urlscan.io logo urlscan.io
SecurityTrails logo

app.shopvox.com Open in urlscan Pro
54.159.120.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoic...
Effective URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565...
Submission: On August 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 54.159.120.114, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.shopvox.com. The Cisco Umbrella rank of the primary domain is 372788.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 6th 2023. Valid for: a year.
This is the only time app.shopvox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 54.159.120.114 14618 (AMAZON-AES)
2 151.101.66.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:249... 16509 (AMAZON-02)
8 162.159.140.47 13335 (CLOUDFLAR...)
2 151.101.65.49 54113 (FASTLY)
1 2600:1f18:24e... 14618 (AMAZON-AES)
24 7
7    54.159.120.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-120-114.compute-1.amazonaws.com
app.shopvox.com
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
static.filestackapi.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2600:9000:2490:6a00:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
web.squarecdn.com
8    162.159.140.47 (None, )

ASN13335 (CLOUDFLARENET, US)
pci-connect.squareup.com
js.squareup.com
connect.squareup.com
2    151.101.65.49 (United States)

ASN54113 (FASTLY, US)
square-fonts-production-f.squarecdn.com
1    2600:1f18:24e6:b901:6735:803:75a5:b0c3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
csp-report.browser-intake-datadoghq.com
Apex Domain
Subdomains		 Transfer
8 squareup.com
pci-connect.squareup.com — Cisco Umbrella Rank: 42316
js.squareup.com — Cisco Umbrella Rank: 37413
connect.squareup.com — Cisco Umbrella Rank: 36101
42 KB
7 shopvox.com
app.shopvox.com — Cisco Umbrella Rank: 372788
719 KB
6 squarecdn.com
web.squarecdn.com — Cisco Umbrella Rank: 26753
square-fonts-production-f.squarecdn.com — Cisco Umbrella Rank: 37612
263 KB
2 filestackapi.com
static.filestackapi.com — Cisco Umbrella Rank: 20728
145 KB
1 browser-intake-datadoghq.com
csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 29204
1 gstatic.com
www.gstatic.com
19 KB
24 6
Domain Requested by
7 app.shopvox.com 1 redirects app.shopvox.com
5 pci-connect.squareup.com web.squarecdn.com
4 web.squarecdn.com app.shopvox.com
web.squarecdn.com
2 connect.squareup.com js.squareup.com
connect.squareup.com
2 square-fonts-production-f.squarecdn.com
2 static.filestackapi.com app.shopvox.com
1 csp-report.browser-intake-datadoghq.com app.shopvox.com
1 js.squareup.com web.squarecdn.com
1 www.gstatic.com app.shopvox.com
24 9

This site contains links to these domains. Also see Links.

Domain
www.shopvox.com
Subject Issuer Validity Valid
*.shopvox.com
Amazon RSA 2048 M02		 2023-07-06 -
2024-08-03		 a year crt.sh
*.filestackapi.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
web.squarecdn.com
Amazon RSA 2048 M01		 2023-04-02 -
2024-04-30		 a year crt.sh
api.squareup.com
Entrust Certification Authority - L1K		 2023-03-24 -
2024-03-23		 a year crt.sh
js.squareup.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-01		 a year crt.sh
*.squarecdn.com
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh
connect.squareup.com
Cloudflare Inc ECC CA-3		 2023-02-22 -
2024-02-21		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh

This page contains 4 frames:

Primary Page: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Frame ID: CAAE4D530A4D7321B84445E38B245ABF
Requests: 14 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.0/main-iframe.html?applicationId=sq0idp-jVrt3wcvtMbhwFm6ZybAjA&hostname=app.shopvox.com
Frame ID: FCA8104BFA5020559FE433EBBC781BFB
Requests: 3 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.0/single-card-element-iframe.html
Frame ID: 935426E4300BB5AD142E61351FAD601B
Requests: 3 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fapp.shopvox.com%2Fclient%2F282fbe0f-2c6c-4d9d-9501-02b1292af5f4%2Fsquare_payments%2F683cc7d6-03a9-4a37-9d7b-11b685759565%2Finvoice%2Ffba38f0d-e262-47a8-b31f-28299e44a58b
Frame ID: 63C0E0768E0501A5ADC849443CD8238F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

shopVOX

Page URL History Show full URLs

  1. https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/payments/683cc7d6-03a9-4a37-9d7b... HTTP 302
    https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.squareup\.com

