com cdn.ravenjs.com tags.tiqcdn.com www.youtube.com secure.quantserve.com *.ytimg.com *.t.eloqua.com play.vidyard.com apps.mypurecloud.com secure.adnxs.com js.hs-scripts.com js.hs-analytics.net analytics.bgalytics.com img.en25.com snap.licdn.com amplify.outbrain.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com recaptcha.net js.adsrvr.org www.redditstatic.com s.pinimg.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com munchkin.marketo.net; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.googleapis.com chart.googleapis.com tagmanager.google.com optimize.google.com heapanalytics.com *.natwest-tyl.com *.usetyl.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com *.mydisputemanager.com *.qualtrics.com; media-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com *.ctfassets.net js.intercomcdn.com cdn.vidyard.com gateway.zscloud.net commondatastorage.googleapis.com; object-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com h.online-metrix.net vd.vidoplay.com; frame-ancestors *.clover.com cloverstatic.com dev.cloverstatic.com *.natwest-tyl.com *.usetyl.com *.optimizely.com *.perka.com; child-src intercom-sheets.com player.vimeo.com www.youtube.com; report-uri ;
date
Mon, 08 Aug 2022 11:28:58 GMT
etag
W/"62c74c98-689f"
expires
Mon, 08 Aug 2022 11:58:58 GMT
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
strict-transport-security
31536000
transfer-encoding
chunked
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vendor-7054d2d8ca21c20c94fceccb07599d0d.css
sandbox.dev.clover.com/assets/ 		22 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/assets/vendor-7054d2d8ca21c20c94fceccb07599d0d.css
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
4a177a8d513c2de003c97f26124e3862e80ec9f9441fab3032e1fbfc1a441a1a
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:28:59 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-57a7"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:58:59 GMT
web-6df849f9976c5eef5be65ddd89909922.css
sandbox.dev.clover.com/assets/ 		465 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/assets/web-6df849f9976c5eef5be65ddd89909922.css
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
d132b961538978b95a7998f821a22f8b916d8dd067172cf6d2c02d4d5d25dd6f
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:28:59 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-74247"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:58:59 GMT
css
fonts.googleapis.com/ 		14 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700|Merriweather:400italic,700italic
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d155e36dc8d6767ad9e28ef7464a33a77f442208f5dc85d555c2b5eb76f9b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 11:28:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 11:28:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 11:28:59 GMT
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic|Roboto+Slab:300,400,700
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
778404d5b9d8f47360103f167ac38cdcf663e99bcec991b832f9480e0be88bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 11:28:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 11:28:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 11:28:59 GMT
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 11:28:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 11:28:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 11:28:59 GMT
vendor-e0f7a77135c59d5b9a4704220c72d122.js
sandbox.dev.clover.com/assets/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
3f6308ea0e09112989fdee9b0972a34535c90cf614ed4f8830a0e374fe4c8b3c
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:28:59 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-48a09d"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:58:59 GMT
web-df355a51919850bf1a8a378d37348402.js
sandbox.dev.clover.com/assets/ 		624 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/assets/web-df355a51919850bf1a8a378d37348402.js
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
b3ab14da4ed2c47722a8b9198a72d84f70bc67f949f0ea42d5c70bfc10e6b407
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:28:59 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-9bf3d"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:58:59 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1620
date
Mon, 08 Aug 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 08 Aug 2022 13:02:00 GMT
engine-e58e0fe3a4f1bf8d92415bfb11995a4c.js
sandbox.dev.clover.com/engines-dist/oauth/assets/ 		156 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/engines-dist/oauth/assets/engine-e58e0fe3a4f1bf8d92415bfb11995a4c.js
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-2717b"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
engine-vendor-d41d8cd98f00b204e9800998ecf8427e.css
sandbox.dev.clover.com/engines-dist/oauth/assets/ 		0
359 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/engines-dist/oauth/assets/engine-vendor-d41d8cd98f00b204e9800998ecf8427e.css
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
"62c74c98-0"
strict-transport-security
31536000
Content-Type
text/css
cache-control
max-age=1800
accept-ranges
bytes
Content-Length
0
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
engine-vendor-d41d8cd98f00b204e9800998ecf8427e.js
sandbox.dev.clover.com/engines-dist/oauth/assets/ 		0
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/engines-dist/oauth/assets/engine-vendor-d41d8cd98f00b204e9800998ecf8427e.js
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
"62c74c98-0"
strict-transport-security
31536000
Content-Type
text/javascript
cache-control
max-age=1800
accept-ranges
bytes
Content-Length
0
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
current
sandbox.dev.clover.com/v3/accounts/ 		30 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/v3/accounts/current?expand=primaryDeveloper%2CprimaryEnterprise%2CprimaryMerchant%2CprimaryMerchant.properties%2CprimaryReseller&_=1659958140273
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sandbox.dev.clover.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
31536000
x-content-type-options
nosniff
Content-Type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
none
Content-Length
30
x-xss-protection
1; mode=block
expires
Tue, 17 Sep 1991 10:00:00 PST
ALLOW_DASHBOARD_OPT_IN
sandbox.dev.clover.com/v3/server_feature/ 		75 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/v3/server_feature/ALLOW_DASHBOARD_OPT_IN?_=1659958140274
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sandbox.dev.clover.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
31536000
Content-Encoding
gzip
x-content-type-options
nosniff
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Tue, 17 Sep 1991 10:00:00 PST
clover-horizontal-white-2014.svg
sandbox.dev.clover.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandbox.dev.clover.com/assets/images/clover-horizontal-white-2014.svg
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
"62c74c98-798"
vary
Accept-Encoding
Content-Type
image/svg+xml
cache-control
max-age=1800
strict-transport-security
31536000
accept-ranges
bytes
Content-Length
1944
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
loading_48x48.gif
sandbox.dev.clover.com/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandbox.dev.clover.com/assets/images/loading_48x48.gif
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/oauth/authorize?client_id=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
"62c74c98-de6"
strict-transport-security
31536000
Content-Type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
Content-Length
3558
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
Graphik-Regular-Cy-Gr-Web.woff2
sandbox.dev.clover.com/assets/fonts/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/assets/fonts/Graphik-Regular-Cy-Gr-Web.woff2
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/web-6df849f9976c5eef5be65ddd89909922.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.dev.clover.com/assets/web-6df849f9976c5eef5be65ddd89909922.css
Origin
https://sandbox.dev.clover.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-c049"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/plain; charset=UTF-8
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
fontawesome-webfont.woff2
sandbox.dev.clover.com/fonts/ 		9 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/web-6df849f9976c5eef5be65ddd89909922.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.dev.clover.com/assets/web-6df849f9976c5eef5be65ddd89909922.css
Origin