Page Statistics

24
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

9
Subdomains

7
IPs

3
Countries

1187 kB
Transfer

4562 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b HTTP 302
    https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fba38f0d-e262-47a8-b31f-28299e44a58b
app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/
Redirect Chain
  • https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
  • https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.120.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-120-114.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
1f1891f3af0404b306a362ee9de14b21fe5c9b8cd35461df0d895d1852262676
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 02 Aug 2023 20:50:44 GMT
etag
W/"1f1891f3af0404b306a362ee9de14b21"
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=63072000; includeSubDomains max-age=63072000; includeSubdomains; preload
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN DENY
x-permitted-cross-domain-policies
none
x-request-id
1b59165b-2329-4454-bcc9-9e81f41ff8ce
x-runtime
0.110669
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 02 Aug 2023 20:50:44 GMT
location
https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=63072000; includeSubDomains max-age=63072000; includeSubdomains; preload
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN DENY
x-permitted-cross-domain-policies
none
x-request-id
d4a63c01-33ad-429f-845d-6a45cd5c354d
x-runtime
0.029579
x-xss-protection
1; mode=block
filestack.min.js
static.filestackapi.com/filestack-js/3.x.x/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.filestackapi.com/filestack-js/3.x.x/filestack.min.js
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
87f1ea01f64fcd488a91b1116c9a332ae3fe850ef410f095c3ab1d43797395d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:44 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
TKVBVQT7BH8VGC4S
age
72098
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
73789
x-amz-id-2
7BxlrrGAWT8LQUHFWFXxcZ7qFO2gTKSRo3mTvqbvQDEngGai04R8ThuVDd4qOBCCu5opvIR9Su4=
x-served-by
cache-fra-eddf8230052-FRA
last-modified
Thu, 06 Apr 2023 12:51:07 GMT
x-timer
S1691009445.673356,VS0,VE0
etag
"55a9fd1b63eca73cd6ec251754dbba9f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
365
application-18117c45036aa2c823860a1a3cde47a349b26788ee0d701f30c9eac464a583fb.css
app.shopvox.com/assets/ 		621 KB
155 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.shopvox.com/assets/application-18117c45036aa2c823860a1a3cde47a349b26788ee0d701f30c9eac464a583fb.css
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.120.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-120-114.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
42e0172f8a65ec91c04d52f9348f33f9a4a71e522e5227df360715386a1659e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:44 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
last-modified
Wed, 02 Aug 2023 19:21:14 GMT
server
nginx/1.24.0
strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"64caacaa-2681f"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
157727
expires
Thu, 31 Dec 2037 23:55:55 GMT
client-f7e362a15e4a85058ae3538dc0bf632ad6f41c4140835258b828ecd6e9554d95.css
app.shopvox.com/assets/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.shopvox.com/assets/client-f7e362a15e4a85058ae3538dc0bf632ad6f41c4140835258b828ecd6e9554d95.css
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.120.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-120-114.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
47db2a9be57f2fb85b30cda422c929dd38ade3ead8792c6fe241e7379036b00d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:44 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
last-modified
Wed, 02 Aug 2023 19:21:14 GMT
server
nginx/1.24.0
strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"64caacaa-876"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
2166
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader.js
www.gstatic.com/charts/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18534
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 17:52:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gviz"