https://sandbox.dev.clover.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-12d68"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/plain; charset=UTF-8
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
Graphik-Medium-Cy-Gr-Web.woff2
sandbox.dev.clover.com/assets/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/assets/fonts/Graphik-Medium-Cy-Gr-Web.woff2
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/web-6df849f9976c5eef5be65ddd89909922.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.dev.clover.com/assets/web-6df849f9976c5eef5be65ddd89909922.css
Origin
https://sandbox.dev.clover.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:00 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 21:14:00 GMT
etag
W/"62c74c98-d30d"
vary
Accept-Encoding, Accept-Encoding
Content-Type
text/plain; charset=UTF-8
cache-control
max-age=1800
transfer-encoding
chunked
strict-transport-security
31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:00 GMT
Primary Request login
sandbox.dev.clover.com/dashboard/ 		8 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/assets/vendor-e0f7a77135c59d5b9a4704220c72d122.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
6a2d4b99d47c50ebdeef034ef6f51a6029e8c2e7bfeea8010e34477a3784cbf8
Security Headers
Name Value
Content-Security-Policy img-src blob: data: 'self' firstdatacloverwebsite.122.2o7.net bat.bing.com res.cloudinary.com dxkdvuv3hanyu.cloudfront.net *.clover.com cloverstatic.com dev.cloverstatic.com images.contentful.com mver.agkn.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net www.facebook.com connect.facebook.net www.google-analytics.com lh3.googleusercontent.com maps.googleapis.com chart.googleapis.com *.ggpht.com *.googleapis.com www.google.com www.google.com.pr www.google.com.br www.google.com.co www.google.ca www.google.de www.google.ie www.google.co.uk www.google.co.in www.google.co.id www.googletagmanager.com *.gstatic.com heapanalytics.com script.hotjar.com static.intercomassets.com js.intercomcdn.com *.intercomcdn.com uploads.intercomusercontent.com *.online-metrix.net *.optimizely.com *.perka.com *.rfihub.com api.swiftype.com pixel.quantserve.com apintego.com app.nav.com *.t.eloqua.com track.hubspot.com play.vidyard.com cdn.vidyard.com px.ads.linkedin.com p.adsymptotic.com amplify.outbrain.com amplifypixel.outbrain.com tr.outbrain.com data.pendo.io recaptcha.net js.adsrvr.org www.redditstatic.com alb.reddit.com ct.pinterest.com s.pinimg.com www.linkedin.com s.amazon-adsystem.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com data.adxcel-ec2.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com cx.atdmt.com *.eyeota.net; font-src data: 'self' maxcdn.bootstrapcdn.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.gstatic.com heapanalytics.com script.hotjar.com js.intercomcdn.com use.fontawesome.com *.walkme.com *.qualtrics.com; frame-src mailto: 'self' tel: players.brightcove.net *.clover.com cloverstatic.com dev.cloverstatic.com bid.g.doubleclick.net *.fls.doubleclick.net www.facebook.com accounts.google.com maps.googleapis.com docs.google.com optimize.google.com www.google.com boards.greenhouse.io vars.hotjar.com intercom-sheets.com h.online-metrix.net *.cdn.optimizely.com *.optimizely.com *.perka.com player.vimeo.com www.youtube.com *.ytimg.com play.vidyard.com *.lendingfront.com s.amazon-adsystem.com *.walkme.com mainstreetinsights.firstdata.com *.mydisputemanager.com insight.adsrvr.org; connect-src 'self' bat.bing.com *.clover.com cloverstatic.com dev.cloverstatic.com wss://*.clover.com *.contentful.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net secure.geonames.org www.facebook.com www.google-analytics.com apis.google.com maps.googleapis.com storage.googleapis.com www.google.com *.greenhouse.io heapanalytics.com vc.hotjar.io *.hotjar.com wss://*.hotjar.com uploads.intercomcdn.com uploads.intercomusercontent.com *.intercom.io wss://*.intercom.io h.online-metrix.net *.optimizely.com *.perka.com sentry.io *.sentry.io api.swiftype.com d8a92f8280d84184bb69a3a4b74b61d1.app-search.us-west-2.aws.found.io collection.bgalytics.com *.tt.omtrdc.net oamportal.fdvs.com *.donorschoose.org collection.sperse.io data.pendo.io recaptcha.net ct.pinterest.com *.walkme.com ordering.app s.yimg.com *.mydisputemanager.com *.evidon.com order-ahead-network-production.herokuapp.com api.thelevelup.com wss://ws4.hotjar.com *.qualtrics.com *.datadoghq.com *.browser-intake-datadoghq.com helpcenter-v3.ent.us-west-2.aws.found.io helpcenter-v3-56e522.ent.us-west-2.aws.found.io stage.ordering.app thelevelup.ngrok.io order-ahead-network-qa.herokuapp.com; default-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' bat.bing.