vary
Accept-Encoding, Origin
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Wed, 02 Aug 2023 21:01:13 GMT
application_white-03301e0ce2a37a49bcbaa3571d5684ed8b9edb609c0c8d3017f2bfc5da1ef155.png
app.shopvox.com/assets/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.shopvox.com/assets/logos/application_white-03301e0ce2a37a49bcbaa3571d5684ed8b9edb609c0c8d3017f2bfc5da1ef155.png
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.120.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-120-114.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
cf8a8e10724cf2a085dc60bad0f0467341bbf5d366a89422cb8b454340bd6835
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:45 GMT
content-security-policy
frame-ancestors 'none'
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Wed, 02 Aug 2023 19:21:14 GMT
server
nginx/1.24.0
etag
"64caacaa-65f"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1631
expires
Thu, 31 Dec 2037 23:55:55 GMT
square.js
web.squarecdn.com/v1/ 		346 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/v1/square.js
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6a00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10cf5c11797970ddcb58709384f3413fc672ed4a8d00ff4ffa70005f6a0183d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
ts69SjGUK26rhNg9yLv3BONI0is56leh
content-encoding
gzip
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date
Wed, 02 Aug 2023 02:37:16 GMT
x-amz-cf-pop
FRA56-P6
age
65673
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-websdk-version
1.51.0
last-modified
Sat, 29 Jul 2023 01:05:24 GMT
server
AmazonS3
etag
W/"675e1efc37a6c16b10a8a69de6ca7a90"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-meta-md5checksum
Z14e/DemwWsQqKad5sp6kA==
cache-control
public, max-age=300
vary
Accept-Encoding
x-amz-cf-id
agbWBobpCDos8sbBHFTXu2i_o2JYYxAPtJa6tbySvo9Ji9dEgJkquA==
application-39cd8efee18651dc22bc49a0e4f2bb819680e368e62b69bdac107592b244f826.js
app.shopvox.com/assets/ 		2 MB
527 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.shopvox.com/assets/application-39cd8efee18651dc22bc49a0e4f2bb819680e368e62b69bdac107592b244f826.js
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.120.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-120-114.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
20d20154f04ce853731e27b16981721a8b8d0f55907bf7883989d852c976b6ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:45 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
last-modified
Wed, 02 Aug 2023 19:21:14 GMT
server
nginx/1.24.0
strict-transport-security
max-age=63072000; includeSubdomains; preload
etag
"64caacaa-838df"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
538847
expires
Thu, 31 Dec 2037 23:55:55 GMT
filestack.min.js
static.filestackapi.com/filestack-js/3.23.1/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.filestackapi.com/filestack-js/3.23.1/filestack.min.js
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e69a722ce5898db115bbec419c2045db121d317d456f53b5ca8ec505021ff49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:45 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
NVKM8V28PB8JKHH0
age
744290
x-cache
HIT
content-length
73681
x-amz-id-2
5QkwXkFhJLMZY6+YpP2w9WGqXeunjBy/2CD3WW2cPpDCcYjToCpBUGGTLJX+KLcganlM1A9bUz0=
x-served-by
cache-fra-eddf8230052-FRA
last-modified
Fri, 16 Apr 2021 08:10:30 GMT
x-timer
S1691009445.073728,VS0,VE2
etag
"f8f3ab7278ec1b2d7dd925b9b1e8a800"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
varelaround-regular-webfont-3fa79fe27d0f5e561cb6afb6ff15ef3ea2bc2d26017672c9949f36a7eeb86775.woff2
app.shopvox.com/assets/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.shopvox.com/assets/varelaround-regular-webfont-3fa79fe27d0f5e561cb6afb6ff15ef3ea2bc2d26017672c9949f36a7eeb86775.woff2
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/assets/application-18117c45036aa2c823860a1a3cde47a349b26788ee0d701f30c9eac464a583fb.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.120.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-120-114.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
0dbe13ef076981192406b44a90efb1cafda28f276860deb793a23bfe09c8a28e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