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com nifegwy.neustar.biz googleads.g.doubleclick.net stats.g.doubleclick.net connect.facebook.net www.googleadservices.com www.google-analytics.com apis.google.com maps.googleapis.com tagmanager.google.com optimize.google.com www.google.com www.googletagmanager.com tracker.gaconnector.com *.greenhouse.io www.gstatic.com heapanalytics.com cdn.heapanalytics.com script.hotjar.com static.hotjar.com mpsnare.iesnare.com js.intercomcdn.com widget.intercom.io solutions.invocacdn.com pnapi.invoca.net h.online-metrix.net cdn.optimizely.com *.optimizely.com rules.quantcount.com cdn.ravenjs.com tags.tiqcdn.com www.youtube.com secure.quantserve.com *.ytimg.com *.t.eloqua.com play.vidyard.com apps.mypurecloud.com secure.adnxs.com js.hs-scripts.com js.hs-analytics.net analytics.bgalytics.com img.en25.com snap.licdn.com amplify.outbrain.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com recaptcha.net js.adsrvr.org www.redditstatic.com s.pinimg.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com munchkin.marketo.net; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.googleapis.com chart.googleapis.com tagmanager.google.com optimize.google.com heapanalytics.com *.natwest-tyl.com *.usetyl.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com *.mydisputemanager.com *.qualtrics.com; media-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com *.ctfassets.net js.intercomcdn.com cdn.vidyard.com gateway.zscloud.net commondatastorage.googleapis.com; object-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com h.online-metrix.net vd.vidoplay.com; frame-ancestors *.clover.com cloverstatic.com dev.cloverstatic.com *.natwest-tyl.com *.usetyl.com *.optimizely.com *.perka.com; child-src intercom-sheets.com player.vimeo.com www.youtube.com; report-uri ;
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.dev.clover.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
accept-ranges
bytes
cache-control
max-age=1800
content-security-policy
img-src blob: data: 'self' firstdatacloverwebsite.122.2o7.net bat.bing.com res.cloudinary.com dxkdvuv3hanyu.cloudfront.net *.clover.com cloverstatic.com dev.cloverstatic.com images.contentful.com mver.agkn.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net www.facebook.com connect.facebook.net www.google-analytics.com lh3.googleusercontent.com maps.googleapis.com chart.googleapis.com *.ggpht.com *.googleapis.com www.google.com www.google.com.pr www.google.com.br www.google.com.co www.google.ca www.google.de www.google.ie www.google.co.uk www.google.co.in www.google.co.id www.googletagmanager.com *.gstatic.com heapanalytics.com script.hotjar.com static.intercomassets.com js.intercomcdn.com *.intercomcdn.com uploads.intercomusercontent.com *.online-metrix.net *.optimizely.com *.perka.com *.rfihub.com api.swiftype.com pixel.quantserve.com apintego.com app.nav.com *.t.eloqua.com track.hubspot.com play.vidyard.com cdn.vidyard.com px.ads.linkedin.com p.adsymptotic.com amplify.outbrain.com amplifypixel.outbrain.com tr.outbrain.com data.pendo.io recaptcha.net js.adsrvr.org www.redditstatic.com alb.reddit.com ct.pinterest.com s.pinimg.com www.linkedin.com s.amazon-adsystem.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com data.adxcel-ec2.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com cx.atdmt.com *.eyeota.net; font-src data: 'self' maxcdn.bootstrapcdn.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.gstatic.com heapanalytics.com script.hotjar.com js.intercomcdn.com use.fontawesome.com *.walkme.com *.qualtrics.com; frame-src mailto: 'self' tel: players.brightcove.net *.clover.com cloverstatic.com dev.cloverstatic.com bid.g.doubleclick.net *.fls.doubleclick.net www.facebook.com accounts.google.com maps.googleapis.com docs.google.com optimize.google.com www.google.com boards.greenhouse.io vars.hotjar.com intercom-sheets.com h.online-metrix.net *.cdn.optimizely.com *.optimizely.com *.perka.com player.vimeo.com www.youtube.com *.ytimg.com play.vidyard.com *.lendingfront.com s.amazon-adsystem.com *.walkme.com mainstreetinsights.firstdata.com *.mydisputemanager.com insight.adsrvr.org; connect-src 'self' bat.bing.com *.clover.com cloverstatic.com dev.cloverstatic.com wss://*.clover.com *.contentful.com *.ctfassets.net googleads.g.doubleclick.net stats.g.doubleclick.net secure.geonames.org www.facebook.com www.google-analytics.com apis.google.com maps.googleapis.com storage.googleapis.com www.google.com *.greenhouse.io heapanalytics.com vc.hotjar.io *.hotjar.com wss://*.hotjar.com uploads.intercomcdn.com uploads.intercomusercontent.com *.intercom.io wss://*.intercom.io h.online-metrix.net *.optimizely.com *.perka.com sentry.io *.sentry.io api.swiftype.com d8a92f8280d84184bb69a3a4b74b61d1.app-search.us-west-2.aws.found.io collection.bgalytics.com *.tt.omtrdc.net oamportal.fdvs.com *.donorschoose.org collection.sperse.io data.pendo.io recaptcha.net ct.pinterest.com *.walkme.com ordering.app s.yimg.com *.mydisputemanager.com *.evidon.com order-ahead-network-production.herokuapp.com api.thelevelup.com wss://ws4.hotjar.com *.qualtrics.com *.datadoghq.com *.browser-intake-datadoghq.com helpcenter-v3.ent.us-west-2.aws.found.io helpcenter-v3-56e522.ent.us-west-2.aws.found.io stage.ordering.app thelevelup.ngrok.io order-ahead-network-qa.herokuapp.com; default-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' bat.bing.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com nifegwy.neustar.biz googleads.g.doubleclick.net stats.g.doubleclick.net connect.facebook.net www.googleadservices.com www.google-analytics.com apis.google.com maps.googleapis.com tagmanager.google.com optimize.google.com www.google.com www.googletagmanager.com tracker.gaconnector.com *.greenhouse.io www.gstatic.com heapanalytics.com cdn.heapanalytics.com script.hotjar.com static.hotjar.com mpsnare.iesnare.com js.intercomcdn.com widget.intercom.io solutions.invocacdn.com pnapi.invoca.net h.online-metrix.net cdn.optimizely.com *.optimizely.com rules.quantcount.com cdn.ravenjs.com tags.tiqcdn.com www.youtube.com secure.quantserve.com *.ytimg.com *.t.eloqua.com play.vidyard.com apps.mypurecloud.com secure.adnxs.com js.hs-scripts.com js.hs-analytics.net analytics.bgalytics.com img.en25.com snap.licdn.com amplify.outbrain.com app.pendo.io cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com recaptcha.net js.adsrvr.org www.redditstatic.com s.pinimg.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com s.yimg.com sp.analytics.yahoo.com *.mydisputemanager.com *.evidon.com *.qualtrics.com munchkin.marketo.net; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com cdnjs.cloudflare.com *.clover.com cloverstatic.com dev.cloverstatic.com fonts.googleapis.com chart.googleapis.com tagmanager.google.com optimize.google.com heapanalytics.com *.natwest-tyl.com *.usetyl.com *.walkme.com d3sbxpiag177w8.cloudfront.net s3.walkmeusercontent.com *.mydisputemanager.com *.qualtrics.com; media-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com *.ctfassets.net js.intercomcdn.com cdn.vidyard.com gateway.zscloud.net commondatastorage.googleapis.com; object-src 'self' *.clover.com cloverstatic.com dev.cloverstatic.com h.online-metrix.net vd.vidoplay.com; frame-ancestors *.clover.com cloverstatic.com dev.cloverstatic.com *.natwest-tyl.com *.usetyl.com *.optimizely.com *.perka.com; child-src intercom-sheets.com player.vimeo.com www.youtube.com; report-uri ;
date
Mon, 08 Aug 2022 11:29:00 GMT
etag
W/"62c870f2-1e41"
expires
Mon, 08 Aug 2022 11:59:00 GMT
last-modified
Fri, 08 Jul 2022 18:01:22 GMT
strict-transport-security
31536000
transfer-encoding
chunked
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fontawesome-webfont.woff
sandbox.dev.clover.com/fonts/ 		0
0
Graphik-Regular-Cy-Gr-Web.woff
sandbox.dev.clover.com/assets/fonts/ 		0
0
client:platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js?onload=start
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5948ad5ec9b9ae6032bcc29e624e5f87091cff4a41b74ba9a77c0ff822ea3f39
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20362
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 08 Aug 2022 11:29:01 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"94216bbdad93e7c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Aug 2022 11:29:01 GMT