Referer
https://app.shopvox.com/assets/application-18117c45036aa2c823860a1a3cde47a349b26788ee0d701f30c9eac464a583fb.css
Origin
https://app.shopvox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:45 GMT
content-security-policy
frame-ancestors 'none'
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Wed, 02 Aug 2023 19:21:14 GMT
server
nginx/1.24.0
etag
"64caacaa-61d4"
x-frame-options
DENY
content-type
font/woff2
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
25044
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-iframe.html
web.squarecdn.com/1.51.0/ Frame FCA8 		331 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.51.0/main-iframe.html?applicationId=sq0idp-jVrt3wcvtMbhwFm6ZybAjA&hostname=app.shopvox.com
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6a00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fee06ec1e7fb9351aea2d11041704d77616d813ec2785feab4a56a05dd7e7f9

Request headers

Referer
https://app.shopvox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
300
age
72288
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html
date
Wed, 02 Aug 2023 00:45:58 GMT
etag
W/"e3436cac51ccc0da3b4880559308918a"
last-modified
Wed, 26 Jul 2023 17:45:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-id
Z1a15DWQnRDnEzq-qIhHayCM3r2m7-X1FhjWdf0yYOfgZpe8lM4H2w==
x-amz-cf-pop
FRA56-P6
x-amz-meta-md5checksum
40NsrFHMwNo7SIBVkwiRig==
x-amz-meta-websdk-version
1.51.0
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
E9f9Cl8W1dhUO9MGPeXHrOAXcCntS21r
x-cache
Hit from cloudfront
hydrate
pci-connect.squareup.com/payments/ Frame FCA8 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-jVrt3wcvtMbhwFm6ZybAjA&hostname=app.shopvox.com&locationId=L4KKMXBRBTF8Y&version=1.51.0
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.0/main-iframe.html?applicationId=sq0idp-jVrt3wcvtMbhwFm6ZybAjA&hostname=app.shopvox.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
216285e9736e87ea60065f76da36f4092f1a99c1d163ff51107781ad2093b1fc
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Wed, 02 Aug 2023 20:50:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
square-version
2018-07-12
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
x-speleo-traceid
CDN-67c111ac-739a-480b-bc4d-cd65795efbec
x-sq-region
iad2b
content-length
592
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f0931edadba3630-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
hydrate
pci-connect.squareup.com/payments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-jVrt3wcvtMbhwFm6ZybAjA&hostname=app.shopvox.com&locationId=L4KKMXBRBTF8Y&version=1.51.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://web.squarecdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://web.squarecdn.com
cf-cache-status
DYNAMIC
cf-ray
7f0931eafe162c20-FRA
content-length
0
date
Wed, 02 Aug 2023 20:50:45 GMT
server
cloudflare
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-sq-dc
iad2b
x-sq-region
iad2b
x-xss-protection
1; mode=block
data.js
js.squareup.com/payments/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/payments/data.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b42cae442133e03c16cba98d69f7fdeff915d25452ff892af573a2ecb1b7950
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=631152000; includeSubDomains; preload
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-sq-region
iad2b
cf-ray
7f0931f09e713603-FRA
x-xss-protection
1; mode=block
single-card-element-iframe.html
web.squarecdn.com/1.51.0/ Frame 9354 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.51.0/single-card-element-iframe.html
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6a00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475

Request headers

Referer
https://app.shopvox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
300
age
75248
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html
date
Tue, 01 Aug 2023 23:58:38 GMT
etag
W/"03e704396b83c27986cdb35eb350b127"
last-modified
Wed, 26 Jul 2023 17:45:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-id
4MmY1Hd288ZQ7i8P5-nhmVDbtpMr6o8JK8PiPLkW9zBeIUXRgVZr7g==
x-amz-cf-pop
FRA56-P6
x-amz-meta-md5checksum
A+cEOWuDwnmGzbNes1CxJw==
x-amz-meta-websdk-version
1.51.0
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
F.VL1qQSIONaEIEzjIzW1Z4IleGchv_2
x-cache
Hit from cloudfront
v2
pci-connect.squareup.com/payments/mtx/ 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.shopvox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 02 Aug 2023 20:50:46 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
x-sq-region
iad2b
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://app.shopvox.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f0931f079593630-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
card-wrapper.css
web.squarecdn.com/1.51.0/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.51.0/card-wrapper.css
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6a00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.shopvox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
igrl4fbWpQ0zEgwA0yWHBHLsKTJV2F4G
content-encoding
gzip
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date
Tue, 01 Aug 2023 21:44:50 GMT
x-amz-cf-pop
FRA56-P6
age
83232
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-websdk-version
1.51.0
last-modified
Wed, 26 Jul 2023 17:45:11 GMT
server
AmazonS3
etag
W/"fc8dede0a55deae1322d5d80b0e848a9"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
x-amz-meta-md5checksum
/I3t4KVd6uEyLV2AsOhIqQ==
cache-control
public, max-age=300
vary
Accept-Encoding
x-amz-cf-id
04qCqtCqke6-r36pF4qPTK_Fzjjzo_id5R8FAdE3oi3xlto82aqR-g==
SquareSansText-SemiBold.woff2
square-fonts-production-f.squarecdn.com/square-text/ Frame 9354 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-SemiBold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43e9f474fbfcea626f5c6f7b16e9548d20db3e0f9308f0309055094a659d617e

Request headers

Referer
https://web.squarecdn.com/
Origin
https://web.squarecdn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
T.Fi2jXpi6gSBy2uNXe5nKmpFK7jYlbq
date
Wed, 02 Aug 2023 20:50:46 GMT
via
1.1 varnish
x-amz-request-id
ZYKBCHZ0N422PTVH
age
2545839
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
34596
x-amz-id-2
WxqiwKc5GbRcrEqCWH7ZqR/YpYtJFc/EGAmu96O1/yPBqLb/Hq8YRKiCiztWu1tTlRYPbxM+FtQ=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Thu, 27 Apr 2023 18:45:33 GMT
server
AmazonS3
x-timer
S1691009447.544177,VS0,VE1
etag
"71118ca72a92780d2589a4d5be5fc6e6"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
SquareSansText-Regular.woff2
square-fonts-production-f.squarecdn.com/square-text/ Frame 9354 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83