main.69ee1f56.js
sandbox.dev.clover.com/web-react/assets/js/ 		537 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/web-react/assets/js/main.69ee1f56.js
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
0b76209b09eef3d7b43b79948664cde45e5473bd750656425e59c1f85438b29b
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:01 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 18:01:22 GMT
etag
W/"62c870f2-86454"
strict-transport-security
31536000
Content-Type
text/javascript
cache-control
max-age=1800
transfer-encoding
chunked
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:01 GMT
main.ba3f87c3.css
sandbox.dev.clover.com/web-react/assets/css/ 		231 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox.dev.clover.com/web-react/assets/css/main.ba3f87c3.css
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.117.169.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.169.117.34.bc.googleusercontent.com
Software
/
Resource Hash
32475142c7961ee91a68adb89157fea8c8a9cecba94585c0a849d2ebbf0c77da
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:01 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 18:01:22 GMT
etag
W/"62c870f2-39de7"
strict-transport-security
31536000
Content-Type
text/css
cache-control
max-age=1800
transfer-encoding
chunked
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Mon, 08 Aug 2022 11:59:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1621
date
Mon, 08 Aug 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 08 Aug 2022 13:02:00 GMT
gtm.js
www.googletagmanager.com/ 		128 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5V239X
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23b55b16498fca308ef6fe2d5a6a65ee6b9f6eaa2931064c12ab0804824fe720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Aug 2022 11:29:01 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=977899218&t=pageview&_s=1&dl=https%3A%2F%2Fsandbox.dev.clover.com%2Fdashboard%2Flogin%3FhardRedirect%3Dtrue%26webRedirectUrl%3Dhttps%253A%252F%252Fsandbox.dev.clover.com%252Foauth%252Fauthorize%253Fclient_id%253Dundefined&ul=en-us&de=UTF-8&dt=Clover%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAAC~&jid=2065921944&gjid=2113746808&cid=790565906.1659958141&tid=UA-78671710-12&_gid=1389961069.1659958141&_r=1&z=1386380240
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sandbox.dev.clover.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:29:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sandbox.dev.clover.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 		312 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js?onload=start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d1394e48d10a4dc81d553430b36de11acc3b921548ca6a3c9c0819b4a6a80f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 09:58:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108142
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 15:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Aug 2023 09:58:48 GMT
optimize.js
www.google-analytics.com/gtm/ 		111 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-5XCM4SG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5V239X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
308ce4c48566f2a6088f8d053c197f2b3f9572f3d8a04fac125a5bac75074a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43477
x-xss-protection
0
expires
Mon, 08 Aug 2022 11:29:01 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=977899218&t=pageview&_s=1&dl=https%3A%2F%2Fsandbox.dev.clover.com%2Fdashboard%2Flogin%3FhardRedirect%3Dtrue%26webRedirectUrl%3Dhttps%253A%252F%252Fsandbox.dev.clover.com%252Foauth%252Fauthorize%253Fclient_id%253Dundefined&ul=en-us&de=UTF-8&dt=Clover%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEABQAAAAC~&jid=1669910826&gjid=1501936111&cid=790565906.1659958141&tid=UA-78671710-12&_gid=1389961069.1659958141&_r=1&gtm=2wg830P5V239X&z=641654432
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sandbox.dev.clover.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 11:29:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sandbox.dev.clover.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:29:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
8932222
cdn-cachedat