Request headers

Referer
https://web.squarecdn.com/
Origin
https://web.squarecdn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
eXxmSKhEDvfGtW3vez6fcv7YHTlX3n4O
date
Wed, 02 Aug 2023 20:50:46 GMT
via
1.1 varnish
x-amz-request-id
DS9ENYSA5QZBFZNP
age
1116656
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
32724
x-amz-id-2
kxviIlwrUxwoPmKZCwIIgkxi/J6iNWnCS9KvJqIcKOfyN7oLeUBRxoO+wuuioNYkLp73G03/sDo=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Thu, 27 Apr 2023 18:45:33 GMT
server
AmazonS3
x-timer
S1691009447.544198,VS0,VE2
etag
"8bd78348f371229eadd661171386f3b8"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
v2
pci-connect.squareup.com/payments/mtx/ Frame FCA8 		0
44 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.0/main-iframe.html?applicationId=sq0idp-jVrt3wcvtMbhwFm6ZybAjA&hostname=app.shopvox.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.squarecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 02 Aug 2023 20:50:46 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
x-sq-region
iad2b
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f0931f10a2b3630-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
frame.html
connect.squareup.com/payments/data/ Frame 63C0 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fapp.shopvox.com%2Fclient%2F282fbe0f-2c6c-4d9d-9501-02b1292af5f4%2Fsquare_payments%2F683cc7d6-03a9-4a37-9d7b-11b685759565%2Finvoice%2Ffba38f0d-e262-47a8-b31f-28299e44a58b
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939033e8e8be18958ce8387d18b584b44a5dd3dff21d881f5077f7723f9ebf36
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.shopvox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f0931f429e33632-FRA
content-encoding
gzip
content-security-policy
default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
content-type
text/html
date
Wed, 02 Aug 2023 20:50:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-sq-dc
iad2b
x-sq-region
iad2b
x-xss-protection
1; mode=block
v2
pci-connect.squareup.com/payments/mtx/ 		0
67 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.shopvox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 02 Aug 2023 20:50:47 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
x-sq-region
iad2b
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://app.shopvox.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f0931f6b9f93630-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
logs
csp-report.browser-intake-datadoghq.com/api/v2/ Frame 63C0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Requested by
Host: app.shopvox.com
URL: https://app.shopvox.com/client/282fbe0f-2c6c-4d9d-9501-02b1292af5f4/square_payments/683cc7d6-03a9-4a37-9d7b-11b685759565/invoice/fba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6735:803:75a5:b0c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.squareup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/csp-report

Response headers
token
connect.squareup.com/v2/analytics/ Frame 63C0 		108 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/v2/analytics/token
Requested by
Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fapp.shopvox.com%2Fclient%2F282fbe0f-2c6c-4d9d-9501-02b1292af5f4%2Fsquare_payments%2F683cc7d6-03a9-4a37-9d7b-11b685759565%2Finvoice%2Ffba38f0d-e262-47a8-b31f-28299e44a58b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e433e23d874232c2eb94fae9d3da42ff92427e86248178cde04eb22f8cf603
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fapp.shopvox.com%2Fclient%2F282fbe0f-2c6c-4d9d-9501-02b1292af5f4%2Fsquare_payments%2F683cc7d6-03a9-4a37-9d7b-11b685759565%2Finvoice%2Ffba38f0d-e262-47a8-b31f-28299e44a58b
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Aug 2023 20:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
square-version
2018-07-12
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
x-speleo-traceid
CDN-e8628d54-9f0f-4c68-b01a-96516736b5de
x-sq-region
iad2b
content-length
124
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://connect.squareup.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f0931f79f683632-FRA
access-control-allow-headers
Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| filestackInternals object| __SENTRY__ object| filestack object| filestack_client object| google object| Square object| wysihtml5 function| Base function| $ function| jQuery object| jQuery112409951739719973101 function| _ function| moment object| rangy string| model object| InflectionJS object| Modernizr object| Select2 object| intlTelInputGlobals function| intlTelInput object| VOX function| remove_fields function| add_fields function| filepicker_onchange function| filepicker_picture_onchange function| filepicker_proofs_onchange function| filepicker_vendor_price_list_onchange function| worker_state_file_change function| openFilestackPicker function| hidePickerButtonFillUrl object| voxSquare