2021-04-27 02:55:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
20ef76385c78a44fceb260bdcc05eda0
cf-ray
7377e96f296001f0-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,500
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 11:29:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 11:29:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 11:29:01 GMT
css
fonts.googleapis.com/ 		2 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab
Requested by
Host: sandbox.dev.clover.com
URL: https://sandbox.dev.clover.com/dashboard/login?hardRedirect=true&webRedirectUrl=https%3A%2F%2Fsandbox.dev.clover.com%2Foauth%2Fauthorize%3Fclient_id%3Dundefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
104a4a5f9dc5812a9fb4c4d6ba6594ce850ae344fdf658dd49cda44feed20881
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.dev.clover.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 09:53:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 11:29:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 11:29:01 GMT
2363.9abfa94e.chunk.js
sandbox.dev.clover.com/web-react/assets/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sandbox.dev.clover.com
URL
https://sandbox.dev.clover.com/fonts/fontawesome-webfont.woff?v=4.7.0
Domain
sandbox.dev.clover.com
URL
https://sandbox.dev.clover.com/assets/fonts/Graphik-Regular-Cy-Gr-Web.woff
Domain
sandbox.dev.clover.com
URL
https://sandbox.dev.clover.com/web-react/assets/js/2363.9abfa94e.chunk.js

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| nonStandardAntiFlicker object| dataLayer string| propertyId string| GoogleAnalyticsObject function| ga boolean| isCypress string| containerId object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gapi object| ___jsl object| google_tag_manager string| _gtmHeapAppId object| google_optimize object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis

5 Cookies

Domain/Path Name / Value
.clover.com/ Name: _ga
Value: GA1.2.790565906.1659958141
.clover.com/ Name: _gid
Value: GA1.2.1389961069.1659958141
.clover.com/ Name: _gat
Value: 1
.clover.com/ Name: heapSampling
Value: 0.16053090178354812
.clover.com/ Name: _gat_UA-78671710-12
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://sandbox.dev.clover.com/v3/merchants/null/devices
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://sandbox.dev.clover.com/v3/accounts/current?expand=primaryDeveloper%2CprimaryEnterprise%2CprimaryMerchant%2CprimaryMerchant.properties%2CprimaryReseller&_=1659958140273
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
fonts.googleapis.com
fp.tickett.net
maxcdn.bootstrapcdn.com
sandbox.dev.clover.com
www.google-analytics.com
www.googletagmanager.com
sandbox.dev.clover.com
2600:9000:206e:3600:17:f1fd:4b80:21
2606:4700::6812:acf
2a00:1450:4001:801::200e
2a00:1450:4001:810::200e
2a00:1450:4001:827::2008
2a00:1450:400e:80f::200a
34.117.169.22
00782c021d5b436068a0adfd9d03cbfe0ac5860680678ea49744f932fc79f26b
0b76209b09eef3d7b43b79948664cde45e5473bd750656425e59c1f85438b29b
104a4a5f9dc5812a9fb4c4d6ba6594ce850ae344fdf658dd49cda44feed20881
22bd469897ab57ae4be24fb10a04faf743689db5b707175ac0e727f25aa20a4a
23b55b16498fca308ef6fe2d5a6a65ee6b9f6eaa2931064c12ab0804824fe720
26f9c794ceb54a7c00a509346e819e9277a0a5ebe66ddd619719158990d87375
308ce4c48566f2a6088f8d053c197f2b3f9572f3d8a04fac125a5bac75074a54
32475142c7961ee91a68adb89157fea8c8a9cecba94585c0a849d2ebbf0c77da
3c9933ff29c4f49cee64eb1d83eb2449b3a5ad572fcd323e1fab32f30f5531f8
3f6308ea0e09112989fdee9b0972a34535c90cf614ed4f8830a0e374fe4c8b3c
4a177a8d513c2de003c97f26124e3862e80ec9f9441fab3032e1fbfc1a441a1a
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5948ad5ec9b9ae6032bcc29e624e5f87091cff4a41b74ba9a77c0ff822ea3f39
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a2d4b99d47c50ebdeef034ef6f51a6029e8c2e7bfeea8010e34477a3784cbf8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
778404d5b9d8f47360103f167ac38cdcf663e99bcec991b832f9480e0be88bfc
94265629139e6fe4c6c0fca829054f5b01c248c96dff2683835a4e950ff410c4
9d1394e48d10a4dc81d553430b36de11acc3b921548ca6a3c9c0819b4a6a80f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
b3ab14da4ed2c47722a8b9198a72d84f70bc67f949f0ea42d5c70bfc10e6b407
d132b961538978b95a7998f821a22f8b916d8dd067172cf6d2c02d4d5d25dd6f
d155e36dc8d6767ad9e28ef7464a33a77f442208f5dc85d555c2b5eb76f9b2c2