5 Cookies

Domain/Path Name / Value
.shopvox.com/ Name: _shopvox_session
Value: y5fPmNhpRN%2BOq94oB0DFNDG%2BaauGf8xBRGWvEiJBeneTEvxPgDbZZFHPizqkd%2BqRTeBPfmsjgaxzFPGnif42bovKcSMkXoxI1OA9E%2F5%2FRMjz%2B327Kx%2FL6vab3zr6Dmu%2BVWiEHohUNjSm%2FBGoUfOuH1ygI%2Fn84ltp8nNgiGmtW%2F4kik%2B8YCUax0GOwlHimHyJQqalAu5Ldp%2FNt6%2BSr5U1eA1jEKfqL5S2hrk%2Fl49p2dypjXq9YjEv5rvekoytPbGhPavS4XustIk2knvsOYaRMtP9b2DAq2s06lSLgt18C8BnGoHBtl31Cy%2F81Tj5VVd%2Fu1RmmBZAfNdlX6QnHxaGKzW6SmJwuA%3D%3D--5EohagdA5ohO%2Btqx--VGx31AwjKd7%2FBG39lJIcvg%3D%3D
.squareup.com/ Name: _savt
Value: ccf6e8d7-1914-4e27-a3c1-a9d75f3bf74b
.pci-connect.squareup.com/ Name: __cf_bm
Value: Jt1L8dFs5ybOXTCDGu3HFhXxPfw2vwoBzQGJ4g1DwRY-1691009446-0-AdiHxoQ40cNN8Q4n79TmITkoZD/6ctmv4tVEtT3ghfNrTQckQVy5dlRvEWVqeWAMM7nLqDZXyQdZNTHn8YN9ak0=
.js.squareup.com/ Name: __cf_bm
Value: Dl9FOzbPd2uMp__FA1yQbW7w8iIeI.0Er77RMsOj0bU-1691009446-0-AXkpaAxYtadsPrxHI3NlbClGPtr5HIirWWarkCFlvN7xPc8m+pByx1Sk5mfzjoLcuClyr4sO2mBOt7qwBUAhKWI=
.connect.squareup.com/ Name: __cf_bm
Value: w2nqyO6z54i4WroNW2vNGj1CzjBnxWxyprOXsTtvajY-1691009447-0-AVCUJ582siyYouuvnIYs4lIOB7/86N/r/85zgJIeGc9sZQDDUiu6VKGk3lOPRtNO9X0IVRr43vD3UFTpsX4CML8=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.shopvox.com
connect.squareup.com
csp-report.browser-intake-datadoghq.com
js.squareup.com
pci-connect.squareup.com
square-fonts-production-f.squarecdn.com
static.filestackapi.com
web.squarecdn.com
www.gstatic.com
151.101.65.49
151.101.66.133
162.159.140.47
2600:1f18:24e6:b901:6735:803:75a5:b0c3
2600:9000:2490:6a00:13:4005:e4c0:93a1
2a00:1450:4001:828::2003
54.159.120.114
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
0dbe13ef076981192406b44a90efb1cafda28f276860deb793a23bfe09c8a28e
10cf5c11797970ddcb58709384f3413fc672ed4a8d00ff4ffa70005f6a0183d5
1f1891f3af0404b306a362ee9de14b21fe5c9b8cd35461df0d895d1852262676
20d20154f04ce853731e27b16981721a8b8d0f55907bf7883989d852c976b6ff
216285e9736e87ea60065f76da36f4092f1a99c1d163ff51107781ad2093b1fc
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
42e0172f8a65ec91c04d52f9348f33f9a4a71e522e5227df360715386a1659e8
43e9f474fbfcea626f5c6f7b16e9548d20db3e0f9308f0309055094a659d617e
47db2a9be57f2fb85b30cda422c929dd38ade3ead8792c6fe241e7379036b00d
4e69a722ce5898db115bbec419c2045db121d317d456f53b5ca8ec505021ff49
7fee06ec1e7fb9351aea2d11041704d77616d813ec2785feab4a56a05dd7e7f9
87f1ea01f64fcd488a91b1116c9a332ae3fe850ef410f095c3ab1d43797395d0
8b42cae442133e03c16cba98d69f7fdeff915d25452ff892af573a2ecb1b7950
939033e8e8be18958ce8387d18b584b44a5dd3dff21d881f5077f7723f9ebf36
ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83
cf8a8e10724cf2a085dc60bad0f0467341bbf5d366a89422cb8b454340bd6835
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e433e23d874232c2eb94fae9d3da42ff92427e86248178cde04eb22f8cf603